Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have multiple Trojans and other problems.


  • Please log in to reply
60 replies to this topic

#1 Beczappa

Beczappa

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 28 September 2012 - 07:04 AM

I noticed that my Firewall could not be turned back on (an error message comes up) and Symantec has picked up the following Trojans:

Backdoor.Trojan
Trojan.gen
Trojan.gen2
Trojan.zeroaccess.c


Also my Windows 7 says that it is not a genuine copy. Although I think work would disagree with this.

Currently I am on my iPad as I am too scared to use my laptop. Although I know that I will have to in order to fix it.

Thank you.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:07 PM

Posted 28 September 2012 - 07:30 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 28 September 2012 - 07:46 AM

Downloaded first one but wont open when I click on it. Will restart into safe mode with networking and continue.

#4 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 28 September 2012 - 07:52 AM

Not sure what the first one is meant to do but nothing happens when I click on it, right mouse click and select open or run.
Will continue to second part while I wait for your response. Thank you

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:07 PM

Posted 28 September 2012 - 07:54 AM

Download Listparts from here

For 32 bit

List parts 32

For 64 bit

List parts 64

Launch it,click on SCAN,post the log

#6 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 28 September 2012 - 07:55 AM

Sorry but what is 32 bit or 64 bit?

Sorry but what is 32 bit or 64 bit?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:07 PM

Posted 28 September 2012 - 07:58 AM

How to find 32 bit or 64 bit system

http://support.microsoft.com/kb/827218

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:07 PM

Posted 28 September 2012 - 07:58 AM

How to find 32 bit or 64 bit system

http://support.microsoft.com/kb/827218

#9 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 28 September 2012 - 08:05 AM

Listparts Log

ListParts by Farbar Version: 25-09-2012
Ran by 08500890 (administrator) on 28-09-2012 at 23:04:24
Windows 7 (X86)
Running From: D:\Users\08500890\Desktop\Virus stuff
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 28%
Total physical RAM: 3176.46 MB
Available physical RAM: 2260.99 MB
Total Pagefile: 6351.2 MB
Available Pagefile: 5506.1 MB
Total Virtual: 2047.88 MB
Available Virtual: 1965.74 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:50 GB) (Free:13.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive c: detected. Check for MBR/Partition infection.
2 Drive d: () (Fixed) (Total:385.76 GB) (Free:346.03 GB) NTFS
3 Drive e: () (Fixed) (Total:29.99 GB) (Free:29.89 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 50 GB 1024 KB
Partition 2 Primary 385 GB 50 GB
Partition 3 Primary 29 GB 435 GB
Partition 4 Primary 10 MB 465 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 50 GB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D NTFS Partition 385 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E NTFS Partition 29 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 17 (Suspicious Type)
Hidden: Yes
Active: Yes

There is no volume associated with this partition.

======================================================================================================

****** End Of Log ******

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:07 PM

Posted 28 September 2012 - 08:16 AM

Tdsskiller should launch now.

Post the TDSSkiller and ASWMBR logs

Edited by narenxp, 28 September 2012 - 08:40 AM.


#11 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 28 September 2012 - 08:27 AM

Can't open Kernel Detective - asks me which program I want to run it in?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:07 PM

Posted 28 September 2012 - 08:30 AM

Install winrar

http://www.rarlab.com/rar/wrar420.exe

You should be able to extract now

#13 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 28 September 2012 - 08:38 AM

