Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus to Beesq.net


  • Please log in to reply
14 replies to this topic

#1 rancho

rancho

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 27 November 2012 - 03:08 AM

Hi, my PC is running Windows 7 Pro running IE 9.0.8112 and everytime I search for something in google (via toolbar search), the links will redirect me to a website called beesq.net. I tried running tdsskiller, Hitmanpro, malwarebytes, and ccleaner none of which found the virus or maybe it worked briefly before the problem resurfaced pretty quickly again after a few searches. Same thing happens with both IE and Firefox, I uninstalled Firefox.

Please help! Thanks!

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:54 AM

Posted 27 November 2012 - 05:48 PM

Hello,

I will be helping you with your problems

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download Rkill by Grinler from Link 1 and save it to your desktop.

Link 1
Link 2 (renamed Rkill)

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If that does not work: delete the file, then download and use the one provided in Link 2 above.
  • If that does not work: repeat the process and attempt to use one of the remaining links under RKill download links here until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.

[*]Please post the log created by rkill in your next reply.


:step2:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

NOTE: If asked to restart the computer, please do so. Then you will need to run rkill again - if applicable please also post the log for this second run of rkill

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

:step3:

How is your computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 rancho

rancho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 28 November 2012 - 04:29 PM

Hi, thanks very much for working on my case.

1. I did both steps 1 and 2 described above. Rkill and malwarebytes both ran and neither program asked to reboot the computer. The 2 logs are pasted below.
2. I did a few searches on bing and google and the links worked fine. The redirect problem seems like it has gone away.
3. I have not rebooted my computer yet.



Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/28/2012 11:12:40 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Services.exe (PID: 2768) [SFI]
* C:\Program Files (x86)\Iron Mountain\Connected BackupPC\Agent.exe (PID: 1252) [Mal-GEN]

2 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\AndyQ\Desktop\rkill\rkill-11-28-2012-11-13-04.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Security Center (wscsvc) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/28/2012 11:13:16 AM
Execution time: 0 hours(s), 0 minute(s), and 36 seconds(s)





Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.28.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
AndyQ :: ANDYQ-THINKX220 [administrator]

11/28/2012 11:19:22 AM
mbam-log-2012-11-28 (11-19-22).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 381949
Time elapsed: 1 hour(s), 28 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:54 AM

Posted 28 November 2012 - 07:53 PM

Hi I will be away for upto 7 days. I'll be asking for a colleague to take over this topic.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 rancho

rancho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 29 November 2012 - 01:30 PM

OK Thanks.

I still need help because this morning I had to reboot the computer and when I used google search in IE, the redirect virus was back. The links that I click send me to the wrong websites.

#6 rancho

rancho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 29 November 2012 - 07:14 PM

A little bit more information, I don't know if this helps or changes anything:

I ran Rkill again (log posted below, no issues were found) and did not reboot. When I used google via IE there's no problems. However, if I open up a completely new IE window (keeping the first window open), then the redirect virus starts working again on the second IE window but not the first.



Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/29/2012 03:57:11 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/29/2012 03:57:21 PM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:54 PM

Posted 01 December 2012 - 03:32 AM

Hello,
Because dev00790 is away this week I'll work with you from here.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 rancho

rancho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 01 December 2012 - 06:25 PM

Hi thanks for taking over my case.

I ran TDSKiller.exe like you instructed (I used right click run as administrator). Nothing was detected and I posted the log below. Strangely, today the computer seems to be working normally, specifically there are no more redirects via google search links. I have not done anything different since my last post (except for rebooting). However, I do have Sophos anti-virus installed and it gets automatic updates.




