Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have multiple Trojans and other problems.


  • Please log in to reply
60 replies to this topic

#16 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:18 AM

Posted 28 September 2012 - 08:50 AM

Go ahead and run the third scan.Please run TDSSkiller once again and post the new log

BC AdBot (Login to Remove)

 


#17 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 08:53 AM

23:52:30.0550 3772 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
23:52:31.0951 3772 ============================================================
23:52:31.0951 3772 Current date / time: 2012/09/28 23:52:31.0951
23:52:31.0951 3772 SystemInfo:
23:52:31.0951 3772
23:52:31.0951 3772 OS Version: 6.1.7601 ServicePack: 1.0
23:52:31.0951 3772 Product type: Workstation
23:52:31.0951 3772 ComputerName: R_ZAPPARONI_N01
23:52:31.0951 3772 UserName: 08500890
23:52:31.0951 3772 Windows directory: C:\Windows
23:52:31.0951 3772 System windows directory: C:\Windows
23:52:31.0951 3772 Processor architecture: Intel x86
23:52:31.0951 3772 Number of processors: 4
23:52:31.0951 3772 Page size: 0x1000
23:52:31.0951 3772 Boot type: Safe boot with network
23:52:31.0951 3772 ============================================================
23:52:32.0138 3772 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:52:32.0140 3772 ============================================================
23:52:32.0140 3772 \Device\Harddisk0\DR0:
23:52:32.0140 3772 MBR partitions:
23:52:32.0141 3772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6400800
23:52:32.0141 3772 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6401000, BlocksNum 0x30383800
23:52:32.0141 3772 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x36784800, BlocksNum 0x3BFA030
23:52:32.0141 3772 ============================================================
23:52:32.0183 3772 C: <-> \Device\Harddisk0\DR0\Partition1
23:52:32.0210 3772 D: <-> \Device\Harddisk0\DR0\Partition2
23:52:32.0255 3772 E: <-> \Device\Harddisk0\DR0\Partition3
23:52:32.0255 3772 ============================================================
23:52:32.0255 3772 Initialize success
23:52:32.0255 3772 ============================================================
23:52:38.0968 3052 ============================================================
23:52:38.0968 3052 Scan started
23:52:38.0968 3052 Mode: Manual; TDLFS;
23:52:38.0968 3052 ============================================================
23:52:40.0302 3052 ================ Scan system memory ========================
23:52:40.0302 3052 System memory - ok
23:52:40.0302 3052 ================ Scan services =============================
23:52:40.0431 3052 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:52:40.0432 3052 1394ohci - ok
23:52:40.0499 3052 [ 4BDA7BEB8450E7FD50DF260BFD524861 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
23:52:40.0500 3052 5U877 - ok
23:52:40.0661 3052 [ 2A8681AEA24003040CA7D677BE9F1702 ] 77638189 C:\Windows\system32\drivers\62475771.sys
23:52:40.0683 3052 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:52:40.0684 3052 ACPI - ok
23:52:40.0703 3052 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:52:40.0704 3052 AcpiPmi - ok
23:52:40.0805 3052 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:52:40.0805 3052 AdobeARMservice - ok
23:52:40.0865 3052 [ F19C98AD81D2C0E1BBFD8153D2C80EE8 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:52:40.0867 3052 AdobeFlashPlayerUpdateSvc - ok
23:52:40.0905 3052 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:52:40.0908 3052 adp94xx - ok
23:52:40.0916 3052 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:52:40.0918 3052 adpahci - ok
23:52:40.0923 3052 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:52:40.0924 3052 adpu320 - ok
23:52:40.0954 3052 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:52:40.0955 3052 AeLookupSvc - ok
23:52:40.0985 3052 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
23:52:40.0987 3052 AFD - ok
23:52:40.0991 3052 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
23:52:40.0992 3052 agp440 - ok
23:52:41.0021 3052 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:52:41.0022 3052 aic78xx - ok
23:52:41.0048 3052 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
23:52:41.0048 3052 ALG - ok
23:52:41.0063 3052 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
23:52:41.0063 3052 aliide - ok
23:52:41.0067 3052 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:52:41.0067 3052 amdagp - ok
23:52:41.0071 3052 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
23:52:41.0071 3052 amdide - ok
23:52:41.0081 3052 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:52:41.0081 3052 AmdK8 - ok
23:52:41.0099 3052 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:52:41.0100 3052 AmdPPM - ok
23:52:41.0103 3052 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:52:41.0104 3052 amdsata - ok
23:52:41.0109 3052 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:52:41.0110 3052 amdsbs - ok
23:52:41.0113 3052 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:52:41.0114 3052 amdxata - ok
23:52:41.0117 3052 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
23:52:41.0117 3052 AppID - ok
23:52:41.0134 3052 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:52:41.0134 3052 AppIDSvc - ok
23:52:41.0138 3052 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
23:52:41.0138 3052 Appinfo - ok
23:52:41.0208 3052 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:52:41.0208 3052 Apple Mobile Device - ok
23:52:41.0213 3052 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
23:52:41.0214 3052 AppMgmt - ok
23:52:41.0234 3052 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
23:52:41.0234 3052 arc - ok
23:52:41.0238 3052 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:52:41.0239 3052 arcsas - ok
23:52:41.0305 3052 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:52:41.0305 3052 aspnet_state - ok
23:52:41.0320 3052 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:52:41.0320 3052 AsyncMac - ok
23:52:41.0358 3052 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
23:52:41.0358 3052 atapi - ok
23:52:41.0393 3052 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:52:41.0395 3052 AudioEndpointBuilder - ok
23:52:41.0415 3052 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:52:41.0417 3052 Audiosrv - ok
23:52:41.0431 3052 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:52:41.0431 3052 AxInstSV - ok
23:52:41.0454 3052 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
23:52:41.0457 3052 b06bdrv - ok
23:52:41.0492 3052 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:52:41.0494 3052 b57nd60x - ok
23:52:41.0527 3052 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
23:52:41.0528 3052 BDESVC - ok
23:52:41.0539 3052 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
23:52:41.0539 3052 Beep - ok
23:52:41.0543 3052 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:52:41.0543 3052 blbdrive - ok
23:52:41.0581 3052 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:52:41.0583 3052 Bonjour Service - ok
23:52:41.0601 3052 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:52:41.0602 3052 bowser - ok
23:52:41.0645 3052 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:52:41.0646 3052 BrFiltLo - ok
23:52:41.0649 3052 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:52:41.0649 3052 BrFiltUp - ok
23:52:41.0685 3052 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
23:52:41.0686 3052 Browser - ok
23:52:41.0704 3052 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:52:41.0706 3052 Brserid - ok
23:52:41.0724 3052 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:52:41.0724 3052 BrSerWdm - ok
23:52:41.0728 3052 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:52:41.0728 3052 BrUsbMdm - ok
23:52:41.0731 3052 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:52:41.0731 3052 BrUsbSer - ok
23:52:41.0760 3052 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
23:52:41.0760 3052 BthEnum - ok
23:52:41.0764 3052 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:52:41.0764 3052 BTHMODEM - ok
23:52:41.0768 3052 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:52:41.0769 3052 BthPan - ok
23:52:41.0790 3052 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
23:52:41.0792 3052 BTHPORT - ok
23:52:41.0810 3052 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
23:52:41.0811 3052 bthserv - ok
23:52:41.0814 3052 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
23:52:41.0815 3052 BTHUSB - ok
23:52:41.0832 3052 [ 04DADF50C5E15B13EC182F1EA2DDFDA6 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
23:52:41.0834 3052 BTWAMPFL - ok
23:52:41.0842 3052 [ 72A50C2E459B8324F4653DF624CA7825 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:52:41.0843 3052 btwaudio - ok
23:52:41.0857 3052 [ B325AA3278AAD2AF0AC6AD9DCAAC744B ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
23:52:41.0858 3052 btwavdt - ok
23:52:41.0906 3052 [ A89121602AC6180739B70914BE662760 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
23:52:41.0910 3052 btwdins - ok