23:35:29.0934 2604 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
23:35:31.0935 2604 ============================================================
23:35:31.0935 2604 Current date / time: 2012/09/28 23:35:31.0935
23:35:31.0935 2604 SystemInfo:
23:35:31.0935 2604
23:35:31.0935 2604 OS Version: 6.1.7601 ServicePack: 1.0
23:35:31.0935 2604 Product type: Workstation
23:35:31.0935 2604 ComputerName: R_ZAPPARONI_N01
23:35:31.0936 2604 UserName: 08500890
23:35:31.0936 2604 Windows directory: C:\Windows
23:35:31.0936 2604 System windows directory: C:\Windows
23:35:31.0936 2604 Processor architecture: Intel x86
23:35:31.0936 2604 Number of processors: 4
23:35:31.0936 2604 Page size: 0x1000
23:35:31.0936 2604 Boot type: Safe boot with network
23:35:31.0936 2604 ============================================================
23:35:32.0768 2604 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:35:32.0769 2604 ============================================================
23:35:32.0769 2604 \Device\Harddisk0\DR0:
23:35:32.0770 2604 MBR partitions:
23:35:32.0770 2604 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6400800
23:35:32.0770 2604 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6401000, BlocksNum 0x30383800
23:35:32.0770 2604 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x36784800, BlocksNum 0x3BFA030
23:35:32.0770 2604 ============================================================
23:35:32.0797 2604 C: <-> \Device\Harddisk0\DR0\Partition1
23:35:32.0823 2604 D: <-> \Device\Harddisk0\DR0\Partition2
23:35:32.0868 2604 E: <-> \Device\Harddisk0\DR0\Partition3
23:35:32.0868 2604 ============================================================
23:35:32.0868 2604 Initialize success
23:35:32.0868 2604 ============================================================
23:36:02.0408 3504 ============================================================
23:36:02.0408 3504 Scan started
23:36:02.0408 3504 Mode: Manual; TDLFS;
23:36:02.0408 3504 ============================================================
23:36:03.0059 3504 ================ Scan system memory ========================
23:36:03.0059 3504 System memory - ok
23:36:03.0060 3504 ================ Scan services =============================
23:36:03.0246 3504 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:36:03.0249 3504 1394ohci - ok
23:36:03.0270 3504 [ 4BDA7BEB8450E7FD50DF260BFD524861 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
23:36:03.0272 3504 5U877 - ok
23:36:03.0290 3504 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:36:03.0293 3504 ACPI - ok
23:36:03.0327 3504 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:36:03.0328 3504 AcpiPmi - ok
23:36:03.0429 3504 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:36:03.0431 3504 AdobeARMservice - ok
23:36:03.0489 3504 [ F19C98AD81D2C0E1BBFD8153D2C80EE8 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:36:03.0492 3504 AdobeFlashPlayerUpdateSvc - ok
23:36:03.0538 3504 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:36:03.0543 3504 adp94xx - ok
23:36:03.0550 3504 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:36:03.0553 3504 adpahci - ok
23:36:03.0557 3504 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:36:03.0560 3504 adpu320 - ok
23:36:03.0587 3504 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:36:03.0588 3504 AeLookupSvc - ok
23:36:03.0610 3504 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
23:36:03.0613 3504 AFD - ok
23:36:03.0617 3504 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
23:36:03.0619 3504 agp440 - ok
23:36:03.0654 3504 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:36:03.0655 3504 aic78xx - ok
23:36:03.0672 3504 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
23:36:03.0673 3504 ALG - ok
23:36:03.0712 3504 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
23:36:03.0713 3504 aliide - ok
23:36:03.0717 3504 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:36:03.0718 3504 amdagp - ok
23:36:03.0734 3504 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
23:36:03.0735 3504 amdide - ok
23:36:03.0739 3504 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:36:03.0740 3504 AmdK8 - ok
23:36:03.0743 3504 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:36:03.0745 3504 AmdPPM - ok
23:36:03.0748 3504 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:36:03.0749 3504 amdsata - ok
23:36:03.0754 3504 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:36:03.0756 3504 amdsbs - ok
23:36:03.0771 3504 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:36:03.0772 3504 amdxata - ok
23:36:03.0775 3504 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
23:36:03.0776 3504 AppID - ok
23:36:03.0800 3504 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:36:03.0801 3504 AppIDSvc - ok
23:36:03.0807 3504 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
23:36:03.0809 3504 Appinfo - ok
23:36:03.0865 3504 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:36:03.0868 3504 Apple Mobile Device - ok
23:36:03.0880 3504 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
23:36:03.0882 3504 AppMgmt - ok
23:36:03.0925 3504 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
23:36:03.0926 3504 arc - ok
23:36:03.0930 3504 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:36:03.0931 3504 arcsas - ok
23:36:04.0012 3504 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:36:04.0035 3504 aspnet_state - ok
23:36:04.0044 3504 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:36:04.0045 3504 AsyncMac - ok
23:36:04.0082 3504 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
23:36:04.0083 3504 atapi - ok
23:36:04.0117 3504 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:36:04.0122 3504 AudioEndpointBuilder - ok
23:36:04.0130 3504 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:36:04.0133 3504 Audiosrv - ok
23:36:04.0171 3504 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:36:04.0173 3504 AxInstSV - ok
23:36:04.0199 3504 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
23:36:04.0204 3504 b06bdrv - ok
23:36:04.0221 3504 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:36:04.0224 3504 b57nd60x - ok
23:36:04.0235 3504 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
23:36:04.0236 3504 BDESVC - ok
23:36:04.0249 3504 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
23:36:04.0250 3504 Beep - ok
23:36:04.0268 3504 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:36:04.0269 3504 blbdrive - ok
23:36:04.0314 3504 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:36:04.0318 3504 Bonjour Service - ok
23:36:04.0359 3504 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:36:04.0360 3504 bowser - ok
23:36:04.0378 3504 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:36:04.0378 3504 BrFiltLo - ok
23:36:04.0395 3504 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:36:04.0396 3504 BrFiltUp - ok
23:36:04.0417 3504 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
23:36:04.0419 3504 Browser - ok
23:36:04.0426 3504 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:36:04.0429 3504 Brserid - ok
23:36:04.0434 3504 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:36:04.0435 3504 BrSerWdm - ok
23:36:04.0438 3504 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:36:04.0439 3504 BrUsbMdm - ok
23:36:04.0456 3504 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:36:04.0457 3504 BrUsbSer - ok
23:36:04.0465 3504 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
23:36:04.0466 3504 BthEnum - ok
23:36:04.0470 3504 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:36:04.0471 3504 BTHMODEM - ok
23:36:04.0475 3504 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:36:04.0476 3504 BthPan - ok
23:36:04.0485 3504 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
23:36:04.0489 3504 BTHPORT - ok
23:36:04.0495 3504 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
23:36:04.0496 3504 bthserv - ok
23:36:04.0505 3504 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
23:36:04.0506 3504 BTHUSB - ok
23:36:04.0540 3504 [ 04DADF50C5E15B13EC182F1EA2DDFDA6 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
23:36:04.0544 3504 BTWAMPFL - ok
23:36:04.0573 3504 [ 72A50C2E459B8324F4653DF624CA7825 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:36:04.0575 3504 btwaudio - ok
23:36:04.0590 3504 [ B325AA3278AAD2AF0AC6AD9DCAAC744B ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
23:36:04.0592 3504 btwavdt - ok
23:36:04.0639 3504 [ A89121602AC6180739B70914BE662760 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
23:36:04.0653 3504 btwdins - ok
23:36:04.0668 3504 [ BD6C47B09CA590B55D999CD21380AAAE ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:36:04.0669 3504 btwl2cap - ok
23:36:04.0682 3504 [ BFEC5B8EBC5ED16CF56496A007917791 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:36:04.0683 3504 btwrchid - ok
23:36:04.0744 3504 [ 73F7E0619D6CE8480F3A575619FC974F ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
23:36:04.0744 3504 ccEvtMgr - ok
23:36:04.0765 3504 [ 73F7E0619D6CE8480F3A575619FC974F ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
23:36:04.0766 3504 ccSetMgr - ok
23:36:04.0783 3504 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:36:04.0784 3504 cdfs - ok
23:36:04.0828 3504 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:36:04.0830 3504 cdrom - ok
23:36:04.0847 3504 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
23:36:04.0848 3504 CertPropSvc - ok