Log:
14:29:47.0087 3196 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:29:47.0618 3196 ============================================================
14:29:47.0618 3196 Current date / time: 2012/12/01 14:29:47.0618
14:29:47.0618 3196 SystemInfo:
14:29:47.0618 3196
14:29:47.0618 3196 OS Version: 6.1.7601 ServicePack: 1.0
14:29:47.0618 3196 Product type: Workstation
14:29:47.0618 3196 ComputerName: ANDYQ-THINKX220
14:29:47.0618 3196 UserName: AndyQ
14:29:47.0618 3196 Windows directory: C:\Windows
14:29:47.0618 3196 System windows directory: C:\Windows
14:29:47.0618 3196 Running under WOW64
14:29:47.0618 3196 Processor architecture: Intel x64
14:29:47.0618 3196 Number of processors: 4
14:29:47.0618 3196 Page size: 0x1000
14:29:47.0618 3196 Boot type: Normal boot
14:29:47.0618 3196 ============================================================
14:29:48.0211 3196 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:29:48.0211 3196 ============================================================
14:29:48.0211 3196 \Device\Harddisk0\DR0:
14:29:48.0211 3196 MBR partitions:
14:29:48.0211 3196 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
14:29:48.0211 3196 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x23E4D7F8
14:29:48.0211 3196 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000
14:29:48.0211 3196 ============================================================
14:29:48.0242 3196 C: <-> \Device\Harddisk0\DR0\Partition2
14:29:48.0289 3196 Q: <-> \Device\Harddisk0\DR0\Partition3
14:29:48.0289 3196 ============================================================
14:29:48.0289 3196 Initialize success
14:29:48.0289 3196 ============================================================
14:29:51.0159 1780 ============================================================
14:29:51.0159 1780 Scan started
14:29:51.0159 1780 Mode: Manual;
14:29:51.0159 1780 ============================================================
14:29:53.0062 1780 ================ Scan system memory ========================
14:29:53.0062 1780 System memory - ok
14:29:53.0062 1780 ================ Scan services =============================
14:29:53.0296 1780 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:29:53.0312 1780 1394ohci - ok
14:29:53.0359 1780 [ 6FC47AA89B4ABD3E2F8766E55A52E426 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
14:29:53.0374 1780 5U877 - ok
14:29:53.0452 1780 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:29:53.0468 1780 ACPI - ok
14:29:53.0515 1780 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:29:53.0530 1780 AcpiPmi - ok
14:29:53.0686 1780 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:29:53.0717 1780 AdobeARMservice - ok
14:29:53.0858 1780 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:29:53.0889 1780 AdobeFlashPlayerUpdateSvc - ok
14:29:53.0936 1780 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:29:53.0951 1780 adp94xx - ok
14:29:53.0983 1780 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:29:53.0983 1780 adpahci - ok
14:29:53.0998 1780 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:29:54.0014 1780 adpu320 - ok
14:29:54.0029 1780 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:29:54.0045 1780 AeLookupSvc - ok
14:29:54.0092 1780 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:29:54.0092 1780 AFD - ok
14:29:54.0279 1780 [ 6196355C8D37DD3ED8D2D1396AC9ABDA ] AgentService C:\Program Files (x86)\Iron Mountain\Connected BackupPC\AgentService.exe
14:29:55.0948 1780 AgentService - ok
14:29:56.0011 1780 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:29:56.0011 1780 agp440 - ok
14:29:56.0042 1780 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:29:56.0057 1780 ALG - ok
14:29:56.0073 1780 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:29:56.0089 1780 aliide - ok
14:29:56.0089 1780 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:29:56.0104 1780 amdide - ok
14:29:56.0135 1780 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:29:56.0135 1780 AmdK8 - ok
14:29:56.0151 1780 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:29:56.0167 1780 AmdPPM - ok
14:29:56.0213 1780 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:29:56.0213 1780 amdsata - ok
14:29:56.0229 1780 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:29:56.0245 1780 amdsbs - ok
14:29:56.0245 1780 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:29:56.0260 1780 amdxata - ok
14:29:56.0307 1780 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:29:56.0323 1780 AppID - ok
14:29:56.0338 1780 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:29:56.0338 1780 AppIDSvc - ok
14:29:56.0385 1780 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:29:56.0401 1780 Appinfo - ok