23:52:41.0927 3052 [ BD6C47B09CA590B55D999CD21380AAAE ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:52:41.0928 3052 btwl2cap - ok
23:52:41.0942 3052 [ BFEC5B8EBC5ED16CF56496A007917791 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:52:41.0942 3052 btwrchid - ok
23:52:41.0994 3052 [ 73F7E0619D6CE8480F3A575619FC974F ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
23:52:41.0995 3052 ccEvtMgr - ok
23:52:41.0998 3052 [ 73F7E0619D6CE8480F3A575619FC974F ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
23:52:41.0999 3052 ccSetMgr - ok
23:52:42.0017 3052 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:52:42.0018 3052 cdfs - ok
23:52:42.0062 3052 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:52:42.0063 3052 cdrom - ok
23:52:42.0081 3052 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
23:52:42.0082 3052 CertPropSvc - ok
23:52:42.0098 3052 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
23:52:42.0098 3052 circlass - ok
23:52:42.0109 3052 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
23:52:42.0110 3052 CLFS - ok
23:52:42.0177 3052 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:52:42.0177 3052 clr_optimization_v2.0.50727_32 - ok
23:52:42.0247 3052 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:52:42.0248 3052 clr_optimization_v4.0.30319_32 - ok
23:52:42.0255 3052 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
23:52:42.0255 3052 CmBatt - ok
23:52:42.0274 3052 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:52:42.0274 3052 cmdide - ok
23:52:42.0292 3052 [ 6427525D76F61D0C519B008D3680E8E7 ] CNG C:\Windows\system32\Drivers\cng.sys
23:52:42.0295 3052 CNG - ok
23:52:42.0303 3052 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:52:42.0304 3052 Compbatt - ok
23:52:42.0335 3052 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:52:42.0335 3052 CompositeBus - ok
23:52:42.0355 3052 COMSysApp - ok
23:52:42.0359 3052 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:52:42.0360 3052 crcdisk - ok
23:52:42.0376 3052 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:52:42.0377 3052 CryptSvc - ok
23:52:42.0384 3052 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
23:52:42.0386 3052 CSC - ok
23:52:42.0405 3052 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
23:52:42.0408 3052 CscService - ok
23:52:42.0434 3052 [ A522912EDB7900E09FA8F65ABC3E8C90 ] dc21x4vm C:\Windows\system32\DRIVERS\dc21x4vm.sys
23:52:42.0434 3052 dc21x4vm - ok
23:52:42.0461 3052 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
23:52:42.0465 3052 DcomLaunch - ok
23:52:42.0496 3052 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
23:52:42.0498 3052 defragsvc - ok
23:52:42.0514 3052 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:52:42.0515 3052 DfsC - ok
23:52:42.0540 3052 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:52:42.0542 3052 Dhcp - ok
23:52:42.0546 3052 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
23:52:42.0547 3052 discache - ok
23:52:42.0579 3052 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
23:52:42.0579 3052 Disk - ok
23:52:42.0598 3052 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
23:52:42.0598 3052 dmvsc - ok
23:52:42.0611 3052 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:52:42.0612 3052 Dnscache - ok
23:52:42.0617 3052 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
23:52:42.0619 3052 dot3svc - ok
23:52:42.0655 3052 [ 6D279BB0DE1D8E34F454E1B353F4D738 ] DozeHDD C:\Windows\system32\DRIVERS\DozeHDD.sys
23:52:42.0656 3052 DozeHDD - ok
23:52:42.0682 3052 [ 01E2180C3D72CB0ADCC43FB83D18942A ] DozeSvc C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
23:52:42.0683 3052 DozeSvc - ok
23:52:42.0699 3052 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
23:52:42.0701 3052 DPS - ok
23:52:42.0723 3052 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:52:42.0723 3052 drmkaud - ok
23:52:42.0744 3052 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:52:42.0748 3052 DXGKrnl - ok
23:52:42.0761 3052 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
23:52:42.0762 3052 EapHost - ok
23:52:42.0844 3052 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
23:52:42.0859 3052 ebdrv - ok
23:52:42.0913 3052 [ 385F3C0CAAFC80B83FACEF2E6B2FED77 ] eduSTAR Student Navigator Service C:\Program Files\eduSTAR\eduSTAR Student Navigator\StudentNavigatorService.exe
23:52:42.0914 3052 eduSTAR Student Navigator Service - ok
23:52:42.0966 3052 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
23:52:42.0968 3052 eeCtrl - ok
23:52:42.0994 3052 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
23:52:42.0995 3052 EFS - ok
23:52:43.0043 3052 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:52:43.0046 3052 ehRecvr - ok
23:52:43.0052 3052 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
23:52:43.0053 3052 ehSched - ok
23:52:43.0088 3052 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:52:43.0091 3052 elxstor - ok
23:52:43.0124 3052 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:52:43.0125 3052 EraserUtilRebootDrv - ok
23:52:43.0128 3052 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:52:43.0128 3052 ErrDev - ok
23:52:43.0183 3052 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
23:52:43.0185 3052 EventSystem - ok
23:52:43.0207 3052 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
23:52:43.0208 3052 exfat - ok
23:52:43.0225 3052 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:52:43.0226 3052 fastfat - ok
23:52:43.0257 3052 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
23:52:43.0260 3052 Fax - ok
23:52:43.0275 3052 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
23:52:43.0276 3052 fdc - ok
23:52:43.0298 3052 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
23:52:43.0299 3052 fdPHost - ok
23:52:43.0303 3052 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
23:52:43.0303 3052 FDResPub - ok
23:52:43.0310 3052 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:52:43.0311 3052 FileInfo - ok
23:52:43.0314 3052 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:52:43.0315 3052 Filetrace - ok
23:52:43.0327 3052 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:52:43.0328 3052 flpydisk - ok
23:52:43.0352 3052 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:52:43.0354 3052 FltMgr - ok
23:52:43.0385 3052 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
23:52:43.0389 3052 FontCache - ok
23:52:43.0432 3052 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:52:43.0432 3052 FontCache3.0.0.0 - ok
23:52:43.0447 3052 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:52:43.0448 3052 FsDepends - ok
23:52:43.0493 3052 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:52:43.0494 3052 fssfltr - ok
23:52:43.0563 3052 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23:52:43.0571 3052 fsssvc - ok
23:52:43.0589 3052 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:52:43.0589 3052 Fs_Rec - ok
23:52:43.0605 3052 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:52:43.0606 3052 fvevol - ok
23:52:43.0623 3052 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:52:43.0623 3052 gagp30kx - ok
23:52:43.0648 3052 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:52:43.0649 3052 GEARAspiWDM - ok
23:52:43.0685 3052 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
23:52:43.0688 3052 gpsvc - ok
23:52:43.0722 3052 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:52:43.0723 3052 gusvc - ok
23:52:43.0741 3052 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:52:43.0741 3052 hcw85cir - ok
23:52:43.0763 3052 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:52:43.0765 3052 HdAudAddService - ok
23:52:43.0791 3052 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:52:43.0791 3052 HDAudBus - ok
23:52:43.0800 3052 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:52:43.0801 3052 HidBatt - ok
23:52:43.0805 3052 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:52:43.0805 3052 HidBth - ok
23:52:43.0821 3052 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:52:43.0822 3052 HidIr - ok
23:52:43.0846 3052 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
23:52:43.0847 3052 hidserv - ok
23:52:43.0867 3052 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:52:43.0868 3052 HidUsb - ok
23:52:43.0911 3052 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:52:43.0912 3052 hkmsvc - ok
23:52:43.0919 3052 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:52:43.0921 3052 HomeGroupListener - ok
23:52:43.0941 3052 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:52:43.0943 3052 HomeGroupProvider - ok
23:52:43.0980 3052 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:52:43.0981 3052 HpSAMD - ok
23:52:44.0004 3052 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:52:44.0007 3052 HTTP - ok
23:52:44.0011 3052 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:52:44.0011 3052 hwpolicy - ok
23:52:44.0031 3052 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:52:44.0032 3052 i8042prt - ok
23:52:44.0054 3052 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:52:44.0056 3052 iaStorV - ok