23:36:04.0853 3504 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
23:36:04.0854 3504 circlass - ok
23:36:04.0866 3504 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
23:36:04.0869 3504 CLFS - ok
23:36:04.0909 3504 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:36:04.0926 3504 clr_optimization_v2.0.50727_32 - ok
23:36:04.0979 3504 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:36:05.0030 3504 clr_optimization_v4.0.30319_32 - ok
23:36:05.0046 3504 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
23:36:05.0046 3504 CmBatt - ok
23:36:05.0065 3504 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:36:05.0066 3504 cmdide - ok
23:36:05.0072 3504 [ 6427525D76F61D0C519B008D3680E8E7 ] CNG C:\Windows\system32\Drivers\cng.sys
23:36:05.0076 3504 CNG - ok
23:36:05.0094 3504 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:36:05.0095 3504 Compbatt - ok
23:36:05.0118 3504 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:36:05.0126 3504 CompositeBus - ok
23:36:05.0146 3504 COMSysApp - ok
23:36:05.0150 3504 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:36:05.0151 3504 crcdisk - ok
23:36:05.0175 3504 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:36:05.0177 3504 CryptSvc - ok
23:36:05.0184 3504 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
23:36:05.0188 3504 CSC - ok
23:36:05.0210 3504 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
23:36:05.0216 3504 CscService - ok
23:36:05.0233 3504 [ A522912EDB7900E09FA8F65ABC3E8C90 ] dc21x4vm C:\Windows\system32\DRIVERS\dc21x4vm.sys
23:36:05.0234 3504 dc21x4vm - ok
23:36:05.0261 3504 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
23:36:05.0299 3504 DcomLaunch - ok
23:36:05.0312 3504 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
23:36:05.0315 3504 defragsvc - ok
23:36:05.0338 3504 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:36:05.0340 3504 DfsC - ok
23:36:05.0374 3504 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:36:05.0377 3504 Dhcp - ok
23:36:05.0400 3504 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
23:36:05.0401 3504 discache - ok
23:36:05.0420 3504 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
23:36:05.0421 3504 Disk - ok
23:36:05.0455 3504 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
23:36:05.0457 3504 dmvsc - ok
23:36:05.0485 3504 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:36:05.0487 3504 Dnscache - ok
23:36:05.0492 3504 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
23:36:05.0495 3504 dot3svc - ok
23:36:05.0529 3504 [ 6D279BB0DE1D8E34F454E1B353F4D738 ] DozeHDD C:\Windows\system32\DRIVERS\DozeHDD.sys
23:36:05.0531 3504 DozeHDD - ok
23:36:05.0556 3504 [ 01E2180C3D72CB0ADCC43FB83D18942A ] DozeSvc C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
23:36:05.0559 3504 DozeSvc - ok
23:36:05.0591 3504 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
23:36:05.0593 3504 DPS - ok
23:36:05.0617 3504 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:36:05.0617 3504 drmkaud - ok
23:36:05.0643 3504 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:36:05.0651 3504 DXGKrnl - ok
23:36:05.0668 3504 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
23:36:05.0670 3504 EapHost - ok
23:36:05.0735 3504 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
23:36:05.0772 3504 ebdrv - ok
23:36:05.0821 3504 [ 385F3C0CAAFC80B83FACEF2E6B2FED77 ] eduSTAR Student Navigator Service C:\Program Files\eduSTAR\eduSTAR Student Navigator\StudentNavigatorService.exe
23:36:05.0822 3504 eduSTAR Student Navigator Service - ok
23:36:05.0857 3504 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
23:36:05.0862 3504 eeCtrl - ok
23:36:05.0885 3504 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
23:36:05.0886 3504 EFS - ok
23:36:05.0934 3504 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:36:05.0940 3504 ehRecvr - ok
23:36:05.0968 3504 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
23:36:05.0969 3504 ehSched - ok
23:36:06.0004 3504 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:36:06.0009 3504 elxstor - ok
23:36:06.0048 3504 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:36:06.0050 3504 EraserUtilRebootDrv - ok
23:36:06.0053 3504 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:36:06.0054 3504 ErrDev - ok
23:36:06.0082 3504 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
23:36:06.0085 3504 EventSystem - ok
23:36:06.0106 3504 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
23:36:06.0108 3504 exfat - ok
23:36:06.0113 3504 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:36:06.0115 3504 fastfat - ok
23:36:06.0164 3504 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
23:36:06.0170 3504 Fax - ok
23:36:06.0208 3504 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
23:36:06.0209 3504 fdc - ok
23:36:06.0223 3504 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
23:36:06.0224 3504 fdPHost - ok
23:36:06.0228 3504 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
23:36:06.0229 3504 FDResPub - ok
23:36:06.0243 3504 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:36:06.0244 3504 FileInfo - ok
23:36:06.0247 3504 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:36:06.0248 3504 Filetrace - ok
23:36:06.0265 3504 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:36:06.0266 3504 flpydisk - ok
23:36:06.0275 3504 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:36:06.0278 3504 FltMgr - ok
23:36:06.0300 3504 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
23:36:06.0309 3504 FontCache - ok
23:36:06.0364 3504 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:36:06.0366 3504 FontCache3.0.0.0 - ok
23:36:06.0380 3504 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:36:06.0381 3504 FsDepends - ok
23:36:06.0418 3504 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:36:06.0419 3504 fssfltr - ok
23:36:06.0504 3504 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23:36:06.0520 3504 fsssvc - ok
23:36:06.0538 3504 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:36:06.0539 3504 Fs_Rec - ok
23:36:06.0546 3504 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:36:06.0549 3504 fvevol - ok
23:36:06.0563 3504 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:36:06.0565 3504 gagp30kx - ok
23:36:06.0598 3504 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:36:06.0598 3504 GEARAspiWDM - ok
23:36:06.0634 3504 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
23:36:06.0641 3504 gpsvc - ok
23:36:06.0680 3504 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:36:06.0684 3504 gusvc - ok
23:36:06.0723 3504 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:36:06.0725 3504 hcw85cir - ok
23:36:06.0746 3504 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:36:06.0749 3504 HdAudAddService - ok
23:36:06.0770 3504 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:36:06.0772 3504 HDAudBus - ok
23:36:06.0783 3504 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:36:06.0784 3504 HidBatt - ok
23:36:06.0788 3504 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:36:06.0790 3504 HidBth - ok
23:36:06.0804 3504 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:36:06.0805 3504 HidIr - ok
23:36:06.0845 3504 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
23:36:06.0846 3504 hidserv - ok
23:36:06.0867 3504 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:36:06.0868 3504 HidUsb - ok
23:36:06.0885 3504 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:36:06.0887 3504 hkmsvc - ok
23:36:06.0893 3504 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:36:06.0896 3504 HomeGroupListener - ok
23:36:06.0915 3504 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:36:06.0918 3504 HomeGroupProvider - ok
23:36:06.0938 3504 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:36:06.0939 3504 HpSAMD - ok
23:36:06.0970 3504 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:36:06.0976 3504 HTTP - ok
23:36:06.0979 3504 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:36:06.0980 3504 hwpolicy - ok
23:36:06.0995 3504 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:36:06.0996 3504 i8042prt - ok
23:36:07.0028 3504 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:36:07.0032 3504 iaStorV - ok
23:36:07.0035 3504 [ FA3D0A6DA7BB7968EFE5C5BC267F0E55 ] IBMPMDRV C:\Windows\system32\drivers\ibmpmdrv.sys
23:36:07.0036 3504 IBMPMDRV - ok
23:36:07.0059 3504 [ 495F184A29B80B51735BCEE91D84FE8F ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
23:36:07.0061 3504 IBMPMSVC - ok
23:36:07.0126 3504 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:36:07.0135 3504 idsvc - ok
23:36:07.0327 3504 [ 503E4BD972362F52AE3308E4D7D07B05 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
23:36:07.0497 3504 igfx - ok
23:36:07.0524 3504 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:36:07.0525 3504 iirsp - ok
23:36:07.0561 3504 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
23:36:07.0569 3504 IKEEXT - ok
23:36:07.0657 3504 [ 8E34C5E7352CD83AD12E48D017C9FB7F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:36:07.0694 3504 IntcAzAudAddService - ok
23:36:07.0716 3504 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
23:36:07.0717 3504 intelide - ok
23:36:07.0738 3504 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\drivers\intelppm.sys
23:36:07.0740 3504 intelppm - ok
23:36:07.0765 3504 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:36:07.0767 3504 IPBusEnum - ok
23:36:07.0771 3504 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:36:07.0772 3504 IpFilterDriver - ok