14:29:56.0510 1780 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:29:56.0525 1780 Apple Mobile Device - ok
14:29:56.0557 1780 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:29:56.0557 1780 AppMgmt - ok
14:29:56.0588 1780 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:29:56.0588 1780 arc - ok
14:29:56.0603 1780 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:29:56.0603 1780 arcsas - ok
14:29:56.0666 1780 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:29:56.0666 1780 aswFsBlk - ok
14:29:56.0728 1780 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:29:56.0728 1780 aswMonFlt - ok
14:29:56.0744 1780 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
14:29:56.0759 1780 aswRdr - ok
14:29:56.0791 1780 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:29:56.0806 1780 aswSnx - ok
14:29:56.0837 1780 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:29:56.0853 1780 aswSP - ok
14:29:56.0884 1780 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:29:56.0884 1780 aswTdi - ok
14:29:56.0931 1780 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:29:56.0931 1780 AsyncMac - ok
14:29:56.0978 1780 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:29:56.0993 1780 atapi - ok
14:29:57.0056 1780 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:29:57.0087 1780 AudioEndpointBuilder - ok
14:29:57.0087 1780 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:29:57.0087 1780 AudioSrv - ok
14:29:57.0227 1780 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:29:57.0259 1780 avast! Antivirus - ok
14:29:57.0321 1780 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:29:57.0321 1780 AxInstSV - ok
14:29:57.0352 1780 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:29:57.0368 1780 b06bdrv - ok
14:29:57.0415 1780 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:29:57.0415 1780 b57nd60a - ok
14:29:57.0461 1780 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:29:57.0461 1780 BDESVC - ok
14:29:57.0493 1780 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:29:57.0493 1780 Beep - ok
14:29:57.0602 1780 [ 1B32C3C06F9E1C953865414767C5AD27 ] BESClient C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe
14:29:57.0883 1780 BESClient - ok
14:29:57.0945 1780 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:29:57.0961 1780 BFE - ok
14:29:58.0023 1780 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:29:58.0054 1780 BITS - ok
14:29:58.0070 1780 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:29:58.0085 1780 blbdrive - ok
14:29:58.0148 1780 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:29:58.0195 1780 Bonjour Service - ok
14:29:58.0257 1780 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:29:58.0257 1780 bowser - ok
14:29:58.0288 1780 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:29:58.0288 1780 BrFiltLo - ok
14:29:58.0304 1780 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:29:58.0319 1780 BrFiltUp - ok
14:29:58.0366 1780 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:29:58.0382 1780 Browser - ok
14:29:58.0413 1780 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:29:58.0413 1780 Brserid - ok
14:29:58.0429 1780 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:29:58.0444 1780 BrSerWdm - ok
14:29:58.0460 1780 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:29:58.0475 1780 BrUsbMdm - ok
14:29:58.0491 1780 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:29:58.0491 1780 BrUsbSer - ok
14:29:58.0553 1780 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:29:58.0553 1780 BthEnum - ok
14:29:58.0569 1780 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:29:58.0585 1780 BTHMODEM - ok
14:29:58.0631 1780 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:29:58.0647 1780 BthPan - ok
14:29:58.0663 1780 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:29:58.0678 1780 BTHPORT - ok
14:29:58.0709 1780 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:29:58.0709 1780 bthserv - ok
14:29:58.0756 1780 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:29:58.0772 1780 BTHUSB - ok
14:29:58.0803 1780 [ 8834F87A6A745872894DF8223201A6C3 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
14:29:58.0819 1780 BTWAMPFL - ok
14:29:58.0834 1780 [ 9863D82ECBEC6106D377ED73680D99D8 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:29:58.0834 1780 btwaudio - ok
14:29:58.0850 1780 [ 3432DD66AE75AB2DE6D0527AD78DBFC7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
14:29:58.0850 1780 btwavdt - ok
14:29:58.0897 1780 [ EB4AFE08FB39BB444F221D7D501E0915 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
14:29:58.0928 1780 btwdins - ok