23:52:44.0060 3052 [ FA3D0A6DA7BB7968EFE5C5BC267F0E55 ] IBMPMDRV C:\Windows\system32\drivers\ibmpmdrv.sys
23:52:44.0060 3052 IBMPMDRV - ok
23:52:44.0085 3052 [ 495F184A29B80B51735BCEE91D84FE8F ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
23:52:44.0086 3052 IBMPMSVC - ok
23:52:44.0151 3052 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:52:44.0156 3052 idsvc - ok
23:52:44.0369 3052 [ 503E4BD972362F52AE3308E4D7D07B05 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
23:52:44.0422 3052 igfx - ok
23:52:44.0450 3052 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:52:44.0450 3052 iirsp - ok
23:52:44.0495 3052 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
23:52:44.0499 3052 IKEEXT - ok
23:52:44.0583 3052 [ 8E34C5E7352CD83AD12E48D017C9FB7F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:52:44.0601 3052 IntcAzAudAddService - ok
23:52:44.0617 3052 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
23:52:44.0617 3052 intelide - ok
23:52:44.0647 3052 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\drivers\intelppm.sys
23:52:44.0648 3052 intelppm - ok
23:52:44.0674 3052 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:52:44.0675 3052 IPBusEnum - ok
23:52:44.0679 3052 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:52:44.0680 3052 IpFilterDriver - ok
23:52:44.0683 3052 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:52:44.0684 3052 IPMIDRV - ok
23:52:44.0687 3052 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:52:44.0688 3052 IPNAT - ok
23:52:44.0735 3052 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:52:44.0739 3052 iPod Service - ok
23:52:44.0756 3052 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:52:44.0756 3052 IRENUM - ok
23:52:44.0774 3052 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:52:44.0774 3052 isapnp - ok
23:52:44.0791 3052 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:52:44.0792 3052 iScsiPrt - ok
23:52:44.0817 3052 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:52:44.0818 3052 kbdclass - ok
23:52:44.0842 3052 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:52:44.0843 3052 kbdhid - ok
23:52:44.0853 3052 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
23:52:44.0854 3052 KeyIso - ok
23:52:44.0860 3052 [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:52:44.0861 3052 KSecDD - ok
23:52:44.0865 3052 [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:52:44.0866 3052 KSecPkg - ok
23:52:44.0888 3052 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
23:52:44.0891 3052 KtmRm - ok
23:52:44.0918 3052 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
23:52:44.0920 3052 LanmanServer - ok
23:52:44.0951 3052 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:52:44.0953 3052 LanmanWorkstation - ok
23:52:45.0004 3052 [ A4973DF3264791952D6D7AB56565DD55 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
23:52:45.0005 3052 LENOVO.CAMMUTE - ok
23:52:45.0019 3052 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
23:52:45.0020 3052 LENOVO.MICMUTE - ok
23:52:45.0044 3052 [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi C:\Windows\system32\DRIVERS\smiif32.sys
23:52:45.0045 3052 lenovo.smi - ok
23:52:45.0057 3052 [ 05D72DE005BE625CE60CE3BE4FAB9714 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
23:52:45.0057 3052 LENOVO.TPKNRSVC - ok
23:52:45.0076 3052 [ 158B67696EC8602CE71F9AA4F14AA96F ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
23:52:45.0077 3052 Lenovo.VIRTSCRLSVC - ok
23:52:45.0181 3052 [ 3AA70DCFB4ECB5FCFE6B9FF7CEC3A5EA ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
23:52:45.0197 3052 LiveUpdate - ok
23:52:45.0228 3052 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:52:45.0229 3052 lltdio - ok
23:52:45.0253 3052 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:52:45.0255 3052 lltdsvc - ok
23:52:45.0270 3052 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
23:52:45.0271 3052 lmhosts - ok
23:52:45.0293 3052 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:52:45.0294 3052 LSI_FC - ok
23:52:45.0298 3052 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:52:45.0299 3052 LSI_SAS - ok
23:52:45.0302 3052 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:52:45.0303 3052 LSI_SAS2 - ok
23:52:45.0307 3052 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:52:45.0307 3052 LSI_SCSI - ok
23:52:45.0317 3052 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
23:52:45.0318 3052 luafv - ok
23:52:45.0366 3052 MBAMProtector - ok
23:52:45.0382 3052 MBAMScheduler - ok
23:52:45.0401 3052 MBAMService - ok
23:52:45.0417 3052 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:52:45.0418 3052 Mcx2Svc - ok
23:52:45.0426 3052 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
23:52:45.0427 3052 megasas - ok
23:52:45.0440 3052 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:52:45.0441 3052 MegaSR - ok
23:52:45.0454 3052 [ CFCB18986426A2D8E66F1992636221D0 ] MEI C:\Windows\system32\drivers\HECI.sys
23:52:45.0455 3052 MEI - ok
23:52:45.0504 3052 Microsoft SharePoint Workspace Audit Service - ok
23:52:45.0512 3052 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
23:52:45.0513 3052 MMCSS - ok
23:52:45.0538 3052 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
23:52:45.0539 3052 Modem - ok
23:52:45.0564 3052 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:52:45.0565 3052 monitor - ok
23:52:45.0585 3052 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
23:52:45.0585 3052 mouclass - ok
23:52:45.0599 3052 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\drivers\mouhid.sys
23:52:45.0599 3052 mouhid - ok
23:52:45.0603 3052 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:52:45.0603 3052 mountmgr - ok
23:52:45.0669 3052 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:52:45.0670 3052 MozillaMaintenance - ok
23:52:45.0688 3052 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
23:52:45.0689 3052 mpio - ok
23:52:45.0693 3052 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:52:45.0693 3052 mpsdrv - ok
23:52:45.0706 3052 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:52:45.0707 3052 MRxDAV - ok
23:52:45.0742 3052 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:52:45.0743 3052 mrxsmb - ok
23:52:45.0748 3052 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:52:45.0750 3052 mrxsmb10 - ok
23:52:45.0753 3052 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:52:45.0754 3052 mrxsmb20 - ok
23:52:45.0759 3052 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
23:52:45.0760 3052 msahci - ok
23:52:45.0773 3052 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:52:45.0774 3052 msdsm - ok
23:52:45.0801 3052 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
23:52:45.0802 3052 MSDTC - ok
23:52:45.0820 3052 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:52:45.0821 3052 Msfs - ok
23:52:45.0842 3052 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:52:45.0842 3052 mshidkmdf - ok
23:52:45.0850 3052 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:52:45.0851 3052 msisadrv - ok
23:52:45.0886 3052 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:52:45.0888 3052 MSiSCSI - ok
23:52:45.0891 3052 msiserver - ok
23:52:45.0919 3052 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:52:45.0919 3052 MSKSSRV - ok
23:52:45.0922 3052 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:52:45.0923 3052 MSPCLOCK - ok
23:52:45.0926 3052 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:52:45.0926 3052 MSPQM - ok
23:52:45.0942 3052 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:52:45.0943 3052 MsRPC - ok
23:52:45.0948 3052 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:52:45.0949 3052 mssmbios - ok
23:52:45.0951 3052 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:52:45.0952 3052 MSTEE - ok
23:52:45.0955 3052 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:52:45.0955 3052 MTConfig - ok
23:52:45.0959 3052 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
23:52:45.0959 3052 Mup - ok
23:52:45.0996 3052 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
23:52:45.0998 3052 napagent - ok
23:52:46.0038 3052 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:52:46.0039 3052 NativeWifiP - ok
23:52:46.0112 3052 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120924.017\NAVENG.SYS
23:52:46.0112 3052 NAVENG - ok
23:52:46.0166 3052 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120924.017\NAVEX15.SYS
23:52:46.0174 3052 NAVEX15 - ok
23:52:46.0212 3052 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:52:46.0216 3052 NDIS - ok
23:52:46.0272 3052 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:52:46.0273 3052 NdisCap - ok
23:52:46.0290 3052 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:52:46.0290 3052 NdisTapi - ok
23:52:46.0294 3052 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:52:46.0294 3052 Ndisuio - ok
23:52:46.0298 3052 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:52:46.0299 3052 NdisWan - ok
23:52:46.0302 3052 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:52:46.0303 3052 NDProxy - ok
23:52:46.0340 3052 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:52:46.0341 3052 Net Driver HPZ12 - ok