23:36:07.0785 3504 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:36:07.0794 3504 IPMIDRV - ok
23:36:07.0798 3504 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:36:07.0800 3504 IPNAT - ok
23:36:07.0842 3504 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:36:07.0852 3504 iPod Service - ok
23:36:07.0861 3504 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:36:07.0861 3504 IRENUM - ok
23:36:07.0865 3504 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:36:07.0866 3504 isapnp - ok
23:36:07.0882 3504 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:36:07.0894 3504 iScsiPrt - ok
23:36:07.0922 3504 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:36:07.0923 3504 kbdclass - ok
23:36:07.0932 3504 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:36:07.0933 3504 kbdhid - ok
23:36:07.0943 3504 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
23:36:07.0945 3504 KeyIso - ok
23:36:07.0959 3504 [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:36:07.0961 3504 KSecDD - ok
23:36:07.0969 3504 [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:36:07.0978 3504 KSecPkg - ok
23:36:07.0996 3504 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
23:36:08.0000 3504 KtmRm - ok
23:36:08.0034 3504 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
23:36:08.0037 3504 LanmanServer - ok
23:36:08.0059 3504 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:36:08.0062 3504 LanmanWorkstation - ok
23:36:08.0120 3504 [ A4973DF3264791952D6D7AB56565DD55 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
23:36:08.0122 3504 LENOVO.CAMMUTE - ok
23:36:08.0158 3504 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
23:36:08.0160 3504 LENOVO.MICMUTE - ok
23:36:08.0185 3504 [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi C:\Windows\system32\DRIVERS\smiif32.sys
23:36:08.0187 3504 lenovo.smi - ok
23:36:08.0214 3504 [ 05D72DE005BE625CE60CE3BE4FAB9714 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
23:36:08.0216 3504 LENOVO.TPKNRSVC - ok
23:36:08.0225 3504 [ 158B67696EC8602CE71F9AA4F14AA96F ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
23:36:08.0228 3504 Lenovo.VIRTSCRLSVC - ok
23:36:08.0314 3504 [ 3AA70DCFB4ECB5FCFE6B9FF7CEC3A5EA ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
23:36:08.0344 3504 LiveUpdate - ok
23:36:08.0386 3504 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:36:08.0387 3504 lltdio - ok
23:36:08.0410 3504 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:36:08.0413 3504 lltdsvc - ok
23:36:08.0428 3504 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
23:36:08.0429 3504 lmhosts - ok
23:36:08.0459 3504 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:36:08.0461 3504 LSI_FC - ok
23:36:08.0465 3504 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:36:08.0467 3504 LSI_SAS - ok
23:36:08.0470 3504 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:36:08.0471 3504 LSI_SAS2 - ok
23:36:08.0475 3504 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:36:08.0477 3504 LSI_SCSI - ok
23:36:08.0481 3504 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
23:36:08.0482 3504 luafv - ok
23:36:08.0512 3504 MBAMProtector - ok
23:36:08.0531 3504 MBAMScheduler - ok
23:36:08.0545 3504 MBAMService - ok
23:36:08.0566 3504 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:36:08.0568 3504 Mcx2Svc - ok
23:36:08.0584 3504 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
23:36:08.0585 3504 megasas - ok
23:36:08.0606 3504 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:36:08.0609 3504 MegaSR - ok
23:36:08.0620 3504 [ CFCB18986426A2D8E66F1992636221D0 ] MEI C:\Windows\system32\drivers\HECI.sys
23:36:08.0621 3504 MEI - ok
23:36:08.0679 3504 Microsoft SharePoint Workspace Audit Service - ok
23:36:08.0703 3504 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
23:36:08.0704 3504 MMCSS - ok
23:36:08.0721 3504 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
23:36:08.0734 3504 Modem - ok
23:36:08.0744 3504 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:36:08.0745 3504 monitor - ok
23:36:08.0772 3504 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
23:36:08.0773 3504 mouclass - ok
23:36:08.0790 3504 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\drivers\mouhid.sys
23:36:08.0791 3504 mouhid - ok
23:36:08.0795 3504 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:36:08.0796 3504 mountmgr - ok
23:36:08.0885 3504 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:36:08.0887 3504 MozillaMaintenance - ok
23:36:08.0891 3504 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
23:36:08.0893 3504 mpio - ok
23:36:08.0909 3504 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:36:08.0910 3504 mpsdrv - ok
23:36:08.0914 3504 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:36:08.0916 3504 MRxDAV - ok
23:36:08.0924 3504 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:36:08.0925 3504 mrxsmb - ok
23:36:08.0937 3504 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:36:08.0945 3504 mrxsmb10 - ok
23:36:08.0949 3504 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:36:08.0951 3504 mrxsmb20 - ok
23:36:08.0954 3504 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
23:36:08.0955 3504 msahci - ok
23:36:08.0972 3504 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:36:08.0974 3504 msdsm - ok
23:36:08.0992 3504 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
23:36:08.0994 3504 MSDTC - ok
23:36:09.0028 3504 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:36:09.0028 3504 Msfs - ok
23:36:09.0041 3504 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:36:09.0042 3504 mshidkmdf - ok
23:36:09.0063 3504 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:36:09.0064 3504 msisadrv - ok
23:36:09.0077 3504 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:36:09.0080 3504 MSiSCSI - ok
23:36:09.0083 3504 msiserver - ok
23:36:09.0092 3504 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:36:09.0093 3504 MSKSSRV - ok
23:36:09.0110 3504 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:36:09.0111 3504 MSPCLOCK - ok
23:36:09.0114 3504 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:36:09.0115 3504 MSPQM - ok
23:36:09.0133 3504 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:36:09.0136 3504 MsRPC - ok
23:36:09.0141 3504 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:36:09.0141 3504 mssmbios - ok
23:36:09.0146 3504 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:36:09.0146 3504 MSTEE - ok
23:36:09.0150 3504 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:36:09.0150 3504 MTConfig - ok
23:36:09.0154 3504 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
23:36:09.0156 3504 Mup - ok
23:36:09.0178 3504 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
23:36:09.0183 3504 napagent - ok
23:36:09.0220 3504 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:36:09.0223 3504 NativeWifiP - ok
23:36:09.0303 3504 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120924.017\NAVENG.SYS
23:36:09.0303 3504 NAVENG - ok
23:36:09.0340 3504 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120924.017\NAVEX15.SYS
23:36:09.0348 3504 NAVEX15 - ok
23:36:09.0370 3504 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:36:09.0377 3504 NDIS - ok
23:36:09.0413 3504 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:36:09.0414 3504 NdisCap - ok
23:36:09.0431 3504 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:36:09.0431 3504 NdisTapi - ok
23:36:09.0435 3504 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:36:09.0436 3504 Ndisuio - ok
23:36:09.0454 3504 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:36:09.0456 3504 NdisWan - ok
23:36:09.0459 3504 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:36:09.0460 3504 NDProxy - ok
23:36:09.0498 3504 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:36:09.0499 3504 Net Driver HPZ12 - ok
23:36:09.0527 3504 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:36:09.0528 3504 NetBIOS - ok
23:36:09.0533 3504 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:36:09.0536 3504 NetBT - ok
23:36:09.0577 3504 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
23:36:09.0578 3504 Netlogon - ok
23:36:09.0613 3504 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
23:36:09.0617 3504 Netman - ok
23:36:09.0657 3504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:36:09.0675 3504 NetMsmqActivator - ok
23:36:09.0679 3504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:36:09.0680 3504 NetPipeActivator - ok
23:36:09.0701 3504 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
23:36:09.0705 3504 netprofm - ok
23:36:09.0709 3504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:36:09.0710 3504 NetTcpActivator - ok
23:36:09.0714 3504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:36:09.0715 3504 NetTcpPortSharing - ok
23:36:09.0747 3504 [ 104BE93F0607C6AA0D85319581F96EC2 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
23:36:09.0749 3504 netvsc - ok
23:36:09.0880 3504 [ 5C979C481981E04919ECBB3B88D54B34 ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
23:36:09.0999 3504 NETwNs32 - ok
23:36:10.0028 3504 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:36:10.0029 3504 nfrd960 - ok
23:36:10.0054 3504 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:36:10.0058 3504 NlaSvc - ok
23:36:10.0083 3504 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:36:10.0084 3504 Npfs - ok
23:36:10.0093 3504 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