14:29:58.0943 1780 [ 382DC5A631CED0462EA09B7EB898BDBF ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:29:58.0959 1780 btwl2cap - ok
14:29:58.0959 1780 [ 13A9C2CEDD44C175E6CA39A536795CA6 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:29:58.0975 1780 btwrchid - ok
14:29:59.0006 1780 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:29:59.0006 1780 cdfs - ok
14:29:59.0053 1780 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:29:59.0068 1780 cdrom - ok
14:29:59.0131 1780 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:29:59.0131 1780 CertPropSvc - ok
14:29:59.0162 1780 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:29:59.0162 1780 circlass - ok
14:29:59.0193 1780 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:29:59.0209 1780 CLFS - ok
14:29:59.0255 1780 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:29:59.0287 1780 clr_optimization_v2.0.50727_32 - ok
14:29:59.0318 1780 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:29:59.0333 1780 clr_optimization_v2.0.50727_64 - ok
14:29:59.0411 1780 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:29:59.0489 1780 clr_optimization_v4.0.30319_32 - ok
14:29:59.0505 1780 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:29:59.0521 1780 clr_optimization_v4.0.30319_64 - ok
14:29:59.0536 1780 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:29:59.0552 1780 CmBatt - ok
14:29:59.0567 1780 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:29:59.0583 1780 cmdide - ok
14:29:59.0630 1780 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:29:59.0645 1780 CNG - ok
14:29:59.0692 1780 [ D01E9A7C1A51D5CEFAE45CDB9A3F7EDC ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:29:59.0723 1780 CnxtHdAudService - ok
14:29:59.0739 1780 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:29:59.0739 1780 Compbatt - ok
14:29:59.0801 1780 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:29:59.0801 1780 CompositeBus - ok
14:29:59.0817 1780 COMSysApp - ok
14:29:59.0848 1780 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:29:59.0848 1780 crcdisk - ok
14:29:59.0895 1780 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:29:59.0911 1780 CryptSvc - ok
14:29:59.0957 1780 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:29:59.0973 1780 CSC - ok
14:29:59.0989 1780 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:30:00.0004 1780 CscService - ok
14:30:00.0051 1780 [ BF62FF663AE55E4ED99DE76881C2C0F1 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
14:30:00.0051 1780 ctxusbm - ok
14:30:00.0082 1780 [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
14:30:00.0098 1780 CVirtA - ok
14:30:00.0160 1780 [ 66257CB4E4FB69887CDDC71663741435 ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
14:30:00.0285 1780 CVPND - ok
14:30:00.0301 1780 [ CC8E52DAA9826064BA464DBE531F2BB5 ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
14:30:00.0301 1780 CVPNDRVA - ok
14:30:00.0332 1780 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
14:30:00.0347 1780 CxAudMsg - ok
14:30:00.0410 1780 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:30:00.0410 1780 DcomLaunch - ok
14:30:00.0425 1780 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:30:00.0457 1780 defragsvc - ok
14:30:00.0503 1780 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:30:00.0519 1780 DfsC - ok
14:30:00.0566 1780 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:30:00.0581 1780 Dhcp - ok
14:30:00.0597 1780 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:30:00.0597 1780 discache - ok
14:30:00.0628 1780 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:30:00.0644 1780 Disk - ok
14:30:00.0675 1780 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
14:30:00.0691 1780 DNE - ok
14:30:00.0722 1780 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:30:00.0737 1780 Dnscache - ok
14:30:00.0769 1780 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:30:00.0784 1780 dot3svc - ok
14:30:00.0893 1780 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
14:30:00.0925 1780 DozeSvc - ok
14:30:00.0956 1780 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:30:00.0971 1780 DPS - ok
14:30:00.0987 1780 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:30:01.0003 1780 drmkaud - ok
14:30:01.0049 1780 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:30:01.0065 1780 DXGKrnl - ok
14:30:01.0096 1780 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
14:30:01.0112 1780 DzHDD64 - ok
14:30:01.0127 1780 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
14:30:01.0143 1780 e1cexpress - ok
14:30:01.0159 1780 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:30:01.0174 1780 EapHost - ok