23:52:46.0353 3052 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:52:46.0354 3052 NetBIOS - ok
23:52:46.0358 3052 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:52:46.0359 3052 NetBT - ok
23:52:46.0369 3052 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
23:52:46.0370 3052 Netlogon - ok
23:52:46.0397 3052 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
23:52:46.0400 3052 Netman - ok
23:52:46.0441 3052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:52:46.0442 3052 NetMsmqActivator - ok
23:52:46.0445 3052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:52:46.0446 3052 NetPipeActivator - ok
23:52:46.0453 3052 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
23:52:46.0456 3052 netprofm - ok
23:52:46.0459 3052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:52:46.0460 3052 NetTcpActivator - ok
23:52:46.0476 3052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:52:46.0477 3052 NetTcpPortSharing - ok
23:52:46.0507 3052 [ 104BE93F0607C6AA0D85319581F96EC2 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
23:52:46.0508 3052 netvsc - ok
23:52:46.0631 3052 [ 5C979C481981E04919ECBB3B88D54B34 ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
23:52:46.0668 3052 NETwNs32 - ok
23:52:46.0695 3052 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:52:46.0696 3052 nfrd960 - ok
23:52:46.0713 3052 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:52:46.0715 3052 NlaSvc - ok
23:52:46.0733 3052 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:52:46.0733 3052 Npfs - ok
23:52:46.0744 3052 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
23:52:46.0745 3052 nsi - ok
23:52:46.0748 3052 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:52:46.0749 3052 nsiproxy - ok
23:52:46.0765 3052 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:52:46.0771 3052 Ntfs - ok
23:52:46.0779 3052 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
23:52:46.0780 3052 Null - ok
23:52:46.0796 3052 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:52:46.0797 3052 nvraid - ok
23:52:46.0826 3052 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:52:46.0827 3052 nvstor - ok
23:52:46.0844 3052 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:52:46.0845 3052 nv_agp - ok
23:52:46.0889 3052 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:52:46.0889 3052 ohci1394 - ok
23:52:46.0934 3052 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:52:46.0935 3052 ose - ok
23:52:47.0022 3052 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:52:47.0046 3052 osppsvc - ok
23:52:47.0072 3052 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:52:47.0075 3052 p2pimsvc - ok
23:52:47.0099 3052 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
23:52:47.0102 3052 p2psvc - ok
23:52:47.0115 3052 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
23:52:47.0116 3052 Parport - ok
23:52:47.0119 3052 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:52:47.0120 3052 partmgr - ok
23:52:47.0136 3052 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:52:47.0136 3052 Parvdm - ok
23:52:47.0155 3052 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:52:47.0156 3052 PcaSvc - ok
23:52:47.0161 3052 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
23:52:47.0162 3052 pci - ok
23:52:47.0165 3052 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
23:52:47.0165 3052 pciide - ok
23:52:47.0170 3052 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:52:47.0171 3052 pcmcia - ok
23:52:47.0174 3052 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
23:52:47.0175 3052 pcw - ok
23:52:47.0201 3052 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:52:47.0205 3052 PEAUTH - ok
23:52:47.0249 3052 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:52:47.0255 3052 PeerDistSvc - ok
23:52:47.0295 3052 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
23:52:47.0304 3052 pla - ok
23:52:47.0334 3052 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:52:47.0337 3052 PlugPlay - ok
23:52:47.0350 3052 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:52:47.0351 3052 Pml Driver HPZ12 - ok
23:52:47.0376 3052 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:52:47.0378 3052 PNRPAutoReg - ok
23:52:47.0383 3052 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:52:47.0386 3052 PNRPsvc - ok
23:52:47.0429 3052 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:52:47.0432 3052 PolicyAgent - ok
23:52:47.0448 3052 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
23:52:47.0450 3052 Power - ok
23:52:47.0492 3052 [ 6F51482ADCED13CEBFE0F1054F2116F2 ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
23:52:47.0493 3052 Power Manager DBC Service - ok
23:52:47.0528 3052 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:52:47.0528 3052 PptpMiniport - ok
23:52:47.0538 3052 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
23:52:47.0539 3052 Processor - ok
23:52:47.0572 3052 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
23:52:47.0574 3052 ProfSvc - ok
23:52:47.0586 3052 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:52:47.0587 3052 ProtectedStorage - ok
23:52:47.0615 3052 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:52:47.0616 3052 Psched - ok
23:52:47.0668 3052 [ AF8B60D65F8B39C4FAC6BE8641923F37 ] PwmEWSvc C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE
23:52:47.0669 3052 PwmEWSvc - ok
23:52:47.0695 3052 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:52:47.0702 3052 ql2300 - ok
23:52:47.0720 3052 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:52:47.0721 3052 ql40xx - ok
23:52:47.0742 3052 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
23:52:47.0744 3052 QWAVE - ok
23:52:47.0751 3052 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:52:47.0751 3052 QWAVEdrv - ok
23:52:47.0754 3052 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:52:47.0755 3052 RasAcd - ok
23:52:47.0793 3052 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:52:47.0794 3052 RasAgileVpn - ok
23:52:47.0824 3052 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
23:52:47.0826 3052 RasAuto - ok
23:52:47.0838 3052 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:52:47.0839 3052 Rasl2tp - ok
23:52:47.0863 3052 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
23:52:47.0865 3052 RasMan - ok
23:52:47.0877 3052 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:52:47.0878 3052 RasPppoe - ok
23:52:47.0881 3052 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:52:47.0882 3052 RasSstp - ok
23:52:47.0913 3052 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:52:47.0914 3052 rdbss - ok
23:52:47.0917 3052 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:52:47.0918 3052 rdpbus - ok
23:52:47.0921 3052 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:52:47.0921 3052 RDPCDD - ok
23:52:47.0938 3052 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:52:47.0939 3052 RDPDR - ok
23:52:47.0964 3052 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:52:47.0964 3052 RDPENCDD - ok
23:52:47.0969 3052 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:52:47.0969 3052 RDPREFMP - ok
23:52:47.0981 3052 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:52:47.0982 3052 RdpVideoMiniport - ok
23:52:47.0987 3052 [ 244C83332F44589AE98FC347F11B2693 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:52:47.0988 3052 RDPWD - ok
23:52:48.0018 3052 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:52:48.0019 3052 rdyboost - ok
23:52:48.0035 3052 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
23:52:48.0036 3052 RemoteAccess - ok
23:52:48.0053 3052 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:52:48.0055 3052 RemoteRegistry - ok
23:52:48.0087 3052 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:52:48.0088 3052 RFCOMM - ok
23:52:48.0100 3052 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:52:48.0102 3052 RpcEptMapper - ok
23:52:48.0116 3052 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
23:52:48.0117 3052 RpcLocator - ok
23:52:48.0131 3052 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
23:52:48.0141 3052 RpcSs - ok
23:52:48.0170 3052 [ DD43EA076E55189792867E1EAEAB8E67 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
23:52:48.0171 3052 RSPCIESTOR - ok
23:52:48.0183 3052 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:52:48.0184 3052 rspndr - ok
23:52:48.0274 3052 [ 0EEF2352AF419B092362764949D50D70 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
23:52:48.0275 3052 RtkAudioService - ok
23:52:48.0307 3052 [ CFA5758F2A929CE24E16E1B2A5CA8C23 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
23:52:48.0309 3052 RTL8167 - ok
23:52:48.0350 3052 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:52:48.0352 3052 s3cap - ok
23:52:48.0370 3052 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
23:52:48.0372 3052 SamSs - ok
23:52:48.0411 3052 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:52:48.0412 3052 sbp2port - ok
23:52:48.0449 3052 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:52:48.0451 3052 SCardSvr - ok
23:52:48.0487 3052 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:52:48.0487 3052 scfilter - ok