23:36:10.0095 3504 nsi - ok
23:36:10.0105 3504 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:36:10.0106 3504 nsiproxy - ok
23:36:10.0150 3504 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:36:10.0157 3504 Ntfs - ok
23:36:10.0162 3504 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
23:36:10.0163 3504 Null - ok
23:36:10.0187 3504 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:36:10.0190 3504 nvraid - ok
23:36:10.0225 3504 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:36:10.0227 3504 nvstor - ok
23:36:10.0231 3504 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:36:10.0233 3504 nv_agp - ok
23:36:10.0236 3504 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:36:10.0238 3504 ohci1394 - ok
23:36:10.0274 3504 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:36:10.0277 3504 ose - ok
23:36:10.0363 3504 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:36:10.0472 3504 osppsvc - ok
23:36:10.0505 3504 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:36:10.0509 3504 p2pimsvc - ok
23:36:10.0524 3504 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
23:36:10.0528 3504 p2psvc - ok
23:36:10.0548 3504 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
23:36:10.0549 3504 Parport - ok
23:36:10.0553 3504 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:36:10.0554 3504 partmgr - ok
23:36:10.0576 3504 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:36:10.0578 3504 Parvdm - ok
23:36:10.0582 3504 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:36:10.0585 3504 PcaSvc - ok
23:36:10.0590 3504 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
23:36:10.0592 3504 pci - ok
23:36:10.0622 3504 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
23:36:10.0622 3504 pciide - ok
23:36:10.0627 3504 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:36:10.0630 3504 pcmcia - ok
23:36:10.0633 3504 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
23:36:10.0634 3504 pcw - ok
23:36:10.0653 3504 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:36:10.0660 3504 PEAUTH - ok
23:36:10.0698 3504 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:36:10.0709 3504 PeerDistSvc - ok
23:36:10.0736 3504 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
23:36:10.0752 3504 pla - ok
23:36:10.0791 3504 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:36:10.0797 3504 PlugPlay - ok
23:36:10.0833 3504 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:36:10.0834 3504 Pml Driver HPZ12 - ok
23:36:10.0859 3504 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:36:10.0861 3504 PNRPAutoReg - ok
23:36:10.0867 3504 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:36:10.0869 3504 PNRPsvc - ok
23:36:10.0912 3504 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:36:10.0916 3504 PolicyAgent - ok
23:36:10.0931 3504 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
23:36:10.0933 3504 Power - ok
23:36:10.0974 3504 [ 6F51482ADCED13CEBFE0F1054F2116F2 ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
23:36:10.0976 3504 Power Manager DBC Service - ok
23:36:11.0019 3504 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:36:11.0020 3504 PptpMiniport - ok
23:36:11.0037 3504 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
23:36:11.0039 3504 Processor - ok
23:36:11.0071 3504 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
23:36:11.0074 3504 ProfSvc - ok
23:36:11.0085 3504 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:36:11.0086 3504 ProtectedStorage - ok
23:36:11.0097 3504 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:36:11.0099 3504 Psched - ok
23:36:11.0125 3504 [ AF8B60D65F8B39C4FAC6BE8641923F37 ] PwmEWSvc C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE
23:36:11.0128 3504 PwmEWSvc - ok
23:36:11.0161 3504 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:36:11.0175 3504 ql2300 - ok
23:36:11.0202 3504 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:36:11.0204 3504 ql40xx - ok
23:36:11.0225 3504 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
23:36:11.0228 3504 QWAVE - ok
23:36:11.0242 3504 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:36:11.0243 3504 QWAVEdrv - ok
23:36:11.0259 3504 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:36:11.0260 3504 RasAcd - ok
23:36:11.0292 3504 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:36:11.0293 3504 RasAgileVpn - ok
23:36:11.0307 3504 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
23:36:11.0309 3504 RasAuto - ok
23:36:11.0324 3504 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:36:11.0325 3504 Rasl2tp - ok
23:36:11.0345 3504 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
23:36:11.0350 3504 RasMan - ok
23:36:11.0360 3504 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:36:11.0361 3504 RasPppoe - ok
23:36:11.0365 3504 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:36:11.0366 3504 RasSstp - ok
23:36:11.0371 3504 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:36:11.0374 3504 rdbss - ok
23:36:11.0387 3504 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:36:11.0388 3504 rdpbus - ok
23:36:11.0391 3504 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:36:11.0392 3504 RDPCDD - ok
23:36:11.0404 3504 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:36:11.0406 3504 RDPDR - ok
23:36:11.0418 3504 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:36:11.0419 3504 RDPENCDD - ok
23:36:11.0423 3504 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:36:11.0424 3504 RDPREFMP - ok
23:36:11.0447 3504 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:36:11.0448 3504 RdpVideoMiniport - ok
23:36:11.0453 3504 [ 244C83332F44589AE98FC347F11B2693 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:36:11.0456 3504 RDPWD - ok
23:36:11.0466 3504 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:36:11.0469 3504 rdyboost - ok
23:36:11.0484 3504 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
23:36:11.0486 3504 RemoteAccess - ok
23:36:11.0511 3504 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:36:11.0514 3504 RemoteRegistry - ok
23:36:11.0527 3504 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:36:11.0536 3504 RFCOMM - ok
23:36:11.0568 3504 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:36:11.0571 3504 RpcEptMapper - ok
23:36:11.0590 3504 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
23:36:11.0592 3504 RpcLocator - ok
23:36:11.0611 3504 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
23:36:11.0614 3504 RpcSs - ok
23:36:11.0652 3504 [ DD43EA076E55189792867E1EAEAB8E67 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
23:36:11.0656 3504 RSPCIESTOR - ok
23:36:11.0669 3504 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:36:11.0671 3504 rspndr - ok
23:36:11.0732 3504 [ 0EEF2352AF419B092362764949D50D70 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
23:36:11.0735 3504 RtkAudioService - ok
23:36:11.0746 3504 [ CFA5758F2A929CE24E16E1B2A5CA8C23 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
23:36:11.0748 3504 RTL8167 - ok
23:36:11.0783 3504 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:36:11.0784 3504 s3cap - ok
23:36:11.0795 3504 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
23:36:11.0796 3504 SamSs - ok
23:36:11.0818 3504 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:36:11.0820 3504 sbp2port - ok
23:36:11.0840 3504 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:36:11.0843 3504 SCardSvr - ok
23:36:11.0886 3504 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:36:11.0887 3504 scfilter - ok
23:36:11.0898 3504 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
23:36:11.0907 3504 Schedule - ok
23:36:11.0923 3504 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:36:11.0924 3504 SCPolicySvc - ok
23:36:11.0932 3504 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:36:11.0935 3504 SDRSVC - ok
23:36:11.0952 3504 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:36:11.0954 3504 secdrv - ok
23:36:11.0974 3504 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
23:36:11.0976 3504 seclogon - ok
23:36:11.0986 3504 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
23:36:11.0988 3504 SENS - ok
23:36:11.0999 3504 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:36:12.0001 3504 SensrSvc - ok
23:36:12.0015 3504 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:36:12.0016 3504 Serenum - ok
23:36:12.0029 3504 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
23:36:12.0031 3504 Serial - ok
23:36:12.0034 3504 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:36:12.0035 3504 sermouse - ok
23:36:12.0043 3504 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
23:36:12.0045 3504 SessionEnv - ok
23:36:12.0049 3504 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:36:12.0050 3504 sffdisk - ok
23:36:12.0061 3504 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:36:12.0062 3504 sffp_mmc - ok
23:36:12.0073 3504 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:36:12.0074 3504 sffp_sd - ok
23:36:12.0078 3504 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:36:12.0078 3504 sfloppy - ok
23:36:12.0100 3504 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:36:12.0105 3504 ShellHWDetection - ok
23:36:12.0129 3504 [ DF6A84DD19D3C0858D707B5E64938D60 ] Shockprf C:\Windows\system32\DRIVERS\Apsx86.sys
23:36:12.0131 3504 Shockprf - ok
23:36:12.0177 3504 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:36:12.0179 3504 sisagp - ok