14:30:01.0252 1780 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:30:01.0283 1780 ebdrv - ok
14:30:01.0346 1780 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:30:01.0361 1780 EFS - ok
14:30:01.0408 1780 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:30:01.0424 1780 ehRecvr - ok
14:30:01.0439 1780 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:30:01.0439 1780 ehSched - ok
14:30:01.0486 1780 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:30:01.0502 1780 elxstor - ok
14:30:01.0549 1780 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:30:01.0549 1780 ErrDev - ok
14:30:01.0580 1780 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:30:01.0595 1780 EventSystem - ok
14:30:01.0658 1780 [ F8F610093E1D7FDFA477FC34D15D5C60 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:30:01.0689 1780 EvtEng - ok
14:30:01.0705 1780 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:30:01.0720 1780 exfat - ok
14:30:01.0720 1780 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:30:01.0736 1780 fastfat - ok
14:30:01.0783 1780 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:30:01.0798 1780 Fax - ok
14:30:01.0845 1780 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:30:01.0861 1780 fdc - ok
14:30:01.0892 1780 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:30:01.0907 1780 fdPHost - ok
14:30:01.0939 1780 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:30:01.0939 1780 FDResPub - ok
14:30:02.0001 1780 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:30:02.0017 1780 FileInfo - ok
14:30:02.0032 1780 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:30:02.0048 1780 Filetrace - ok
14:30:02.0110 1780 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:30:02.0110 1780 flpydisk - ok
14:30:02.0141 1780 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:30:02.0157 1780 FltMgr - ok
14:30:02.0204 1780 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:30:02.0219 1780 FontCache - ok
14:30:02.0282 1780 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:30:02.0313 1780 FontCache3.0.0.0 - ok
14:30:02.0329 1780 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:30:02.0344 1780 FsDepends - ok
14:30:02.0391 1780 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:30:02.0407 1780 Fs_Rec - ok
14:30:02.0453 1780 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:30:02.0469 1780 fvevol - ok
14:30:02.0485 1780 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:30:02.0500 1780 gagp30kx - ok
14:30:02.0531 1780 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:30:02.0547 1780 GEARAspiWDM - ok
14:30:02.0609 1780 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:30:02.0625 1780 gpsvc - ok
14:30:02.0641 1780 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:30:02.0641 1780 hcw85cir - ok
14:30:02.0703 1780 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:30:02.0719 1780 HdAudAddService - ok
14:30:02.0750 1780 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:30:02.0750 1780 HDAudBus - ok
14:30:02.0781 1780 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:30:02.0781 1780 HidBatt - ok
14:30:02.0797 1780 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:30:02.0797 1780 HidBth - ok
14:30:02.0828 1780 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:30:02.0828 1780 HidIr - ok
14:30:02.0859 1780 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:30:02.0859 1780 hidserv - ok
14:30:02.0906 1780 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:30:02.0921 1780 HidUsb - ok
14:30:02.0968 1780 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:30:02.0999 1780 hkmsvc - ok
14:30:03.0046 1780 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:30:03.0062 1780 HomeGroupListener - ok
14:30:03.0109 1780 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:30:03.0124 1780 HomeGroupProvider - ok
14:30:03.0140 1780 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:30:03.0155 1780 HpSAMD - ok
14:30:03.0218 1780 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:30:03.0233 1780 HTTP - ok
14:30:03.0265 1780 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:30:03.0280 1780 hwpolicy - ok
14:30:03.0343 1780 [ 9149907FF8681AD6475607EEBF62DD2F ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
14:30:03.0358 1780 HyperW7Svc - ok
14:30:03.0405 1780 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:30:03.0405 1780 i8042prt - ok
14:30:03.0436 1780 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:30:03.0436 1780 iaStor - ok
14:30:03.0467 1780 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:30:03.0483 1780 iaStorV - ok
14:30:03.0499 1780 [ A9BD44426A69079240767FE4AEE0EA71 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