23:52:48.0512 3052 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
23:52:48.0517 3052 Schedule - ok
23:52:48.0549 3052 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:52:48.0550 3052 SCPolicySvc - ok
23:52:48.0558 3052 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:52:48.0560 3052 SDRSVC - ok
23:52:48.0584 3052 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:52:48.0585 3052 secdrv - ok
23:52:48.0617 3052 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
23:52:48.0618 3052 seclogon - ok
23:52:48.0629 3052 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
23:52:48.0630 3052 SENS - ok
23:52:48.0641 3052 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:52:48.0643 3052 SensrSvc - ok
23:52:48.0658 3052 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:52:48.0658 3052 Serenum - ok
23:52:48.0662 3052 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
23:52:48.0662 3052 Serial - ok
23:52:48.0665 3052 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:52:48.0666 3052 sermouse - ok
23:52:48.0693 3052 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
23:52:48.0695 3052 SessionEnv - ok
23:52:48.0704 3052 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:52:48.0704 3052 sffdisk - ok
23:52:48.0720 3052 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:52:48.0721 3052 sffp_mmc - ok
23:52:48.0724 3052 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:52:48.0724 3052 sffp_sd - ok
23:52:48.0727 3052 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:52:48.0728 3052 sfloppy - ok
23:52:48.0743 3052 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:52:48.0745 3052 ShellHWDetection - ok
23:52:48.0788 3052 [ DF6A84DD19D3C0858D707B5E64938D60 ] Shockprf C:\Windows\system32\DRIVERS\Apsx86.sys
23:52:48.0789 3052 Shockprf - ok
23:52:48.0793 3052 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:52:48.0793 3052 sisagp - ok
23:52:48.0799 3052 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:52:48.0799 3052 SiSRaid2 - ok
23:52:48.0803 3052 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:52:48.0804 3052 SiSRaid4 - ok
23:52:48.0824 3052 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:52:48.0825 3052 Smb - ok
23:52:48.0899 3052 [ 9672E993C5F09BB15ADB757A8AF7765E ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
23:52:48.0908 3052 SmcService - ok
23:52:48.0931 3052 [ 229B0890AF1A54E2F57099542CD18642 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
23:52:48.0933 3052 SNAC - ok
23:52:48.0957 3052 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:52:48.0959 3052 SNMPTRAP - ok
23:52:49.0005 3052 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
23:52:49.0007 3052 SPBBCDrv - ok
23:52:49.0046 3052 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
23:52:49.0046 3052 spldr - ok
23:52:49.0080 3052 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
23:52:49.0083 3052 Spooler - ok
23:52:49.0140 3052 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
23:52:49.0157 3052 sppsvc - ok
23:52:49.0161 3052 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:52:49.0163 3052 sppuinotify - ok
23:52:49.0187 3052 [ 14389E87D0D2E25B12BF2CC74CFAEE07 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS
23:52:49.0189 3052 SRTSP - ok
23:52:49.0196 3052 [ AED0F68C185FE698A21CEFCD76F0B8A4 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS
23:52:49.0197 3052 SRTSPL - ok
23:52:49.0201 3052 [ 0E2CA6326726477FE29863808BBAD413 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS
23:52:49.0202 3052 SRTSPX - ok
23:52:49.0221 3052 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:52:49.0223 3052 srv - ok
23:52:49.0229 3052 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:52:49.0231 3052 srv2 - ok
23:52:49.0235 3052 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:52:49.0235 3052 srvnet - ok
23:52:49.0253 3052 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:52:49.0255 3052 SSDPSRV - ok
23:52:49.0259 3052 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:52:49.0261 3052 SstpSvc - ok
23:52:49.0272 3052 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:52:49.0272 3052 stexstor - ok
23:52:49.0307 3052 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
23:52:49.0311 3052 StiSvc - ok
23:52:49.0338 3052 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:52:49.0339 3052 storflt - ok
23:52:49.0346 3052 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
23:52:49.0348 3052 StorSvc - ok
23:52:49.0389 3052 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:52:49.0389 3052 storvsc - ok
23:52:49.0398 3052 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
23:52:49.0399 3052 swenum - ok
23:52:49.0428 3052 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
23:52:49.0431 3052 swprv - ok
23:52:49.0472 3052 [ 409EBED03F66E3941E33E412795E6C2C ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
23:52:49.0481 3052 Symantec AntiVirus - ok
23:52:49.0524 3052 [ AB33C3B196197CA467CBDDA717860DBA ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
23:52:49.0525 3052 SymEvent - ok
23:52:49.0549 3052 [ 394B2368212114D538316812AF60FDDD ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS
23:52:49.0549 3052 SYMREDRV - ok
23:52:49.0554 3052 [ D46676BB414C7531BDFFE637A33F5033 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS
23:52:49.0555 3052 SYMTDI - ok
23:52:49.0567 3052 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
23:52:49.0567 3052 Synth3dVsc - ok
23:52:49.0593 3052 [ 04990C25043705985F1EC40BF704AAAC ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
23:52:49.0594 3052 SynthVid - ok
23:52:49.0666 3052 [ 7E194E86BF306E07470A0AC56B41DE83 ] SynTP C:\Windows\system32\drivers\SynTP.sys
23:52:49.0673 3052 SynTP - ok
23:52:49.0715 3052 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
23:52:49.0723 3052 SysMain - ok
23:52:49.0733 3052 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:52:49.0735 3052 TabletInputService - ok
23:52:49.0747 3052 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
23:52:49.0749 3052 TapiSrv - ok
23:52:49.0753 3052 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
23:52:49.0755 3052 TBS - ok
23:52:49.0784 3052 [ 65D10B191C59C5501A1263FC33F6894B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:52:49.0791 3052 Tcpip - ok
23:52:49.0817 3052 [ 65D10B191C59C5501A1263FC33F6894B ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:52:49.0824 3052 TCPIP6 - ok
23:52:49.0846 3052 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:52:49.0847 3052 tcpipreg - ok
23:52:49.0860 3052 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:52:49.0861 3052 TDPIPE - ok
23:52:49.0864 3052 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:52:49.0864 3052 TDTCP - ok
23:52:49.0876 3052 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:52:49.0877 3052 tdx - ok
23:52:49.0881 3052 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:52:49.0881 3052 TermDD - ok
23:52:49.0899 3052 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
23:52:49.0899 3052 terminpt - ok
23:52:49.0929 3052 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
23:52:49.0933 3052 TermService - ok
23:52:49.0945 3052 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
23:52:49.0947 3052 Themes - ok
23:52:49.0971 3052 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
23:52:49.0972 3052 THREADORDER - ok
23:52:49.0978 3052 [ 50B570E4209F6D401893720FC8DDCE46 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM86.sys
23:52:49.0979 3052 TPDIGIMN - ok
23:52:49.0982 3052 [ 1F98A2433555DD854CB4E2EDC819DEB4 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG.exe
23:52:49.0984 3052 TPHDEXLGSVC - ok
23:52:49.0996 3052 [ 9CD364ECB3A10B24C7CAC8FF89993A67 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
23:52:49.0997 3052 TPHKLOAD - ok
23:52:50.0004 3052 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
23:52:50.0005 3052 TPHKSVC - ok
23:52:50.0049 3052 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
23:52:50.0050 3052 TPM - ok
23:52:50.0095 3052 [ C16EC6A5390904D3971179553852025B ] TPPWRIF C:\Windows\system32\drivers\Tppwr32v.sys
23:52:50.0095 3052 TPPWRIF - ok
23:52:50.0148 3052 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
23:52:50.0150 3052 TrkWks - ok
23:52:50.0200 3052 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:52:50.0201 3052 TrustedInstaller - ok
23:52:50.0214 3052 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:52:50.0214 3052 tssecsrv - ok
23:52:50.0218 3052 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:52:50.0218 3052 TsUsbFlt - ok
23:52:50.0222 3052 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:52:50.0222 3052 TsUsbGD - ok
23:52:50.0226 3052 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
23:52:50.0227 3052 tsusbhub - ok
23:52:50.0244 3052 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:52:50.0245 3052 tunnel - ok
23:52:50.0256 3052 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:52:50.0257 3052 uagp35 - ok
23:52:50.0274 3052 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:52:50.0275 3052 udfs - ok
23:52:50.0289 3052 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:52:50.0290 3052 UI0Detect - ok