23:36:12.0198 3504 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:36:12.0199 3504 SiSRaid2 - ok
23:36:12.0203 3504 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:36:12.0204 3504 SiSRaid4 - ok
23:36:12.0214 3504 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:36:12.0215 3504 Smb - ok
23:36:12.0281 3504 [ 9672E993C5F09BB15ADB757A8AF7765E ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
23:36:12.0301 3504 SmcService - ok
23:36:12.0322 3504 [ 229B0890AF1A54E2F57099542CD18642 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
23:36:12.0326 3504 SNAC - ok
23:36:12.0357 3504 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:36:12.0359 3504 SNMPTRAP - ok
23:36:12.0404 3504 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
23:36:12.0409 3504 SPBBCDrv - ok
23:36:12.0436 3504 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
23:36:12.0437 3504 spldr - ok
23:36:12.0463 3504 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
23:36:12.0471 3504 Spooler - ok
23:36:12.0539 3504 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
23:36:12.0570 3504 sppsvc - ok
23:36:12.0575 3504 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:36:12.0577 3504 sppuinotify - ok
23:36:12.0603 3504 [ 14389E87D0D2E25B12BF2CC74CFAEE07 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS
23:36:12.0607 3504 SRTSP - ok
23:36:12.0613 3504 [ AED0F68C185FE698A21CEFCD76F0B8A4 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS
23:36:12.0617 3504 SRTSPL - ok
23:36:12.0632 3504 [ 0E2CA6326726477FE29863808BBAD413 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS
23:36:12.0633 3504 SRTSPX - ok
23:36:12.0638 3504 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:36:12.0642 3504 srv - ok
23:36:12.0648 3504 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:36:12.0652 3504 srv2 - ok
23:36:12.0656 3504 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:36:12.0658 3504 srvnet - ok
23:36:12.0677 3504 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:36:12.0680 3504 SSDPSRV - ok
23:36:12.0697 3504 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:36:12.0699 3504 SstpSvc - ok
23:36:12.0713 3504 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:36:12.0714 3504 stexstor - ok
23:36:12.0773 3504 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
23:36:12.0780 3504 StiSvc - ok
23:36:12.0787 3504 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:36:12.0788 3504 storflt - ok
23:36:12.0804 3504 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
23:36:12.0806 3504 StorSvc - ok
23:36:12.0846 3504 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:36:12.0848 3504 storvsc - ok
23:36:12.0851 3504 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
23:36:12.0851 3504 swenum - ok
23:36:12.0869 3504 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
23:36:12.0874 3504 swprv - ok
23:36:12.0921 3504 [ 409EBED03F66E3941E33E412795E6C2C ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
23:36:12.0931 3504 Symantec AntiVirus - ok
23:36:12.0965 3504 [ AB33C3B196197CA467CBDDA717860DBA ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
23:36:12.0967 3504 SymEvent - ok
23:36:12.0974 3504 [ 394B2368212114D538316812AF60FDDD ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS
23:36:12.0975 3504 SYMREDRV - ok
23:36:12.0980 3504 [ D46676BB414C7531BDFFE637A33F5033 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS
23:36:12.0981 3504 SYMTDI - ok
23:36:12.0991 3504 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
23:36:12.0992 3504 Synth3dVsc - ok
23:36:13.0026 3504 [ 04990C25043705985F1EC40BF704AAAC ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
23:36:13.0027 3504 SynthVid - ok
23:36:13.0098 3504 [ 7E194E86BF306E07470A0AC56B41DE83 ] SynTP C:\Windows\system32\drivers\SynTP.sys
23:36:13.0105 3504 SynTP - ok
23:36:13.0148 3504 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
23:36:13.0161 3504 SysMain - ok
23:36:13.0174 3504 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:36:13.0176 3504 TabletInputService - ok
23:36:13.0204 3504 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
23:36:13.0208 3504 TapiSrv - ok
23:36:13.0212 3504 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
23:36:13.0215 3504 TBS - ok
23:36:13.0242 3504 [ 65D10B191C59C5501A1263FC33F6894B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:36:13.0255 3504 Tcpip - ok
23:36:13.0275 3504 [ 65D10B191C59C5501A1263FC33F6894B ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:36:13.0282 3504 TCPIP6 - ok
23:36:13.0321 3504 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:36:13.0322 3504 tcpipreg - ok
23:36:13.0334 3504 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:36:13.0335 3504 TDPIPE - ok
23:36:13.0339 3504 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:36:13.0340 3504 TDTCP - ok
23:36:13.0356 3504 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:36:13.0357 3504 tdx - ok
23:36:13.0361 3504 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:36:13.0362 3504 TermDD - ok
23:36:13.0380 3504 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
23:36:13.0381 3504 terminpt - ok
23:36:13.0403 3504 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
23:36:13.0411 3504 TermService - ok
23:36:13.0420 3504 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
23:36:13.0422 3504 Themes - ok
23:36:13.0454 3504 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
23:36:13.0455 3504 THREADORDER - ok
23:36:13.0461 3504 [ 50B570E4209F6D401893720FC8DDCE46 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM86.sys
23:36:13.0462 3504 TPDIGIMN - ok
23:36:13.0466 3504 [ 1F98A2433555DD854CB4E2EDC819DEB4 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG.exe
23:36:13.0468 3504 TPHDEXLGSVC - ok
23:36:13.0487 3504 [ 9CD364ECB3A10B24C7CAC8FF89993A67 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
23:36:13.0497 3504 TPHKLOAD - ok
23:36:13.0512 3504 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
23:36:13.0514 3504 TPHKSVC - ok
23:36:13.0540 3504 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
23:36:13.0541 3504 TPM - ok
23:36:13.0577 3504 [ C16EC6A5390904D3971179553852025B ] TPPWRIF C:\Windows\system32\drivers\Tppwr32v.sys
23:36:13.0578 3504 TPPWRIF - ok
23:36:13.0622 3504 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
23:36:13.0624 3504 TrkWks - ok
23:36:13.0666 3504 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:36:13.0668 3504 TrustedInstaller - ok
23:36:13.0682 3504 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:36:13.0683 3504 tssecsrv - ok
23:36:13.0693 3504 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:36:13.0694 3504 TsUsbFlt - ok
23:36:13.0704 3504 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:36:13.0706 3504 TsUsbGD - ok
23:36:13.0710 3504 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
23:36:13.0711 3504 tsusbhub - ok
23:36:13.0722 3504 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:36:13.0724 3504 tunnel - ok
23:36:13.0747 3504 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:36:13.0748 3504 uagp35 - ok
23:36:13.0758 3504 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:36:13.0762 3504 udfs - ok
23:36:13.0788 3504 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:36:13.0790 3504 UI0Detect - ok
23:36:13.0810 3504 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:36:13.0811 3504 uliagpkx - ok
23:36:13.0830 3504 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:36:13.0831 3504 umbus - ok
23:36:13.0834 3504 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
23:36:13.0834 3504 UmPass - ok
23:36:13.0849 3504 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
23:36:13.0852 3504 UmRdpService - ok
23:36:13.0868 3504 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
23:36:13.0873 3504 upnphost - ok
23:36:13.0900 3504 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
23:36:13.0901 3504 USBAAPL - ok
23:36:13.0911 3504 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:36:13.0912 3504 usbccgp - ok
23:36:13.0924 3504 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:36:13.0926 3504 usbcir - ok
23:36:13.0981 3504 [ EB52059F51189E99174040F6318236F8 ] USBDLM C:\Program Files\USBDLM\USBDLM.exe
23:36:13.0985 3504 USBDLM - ok
23:36:13.0996 3504 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:36:13.0997 3504 usbehci - ok
23:36:14.0023 3504 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\drivers\usbhub.sys
23:36:14.0026 3504 usbhub - ok
23:36:14.0029 3504 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:36:14.0030 3504 usbohci - ok
23:36:14.0039 3504 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:36:14.0040 3504 usbprint - ok
23:36:14.0054 3504 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:36:14.0055 3504 usbscan - ok
23:36:14.0067 3504 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:36:14.0069 3504 USBSTOR - ok
23:36:14.0084 3504 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:36:14.0085 3504 usbuhci - ok
23:36:14.0112 3504 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:36:14.0115 3504 usbvideo - ok
23:36:14.0167 3504 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
23:36:14.0169 3504 UxSms - ok
23:36:14.0195 3504 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
23:36:14.0196 3504 VaultSvc - ok
23:36:14.0211 3504 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:36:14.0212 3504 vdrvroot - ok
23:36:14.0233 3504 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
23:36:14.0239 3504 vds - ok
23:36:14.0268 3504 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:36:14.0270 3504 vga - ok
23:36:14.0273 3504 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:36:14.0274 3504 VgaSave - ok
23:36:14.0277 3504 VGPU - ok
23:36:14.0284 3504 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:36:14.0286 3504 vhdmp - ok
23:36:14.0305 3504 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:36:14.0306 3504 viaagp - ok
23:36:14.0309 3504 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:36:14.0311 3504 ViaC7 - ok
23:36:14.0314 3504 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
23:36:14.0315 3504 viaide - ok
23:36:14.0319 3504 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:36:14.0322 3504 vmbus - ok
23:36:14.0333 3504 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:36:14.0334 3504 VMBusHID - ok
23:36:14.0346 3504 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:36:14.0347 3504 volmgr - ok
23:36:14.0353 3504 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:36:14.0357 3504 volmgrx - ok
23:36:14.0363 3504 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:36:14.0366 3504 volsnap - ok
23:36:14.0391 3504 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:36:14.0393 3504 vsmraid - ok
23:36:14.0432 3504 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
23:36:14.0444 3504 VSS - ok
23:36:14.0458 3504 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:36:14.0458 3504 vwifibus - ok
23:36:14.0480 3504 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:36:14.0481 3504 vwififlt - ok
23:36:14.0505 3504 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:36:14.0506 3504 vwifimp - ok
23:36:14.0519 3504 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
23:36:14.0523 3504 W32Time - ok
23:36:14.0529 3504 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:36:14.0530 3504 WacomPen - ok
23:36:14.0538 3504 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:36:14.0539 3504 WANARP - ok
23:36:14.0542 3504 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:36:14.0542 3504 Wanarpv6 - ok
23:36:14.0619 3504 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:36:14.0633 3504 WatAdminSvc - ok
23:36:14.0673 3504 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
23:36:14.0687 3504 wbengine - ok
23:36:14.0698 3504 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:36:14.0701 3504 WbioSrvc - ok
23:36:14.0707 3504 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:36:14.0711 3504 wcncsvc - ok
23:36:14.0715 3504 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:36:14.0717 3504 WcsPlugInService - ok
23:36:14.0731 3504 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
23:36:14.0732 3504 Wd - ok
23:36:14.0739 3504 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:36:14.0744 3504 Wdf01000 - ok
23:36:14.0755 3504 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:36:14.0757 3504 WdiServiceHost - ok
23:36:14.0761 3504 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:36:14.0763 3504 WdiSystemHost - ok
23:36:14.0780 3504 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
23:36:14.0784 3504 WebClient - ok
23:36:14.0789 3504 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:36:14.0792 3504 Wecsvc - ok
23:36:14.0806 3504 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:36:14.0808 3504 wercplsupport - ok
23:36:14.0828 3504 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
23:36:14.0831 3504 WerSvc - ok
23:36:14.0853 3504 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:36:14.0854 3504 WfpLwf - ok
23:36:14.0866 3504 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:36:14.0867 3504 WIMMount - ok
23:36:14.0878 3504 WinHttpAutoProxySvc - ok
23:36:14.0908 3504 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:36:14.0911 3504 Winmgmt - ok
23:36:14.0949 3504 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
23:36:14.0963 3504 WinRM - ok
23:36:14.0993 3504 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:36:14.0995 3504 WinUsb - ok
23:36:15.0021 3504 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:36:15.0031 3504 Wlansvc - ok
23:36:15.0078 3504 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:36:15.0081 3504 wlcrasvc - ok
23:36:15.0145 3504 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:36:15.0162 3504 wlidsvc - ok
23:36:15.0178 3504 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:36:15.0179 3504 WmiAcpi - ok
23:36:15.0213 3504 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:36:15.0215 3504 wmiApSrv - ok
23:36:15.0272 3504 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:36:15.0283 3504 WMPNetworkSvc - ok
23:36:15.0297 3504 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:36:15.0299 3504 WPCSvc - ok
23:36:15.0320 3504 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:36:15.0322 3504 WPDBusEnum - ok
23:36:15.0337 3504 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:36:15.0338 3504 ws2ifsl - ok
23:36:15.0366 3504 WSearch - ok
23:36:15.0372 3504 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:36:15.0373 3504 WudfPf - ok
23:36:15.0400 3504 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:36:15.0402 3504 WUDFRd - ok
23:36:15.0431 3504 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:36:15.0434 3504 wudfsvc - ok
23:36:15.0444 3504 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:36:15.0448 3504 WwanSvc - ok
23:36:15.0501 3504 ================ Scan global ===============================
23:36:15.0533 3504 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
23:36:15.0548 3504 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:36:15.0562 3504 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:36:15.0576 3504 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:36:15.0600 3504 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:36:15.0604 3504 [Global] - ok
23:36:15.0604 3504 ================ Scan MBR ==================================
23:36:15.0614 3504 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:36:15.0615 3504 Suspicious mbr (Forged): \Device\Harddisk0\DR0
23:36:15.0668 3504 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
23:36:15.0669 3504 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
23:36:15.0708 3504 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:36:15.0709 3504 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:36:15.0709 3504 ================ Scan VBR ==================================
23:36:15.0712 3504 [ 3CCA36C34D7031C4439E600C37312CE3 ] \Device\Harddisk0\DR0\Partition1
23:36:15.0713 3504 \Device\Harddisk0\DR0\Partition1 - ok
23:36:15.0734 3504 [ 71F5FB601154880AC1CC92513ECF7FEC ] \Device\Harddisk0\DR0\Partition2
23:36:15.0735 3504 \Device\Harddisk0\DR0\Partition2 - ok
23:36:15.0778 3504 [ B337C06E9E3F0A406478FAB4904BD0F3 ] \Device\Harddisk0\DR0\Partition3
23:36:15.0779 3504 \Device\Harddisk0\DR0\Partition3 - ok
23:36:15.0779 3504 ============================================================
23:36:15.0779 3504 Scan finished
23:36:15.0779 3504 ============================================================
23:36:15.0787 2492 Detected object count: 2
23:36:15.0787 2492 Actual detected object count: 2
23:37:34.0687 2492 \Device\Harddisk0\DR0\# - copied to quarantine
23:37:34.0688 2492 \Device\Harddisk0\DR0 - copied to quarantine
23:37:34.0841 2492 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
23:37:34.0841 2492 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
23:37:34.0843 2492 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
23:37:34.0844 2492 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
23:37:34.0845 2492 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
23:37:34.0846 2492 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
23:37:34.0847 2492 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
23:37:34.0848 2492 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
23:37:34.0849 2492 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
23:37:34.0851 2492 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
23:37:34.0852 2492 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
23:37:34.0853 2492 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
23:37:34.0854 2492 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
23:37:34.0855 2492 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
23:37:34.0856 2492 \Device\Harddisk0\DR0\TDLFS\tdi32 - copied to quarantine
23:37:34.0857 2492 \Device\Harddisk0\DR0\TDLFS\tdi64 - copied to quarantine
23:37:34.0858 2492 \Device\Harddisk0\DR0\TDLFS\main1 - copied to quarantine
23:37:34.0859 2492 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
23:37:34.0860 2492 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
23:37:34.0861 2492 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
23:37:34.0905 2492 \Device\Harddisk0\DR0\TDLFS\com32 - copied to quarantine
23:37:34.0910 2492 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
23:37:34.0962 2492 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
23:37:34.0969 2492 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
23:37:35.0153 2492 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
23:37:35.0225 2492 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
23:37:35.0314 2492 \Device\Harddisk0\DR0 - ok
23:37:35.0968 2492 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
23:37:35.0968 2492 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
23:37:35.0969 2492 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
23:37:44.0052 2792 Deinitialize success