23:52:50.0294 3052 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:52:50.0294 3052 uliagpkx - ok
23:52:50.0308 3052 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:52:50.0309 3052 umbus - ok
23:52:50.0322 3052 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
23:52:50.0322 3052 UmPass - ok
23:52:50.0349 3052 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
23:52:50.0352 3052 UmRdpService - ok
23:52:50.0378 3052 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
23:52:50.0380 3052 upnphost - ok
23:52:50.0418 3052 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
23:52:50.0418 3052 USBAAPL - ok
23:52:50.0428 3052 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:52:50.0429 3052 usbccgp - ok
23:52:50.0433 3052 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:52:50.0433 3052 usbcir - ok
23:52:50.0473 3052 [ EB52059F51189E99174040F6318236F8 ] USBDLM C:\Program Files\USBDLM\USBDLM.exe
23:52:50.0475 3052 USBDLM - ok
23:52:50.0489 3052 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:52:50.0489 3052 usbehci - ok
23:52:50.0506 3052 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\drivers\usbhub.sys
23:52:50.0508 3052 usbhub - ok
23:52:50.0517 3052 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:52:50.0518 3052 usbohci - ok
23:52:50.0532 3052 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:52:50.0533 3052 usbprint - ok
23:52:50.0547 3052 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:52:50.0547 3052 usbscan - ok
23:52:50.0561 3052 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:52:50.0562 3052 USBSTOR - ok
23:52:50.0593 3052 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:52:50.0593 3052 usbuhci - ok
23:52:50.0622 3052 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:52:50.0623 3052 usbvideo - ok
23:52:50.0643 3052 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
23:52:50.0645 3052 UxSms - ok
23:52:50.0654 3052 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
23:52:50.0655 3052 VaultSvc - ok
23:52:50.0667 3052 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:52:50.0667 3052 vdrvroot - ok
23:52:50.0684 3052 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
23:52:50.0688 3052 vds - ok
23:52:50.0697 3052 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:52:50.0697 3052 vga - ok
23:52:50.0711 3052 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:52:50.0712 3052 VgaSave - ok
23:52:50.0714 3052 VGPU - ok
23:52:50.0731 3052 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:52:50.0732 3052 vhdmp - ok
23:52:50.0744 3052 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:52:50.0744 3052 viaagp - ok
23:52:50.0748 3052 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:52:50.0748 3052 ViaC7 - ok
23:52:50.0751 3052 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
23:52:50.0752 3052 viaide - ok
23:52:50.0766 3052 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:52:50.0767 3052 vmbus - ok
23:52:50.0775 3052 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:52:50.0776 3052 VMBusHID - ok
23:52:50.0788 3052 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:52:50.0789 3052 volmgr - ok
23:52:50.0795 3052 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:52:50.0797 3052 volmgrx - ok
23:52:50.0802 3052 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:52:50.0804 3052 volsnap - ok
23:52:50.0825 3052 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:52:50.0826 3052 vsmraid - ok
23:52:50.0874 3052 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
23:52:50.0880 3052 VSS - ok
23:52:50.0892 3052 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:52:50.0892 3052 vwifibus - ok
23:52:50.0922 3052 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:52:50.0923 3052 vwififlt - ok
23:52:50.0934 3052 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:52:50.0935 3052 vwifimp - ok
23:52:50.0961 3052 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
23:52:50.0964 3052 W32Time - ok
23:52:50.0969 3052 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:52:50.0970 3052 WacomPen - ok
23:52:50.0980 3052 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:52:50.0981 3052 WANARP - ok
23:52:50.0984 3052 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:52:50.0984 3052 Wanarpv6 - ok
23:52:51.0045 3052 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:52:51.0052 3052 WatAdminSvc - ok
23:52:51.0082 3052 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
23:52:51.0090 3052 wbengine - ok
23:52:51.0098 3052 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:52:51.0101 3052 WbioSrvc - ok
23:52:51.0110 3052 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:52:51.0113 3052 wcncsvc - ok
23:52:51.0117 3052 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:52:51.0118 3052 WcsPlugInService - ok
23:52:51.0131 3052 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
23:52:51.0132 3052 Wd - ok
23:52:51.0152 3052 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:52:51.0155 3052 Wdf01000 - ok
23:52:51.0159 3052 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:52:51.0161 3052 WdiServiceHost - ok
23:52:51.0163 3052 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:52:51.0165 3052 WdiSystemHost - ok
23:52:51.0170 3052 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
23:52:51.0172 3052 WebClient - ok
23:52:51.0181 3052 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:52:51.0183 3052 Wecsvc - ok
23:52:51.0190 3052 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:52:51.0192 3052 wercplsupport - ok
23:52:51.0227 3052 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
23:52:51.0229 3052 WerSvc - ok
23:52:51.0254 3052 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:52:51.0254 3052 WfpLwf - ok
23:52:51.0267 3052 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:52:51.0267 3052 WIMMount - ok
23:52:51.0278 3052 WinHttpAutoProxySvc - ok
23:52:51.0309 3052 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:52:51.0310 3052 Winmgmt - ok
23:52:51.0341 3052 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
23:52:51.0349 3052 WinRM - ok
23:52:51.0378 3052 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:52:51.0378 3052 WinUsb - ok
23:52:51.0422 3052 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:52:51.0427 3052 Wlansvc - ok
23:52:51.0470 3052 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:52:51.0471 3052 wlcrasvc - ok
23:52:51.0546 3052 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:52:51.0555 3052 wlidsvc - ok
23:52:51.0571 3052 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:52:51.0571 3052 WmiAcpi - ok
23:52:51.0606 3052 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:52:51.0607 3052 wmiApSrv - ok
23:52:51.0656 3052 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:52:51.0662 3052 WMPNetworkSvc - ok
23:52:51.0681 3052 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:52:51.0683 3052 WPCSvc - ok
23:52:51.0695 3052 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:52:51.0697 3052 WPDBusEnum - ok
23:52:51.0721 3052 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:52:51.0721 3052 ws2ifsl - ok
23:52:51.0744 3052 WSearch - ok
23:52:51.0750 3052 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:52:51.0750 3052 WudfPf - ok
23:52:51.0784 3052 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:52:51.0785 3052 WUDFRd - ok
23:52:51.0815 3052 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:52:51.0817 3052 wudfsvc - ok
23:52:51.0837 3052 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:52:51.0839 3052 WwanSvc - ok
23:52:51.0897 3052 ================ Scan global ===============================
23:52:51.0917 3052 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
23:52:51.0932 3052 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:52:51.0937 3052 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:52:51.0961 3052 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:52:51.0984 3052 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:52:51.0987 3052 [Global] - ok
23:52:51.0987 3052 ================ Scan MBR ==================================
23:52:51.0998 3052 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:52:52.0378 3052 \Device\Harddisk0\DR0 - ok
23:52:52.0378 3052 ================ Scan VBR ==================================
23:52:52.0380 3052 [ 3CCA36C34D7031C4439E600C37312CE3 ] \Device\Harddisk0\DR0\Partition1
23:52:52.0381 3052 \Device\Harddisk0\DR0\Partition1 - ok
23:52:52.0418 3052 [ 71F5FB601154880AC1CC92513ECF7FEC ] \Device\Harddisk0\DR0\Partition2
23:52:52.0423 3052 \Device\Harddisk0\DR0\Partition2 - ok
23:52:52.0454 3052 [ B337C06E9E3F0A406478FAB4904BD0F3 ] \Device\Harddisk0\DR0\Partition3
23:52:52.0457 3052 \Device\Harddisk0\DR0\Partition3 - ok
23:52:52.0457 3052 ============================================================
23:52:52.0457 3052 Scan finished
23:52:52.0457 3052 ============================================================
23:52:52.0464 4060 Detected object count: 0
23:52:52.0464 4060 Actual detected object count: 0
23:52:57.0141 2172 Deinitialize success