#14 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 28 September 2012 - 08:44 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-28 23:39:21
-----------------------------
23:39:21.250 OS Version: Windows 6.1.7601 Service Pack 1
23:39:21.250 Number of processors: 4 586 0x2A07
23:39:21.250 ComputerName: R_ZAPPARONI_N01 UserName: 08500890
23:39:21.884 Initialize success
23:41:45.286 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:41:45.326 Disk 0 Vendor: HITACHI_HTS727550A9E364 JF3ZD0H0 Size: 476940MB BusType: 11
23:41:45.331 Disk 0 MBR read successfully
23:41:45.351 Disk 0 MBR scan
23:41:45.353 Disk 0 Windows 7 default MBR code
23:41:45.355 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 51201 MB offset 2048
23:41:45.367 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 395015 MB offset 104861696
23:41:45.395 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 30708 MB offset 913852416
23:41:45.398 Disk 0 scanning sectors +976764928
23:41:45.457 Disk 0 scanning C:\Windows\system32\drivers
23:41:48.289 Service scanning
23:42:01.005 Modules scanning
23:42:06.985 Disk 0 trace - called modules:
23:42:06.991 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x899e1b08]<<
23:42:06.991 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85724030]
23:42:06.991 3 CLASSPNP.SYS[8add159e] -> nt!IofCallDriver -> [0x8518e8b0]
23:42:06.991 5 ACPI.sys[8a8a83d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x851b2030]
23:42:06.991 \Driver\atapi[0x851a3d80] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x899e1b08
23:42:06.991 Scan finished successfully
23:43:25.700 Disk 0 MBR has been saved successfully to "D:\Users\08500890\Desktop\Virus stuff\MBR.dat"
23:43:25.727 The log file has been saved successfully to "D:\Users\08500890\Desktop\Virus stuff\aswMBR.txt"

#15 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 28 September 2012 - 08:45 AM

Do I wait or do the third one that you originally posted?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users