#18 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 09:02 AM

Slow internet - this scan make take a while. :)

Should all this fix my firewall problem, not genuine windows message and wondering if the small padlocks that are on some of my folders will come off. Not sure if they were part of any of this or a security setting. I have only had this laptop for around 2 months :(

#19 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:18 AM

Posted 28 September 2012 - 09:04 AM

We will fix one by one :)

#20 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 09:07 AM

Thank you - you are very patient with me.
Half way through step 2 of 4 - downloading virus signature database

#21 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 09:29 AM

It is possible to let this scan run and post the results in the morning? It is 12.30am here and I have a nearly 2 year old who might get me up early tomorrow.
Will you be around at a similar time (or even earlier) tomorrow?

Have scanned 64000 so far.

#22 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:18 AM

Posted 28 September 2012 - 09:33 AM

No problem.I will reply once i get the log :thumbup2:

#23 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 09:36 AM

Thanks so much. Look forward to chatting later on today.
PS - Found 11 threats so far :(

#24 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 10:14 AM

I woke and found it finished.

C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0005.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmasco.Y trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0012.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0015.dta Win64/Olmasco.Z trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.09.2012_23.35.31\mbr0000\tdlfs0000\tsk0022.dta a variant of Win32/Olmarik.AYN trojan cleaned by deleting - quarantined
D:\Users\08500890\AppData\Local\Temp\jar_cache5306941628282477939.tmp Java/Exploit.CVE-2012-1723.CH trojan cleaned by deleting - quarantined
D:\Users\08500890\AppData\Local\Temp\jar_cache6629925413244623543.tmp Java/Exploit.CVE-2012-1723.CH trojan cleaned by deleting - quarantined
D:\Users\08500890\AppData\Local\Temp\jar_cache7917817128452454996.tmp Java/Exploit.CVE-2012-1723.CH trojan cleaned by deleting - quarantined
D:\Users\08500890\Desktop\!! OLD FILES PLEASE CHECK\My Documents\Downloads\clipartsample(2).exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
D:\Users\08500890\Desktop\!! OLD FILES PLEASE CHECK\My Documents\Downloads\clipartsample.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
D:\Users\08500890\Documents\Downloads\clipartsample(2).exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
D:\Users\08500890\Documents\Downloads\clipartsample.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
D:\Users\08500890\Documents\Downloads\SweetImSetup(1).exe a variant of Win32/SweetIM.B application cleaned by deleting - quarantined
D:\Users\08500890\Documents\Downloads\SweetImSetup.exe a variant of Win32/SweetIM.B application cleaned by deleting - quarantined
D:\Users\08500890\Downloads\free-fonts.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan


Back to sleep now :)

#25 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:18 AM

Posted 28 September 2012 - 10:16 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and after scan gets completed,post the generated log here.

NOTE: For vista and windows 7 right click on the tool and select run as administrator

#26 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 06:50 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.28.08

Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
08500890 :: R_ZAPPARONI_N01 [administrator]

29/09/2012 9:25:56 AM
mbam-log-2012-09-29 (09-25-56).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 430485
Time elapsed: 23 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bad: (C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\n.) Good: (fastprox.dll) -> Quarantined and repaired successfully.
HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bad: (C:\$Recycle.Bin\S-1-5-21-1139337951-225009129-3079324863-1354\$6105f427440da9dcd7fa43831fc41d12\n.) Good: (shell32.dll) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 11
C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\n (Trojan.0Access) -> Delete on reboot.
C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\00000004.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\000000cb.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\80000000.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\80000032.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1139337951-225009129-3079324863-1354\$6105f427440da9dcd7fa43831fc41d12\n (Trojan.0Access) -> Delete on reboot.
C:\ProgramData\Symantec\SRTSP\Quarantine\APQ8C07.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\ProgramData\Symantec\SRTSP\Quarantine\APQCF5E.tmp (Rootkit.Zaccess) -> Quarantined and deleted successfully.
D:\Users\08500890\iwujqkxoxdaifhnbvfvp.exe (RootKit.0Access.PE) -> Quarantined and deleted successfully.
D:\Users\08500890\jdyoluoouwwxyfipq.exe (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.

(end)

#27 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 06:54 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by 08500890 (administrator) on 29-09-2012 at 09:52:33
Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 10.148.56.19:800

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=disabled sourceroutingbehavior=drop
set subinterface interface=?,$ subinterface=ethernet_9 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : R_ZAPPARONI_N012
Primary Dns Suffix . . . . . . . : domain.albion-ps.wan
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.albion-ps.wan

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 8C-70-5A-28-13-A1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : 8C-70-5A-28-13-A0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9049:302a:775d:486e%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, 29 September 2012 9:06:49 AM
Lease Expires . . . . . . . . . . : Sunday, 30 September 2012 9:06:49 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 235932585
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-79-5D-C5-04-7D-7B-A9-ED-B6
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 04-7D-7B-A9-ED-B6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5C88E953-EDC4-4F8D-A62F-1828B9EC2761}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1397A06B-3A7F-4612-9656-A3F5A82B970E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{46F82A32-037B-40BA-A8D8-B32882E4B7B9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{94C6E7C5-237E-4621-9656-0F7F5B6B97D9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.237.103] with 32 bytes of data:
Reply from 74.125.237.103: bytes=32 time=499ms TTL=54
Reply from 74.125.237.103: bytes=32 time=496ms TTL=54

Ping statistics for 74.125.237.103:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 496ms, Maximum = 499ms, Average = 497ms

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=914ms TTL=46
Reply from 98.138.253.109: bytes=32 time=404ms TTL=45

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 404ms, Maximum = 914ms, Average = 659ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...8c 70 5a 28 13 a1 ......Microsoft Virtual WiFi Miniport Adapter
13...8c 70 5a 28 13 a0 ......Intel® Centrino® Advanced-N 6205
12...04 7d 7b a9 ed b6 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
11...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 281
192.168.1.100 255.255.255.255 On-link 192.168.1.100 281
192.168.1.255 255.255.255.255 On-link 192.168.1.100 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::9049:302a:775d:486e/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 D:\Windows\system32\napinsp.dll [File Not found] ()
Catalog5 03 D:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 04 D:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 D:\Windows\System32\winrnr.dll [File Not found] ()
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 D:\Windows\system32\wshbth.dll [File Not found] ()
Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()
Catalog9 32 mswsock.dll [File Not found] ()
Catalog9 33 mswsock.dll [File Not found] ()
Catalog9 34 mswsock.dll [File Not found] ()
Catalog9 35 mswsock.dll [File Not found] ()
Catalog9 36 mswsock.dll [File Not found] ()
Catalog9 37 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/28/2012 10:57:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/28/2012 10:48:58 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x00000000.

Error: (09/28/2012 10:48:57 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
0x8007043C

Error: (09/28/2012 10:48:16 PM) (Source: WinMgmt) (User: )
Description: 0x8007007e

Error: (09/28/2012 10:45:41 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\00000008.@ by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (09/28/2012 10:45:20 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Backdoor.Trojan in File: C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\80000032.@ by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (09/28/2012 10:45:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/28/2012 10:44:00 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Zeroaccess.B in File: C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\80000000.@ by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (09/28/2012 10:43:35 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\00000004.@ by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (09/28/2012 10:43:12 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Zeroaccess.C in File: C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\000000cb.@ by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.


System errors:
=============
Error: (09/29/2012 09:06:50 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (09/29/2012 06:48:34 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain DOMAIN due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (09/29/2012 02:48:34 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain DOMAIN due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (09/29/2012 00:01:02 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/28/2012 10:49:09 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (09/28/2012 10:49:07 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/28/2012 10:49:06 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/28/2012 10:49:05 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/28/2012 10:48:59 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/28/2012 10:48:14 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
discache
eeCtrl
lenovo.smi
SPBBCDrv
spldr
SRTSP
SRTSPX
SYMTDI
TPPWRIF
Wanarpv6


Microsoft Office Sessions:
=========================
Error: (09/28/2012 10:57:16 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"D:\Users\08500890\Downloads\install_flash_player_64bit.exe

Error: (09/28/2012 10:48:58 PM) (Source: Winlogon)(User: )
Description: 0x000000000x00000001

Error: (09/28/2012 10:48:57 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8007043C

Error: (09/28/2012 10:48:16 PM) (Source: WinMgmt)(User: )
Description: 0x8007007e

Error: (09/28/2012 10:45:41 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\00000008.@ by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (09/28/2012 10:45:20 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Backdoor.Trojan in File: C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\80000032.@ by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (09/28/2012 10:45:03 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"D:\Users\08500890\Downloads\install_flash_player_64bit.exe

Error: (09/28/2012 10:44:00 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Zeroaccess.B in File: C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\80000000.@ by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (09/28/2012 10:43:35 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\00000004.@ by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (09/28/2012 10:43:12 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Zeroaccess.C in File: C:\$Recycle.Bin\S-1-5-18\$6105f427440da9dcd7fa43831fc41d12\U\000000cb.@ by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.


=========================== Installed Programs ============================

32 Bit HP BiDi Channel Components Installer (Version: 1.1.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Flash Player 9 ActiveX (Version: 9)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Audacity (Version: 1.3.12)
Blender (Version: 2.62-release)
Bonjour (Version: 3.0.0.10)
Broadcom InConcert Maestro (Version: 1.0.1.910)
CDBurnerXP (Version: 4.4.0.2971)
Chemistry Add-in for Word (Version: 1.0.0)
CutePDF Writer (Version: 2.8)
D3DX10 (Version: 15.4.2368.0902)
Debut Video Capture Software (Version: 1.49)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Flick (Version: 1.3.0.7)
eduSTAR Customisations v1.1 (Version: 1.1.0)
eduSTAR ICT Security Standard v1.0 (Version: 1.0)
eduSTAR Primary Background v1.0 (Version: 1.0)
eduSTAR Shortcuts Primary v1.1 (Version: 1.1)
eduSTAR Student Navigator (Version: 1.1.0)
eduSTAR Sysprep v1.0 (Version: 1.0)
eduSTAR Tutorials 2010 (Version: 1.0)
ESET Online Scanner v3
FormatFactory 2.90 (Version: 2.90)
FreeCAD 0.12 (Version: 0.12.5284)
FreeMind (Version: 0.9.0)
Game Maker (Version: 8.0)
GCompris Uninstall
Genius Maker Free Edition (Version: 3)
GeoGebra (Version: 4.0.24.0)
Google Chrome (Version: 21.0.1180.89)
Google SketchUp 8 (Version: 3.0.11752)
HandBrake 0.9.6 (Version: 0.9.6)
Inkscape 0.48.2 (Version: 0.48.2)
InkSeine (Version: 1.2.1720)
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 10.6.3.25)
Java™ 6 Update 31 (Version: 6.0.310)
Kahootz 3 (Version: 1.1.1)
Kahootz v2 (Version: 2.0.5)
Learning Content Development System (Version: 02.08.00.0123)
Learning Essentials for Microsoft Office (Version: 2.0)
LEGO Digital Designer
Lenovo Auto Scroll Utility (Version: 1.11)
Lenovo Patch Utility (Version: 1.00.0000)
Lenovo Patch Utility (Version: 1.3.0.007)
Lenovo System Interface Driver (Version: 1.05)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.102)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mathematica Extras 8.0 (2609412) (Version: 8.0.4)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Conferencing Add-in for Microsoft Office Outlook (Version: 8.0.6362.0)
Microsoft Expression Web 3 (Version: 3.0.3813.0)
Microsoft Expression Web 3 SP1
Microsoft Interactive Classroom (Version: 2.0.040810.00)
Microsoft Math (Version: 2007)
Microsoft Math Worksheet Generator (Version: 1.0.0.0)
Microsoft Mathematics (Version: 4.0)
Microsoft Mouse Mischief (Version: 1.0.1443.0)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Communicator 2007 R2 (Version: 3.5.6907.244)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.91)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Project MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Project Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Project 2010 Service Pack 1 (SP1)
Microsoft Project Professional 2010 (Version: 14.0.6029.1000)
Microsoft Research AutoCollage 2008 Academic Edition (Version: 1.01.2008)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Silverlight PivotViewer (Version: 1.0.6079.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Student with Encarta Premium 2009 (Version: 2009)
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Premium 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MonkeyJam (Version: 3.05.0529)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
Nvu (Version: 1.0.0)
On Screen Display (Version: 6.60.03)
Paint.NET v3.5.10 (Version: 3.60.0)
Pencil (Version: 0.4.4)
Photo Story 3 for Windows (Version: 3.0.1115.11)
Picasa 3 (Version: 3.8)
Pivot Stickfigure Animator 2.2.6 (Version: 2.2.6)
pptPlex from Microsoft Office Labs (Version: 1.1.3.4)
Python 2.6 pygame-1.9.1 (Version: 1.9.1)
Python 2.6.5 (Version: 2.6.5150)
QuickTime (Version: 7.71.80.42)
RapidTyping (Version: 4.5)
Ray's Letters and Numbers (Version: 2.2)
Realtek High Definition Audio Driver (Version: 6.0.1.6418)
Scratch (Version: 1.4.0.0)
ScreenMarker (Version: 1.0.1.1)
Softronics MicroSoft Windows Logo 6.05 (Version: 6.05)
Songsmith (Academic Edition) (Version: 08.12.1001)
Stellarium 0.11.2
swMSM (Version: 12.0.0.1)
Symantec Endpoint Protection (Version: 11.0.7000.975)
Synaptics Pointing Device Driver (Version: 15.3.16.1)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.4.0.910)
ThinkPad FullScreen Magnifier (Version: 2.40)
ThinkPad Power Management Driver (Version: 1.62.00.00)
ThinkPad Power Manager (Version: 3.66)
ThinkVantage Active Protection System (Version: 1.74)
ThinkVantage Communications Utility (Version: 2.09)
Tux Math Scrabble 0.7.2 (Version: 0.7.2)
Tux of Math Command (remove only)
Tux Paint (Version: 0.9.21)
Tux Typing (Version: 1.8.1)
Tux Word Smith 0.7.9 (Version: 0.7.9)
TuxGuitar (Version: 1.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
USB Drive Letter Manager (Win32) (Version: 4.7.0.0)
VirtualDub 1.9.11 (Version: 1.9.11)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
VLC media player 2.0.1 (Version: 2.0.1)
Wax (Version: 2.0)
Win7codecs (Version: 3.5.6)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
Wolfram CDF Player (M-WIN-D 8.0.4 2609533) (Version: 8.0.4)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 3176.46 MB
Available physical RAM: 1795.91 MB
Total Pagefile: 6351.2 MB
Available Pagefile: 5192.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.68 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:50 GB) (Free:13.81 GB) NTFS
2 Drive d: () (Fixed) (Total:385.76 GB) (Free:346.08 GB) NTFS
3 Drive e: () (Fixed) (Total:29.99 GB) (Free:29.89 GB) NTFS

========================= Users: ========================================

User accounts for \\R_ZAPPARONI_N01

Administrator ASPNET Guest

========================= Restore Points ==================================

Could not list Restore Points.

**** End of log ****

#28 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 06:56 PM

Farbar Service Scanner Version: 19-09-2012
Ran by 08500890 (administrator) on 29-09-2012 at 09:56:01
Running from "D:\Users\08500890\Desktop\Virus stuff"
Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit

ATTENTION!=====> D:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#29 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 07:06 PM

It made me restart my computer before giving me this report. (I couldn't do anything else - hope this hasn't mucked up anything that we have already done)

# AdwCleaner v2.003 - Logfile created 09/29/2012 at 10:02:21
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Enterprise Service Pack 1 (32 bits)
# User : 08500890 - R_ZAPPARONI_N01
# Boot Mode : Normal
# Running from : D:\Users\08500890\Desktop\Virus stuff\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : D:\Users\08500890\AppData\Roaming\Mozilla\Firefox\Profiles\z6p6ukza.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : D:\Users\08500890\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2171 octets] - [29/09/2012 09:57:35]
AdwCleaner[S1].txt - [2442 octets] - [29/09/2012 09:57:55]
AdwCleaner[S2].txt - [1051 octets] - [29/09/2012 10:02:21]

########## EOF - D:\AdwCleaner[S2].txt - [1111 octets] ##########

#30 Beczappa

Beczappa
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 September 2012 - 07:13 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.2 (09.28.2012)
OS: Windows 7 Enterprise x86
Ran by 08500890 on 29/09/2012 at 10:13:16.29
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on 29/09/2012 at 10:13:17.66
End of Report




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users