14:30:03.0514 1780 IBMPMDRV - ok
14:30:03.0514 1780 [ 57D4A3ED5497DB0C5A53E680A9BDD1C6 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
14:30:03.0530 1780 IBMPMSVC - ok
14:30:03.0592 1780 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:30:03.0655 1780 idsvc - ok
14:30:03.0873 1780 [ 66DC0CE2D1867B8178EAA0E11930DBD7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:30:04.0060 1780 igfx - ok
14:30:04.0138 1780 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:30:04.0138 1780 iirsp - ok
14:30:04.0201 1780 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:30:04.0216 1780 IKEEXT - ok
14:30:04.0247 1780 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:30:04.0263 1780 IntcDAud - ok
14:30:04.0310 1780 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:30:04.0325 1780 intelide - ok
14:30:04.0357 1780 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:30:04.0357 1780 intelppm - ok
14:30:04.0403 1780 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:30:04.0419 1780 IPBusEnum - ok
14:30:04.0466 1780 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:30:04.0466 1780 IpFilterDriver - ok
14:30:04.0528 1780 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:30:04.0544 1780 iphlpsvc - ok
14:30:04.0591 1780 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:30:04.0606 1780 IPMIDRV - ok
14:30:04.0622 1780 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:30:04.0637 1780 IPNAT - ok
14:30:04.0715 1780 [ 4472C8825B5E41D8697D5962F47AB1C9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:30:04.0731 1780 iPod Service - ok
14:30:04.0762 1780 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:30:04.0762 1780 IRENUM - ok
14:30:04.0809 1780 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:30:04.0825 1780 isapnp - ok
14:30:04.0825 1780 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:30:04.0840 1780 iScsiPrt - ok
14:30:04.0887 1780 [ 3B794CA0DE73790420DEBA3C759F1502 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
14:30:04.0918 1780 jhi_service - ok
14:30:04.0965 1780 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:30:04.0981 1780 kbdclass - ok
14:30:05.0012 1780 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:30:05.0027 1780 kbdhid - ok
14:30:05.0043 1780 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:30:05.0043 1780 KeyIso - ok
14:30:05.0090 1780 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:30:05.0105 1780 KSecDD - ok
14:30:05.0152 1780 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:30:05.0152 1780 KSecPkg - ok
14:30:05.0168 1780 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:30:05.0183 1780 ksthunk - ok
14:30:05.0215 1780 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:30:05.0230 1780 KtmRm - ok
14:30:05.0293 1780 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:30:05.0308 1780 LanmanServer - ok
14:30:05.0355 1780 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:30:05.0371 1780 LanmanWorkstation - ok
14:30:05.0402 1780 [ 094AA6ADBB4A5BE48F8426B628D938DC ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
14:30:05.0417 1780 LENOVO.CAMMUTE - ok
14:30:05.0433 1780 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
14:30:05.0449 1780 lenovo.smi - ok
14:30:05.0449 1780 [ 7F56266131AADAF019DC2F5540ECC284 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
14:30:05.0464 1780 LENOVO.TPKNRSVC - ok
14:30:05.0480 1780 [ 6F2CC57EB5836D2AC9BD37F3554D55F8 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
14:30:05.0480 1780 Lenovo.VIRTSCRLSVC - ok
14:30:05.0527 1780 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:30:05.0527 1780 lltdio - ok
14:30:05.0558 1780 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:30:05.0589 1780 lltdsvc - ok
14:30:05.0605 1780 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:30:05.0620 1780 lmhosts - ok
14:30:05.0651 1780 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:30:05.0745 1780 LMS - ok
14:30:05.0761 1780 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:30:05.0761 1780 LSI_FC - ok
14:30:05.0792 1780 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:30:05.0807 1780 LSI_SAS - ok
14:30:05.0823 1780 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:30:05.0839 1780 LSI_SAS2 - ok
14:30:05.0870 1780 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:30:05.0885 1780 LSI_SCSI - ok
14:30:05.0917 1780 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:30:05.0932 1780 luafv - ok
14:30:06.0010 1780 [ 1D12D4D0ABC5BB00A5E8FEB9A9601731 ] LV_Tracker C:\Windows\system32\DRIVERS\LV_Tracker64.sys
14:30:06.0010 1780 LV_Tracker - ok
14:30:06.0135 1780 [ C2F3BBA0760AB9DD33BCC60A663A108C ] Matrox.Pdesk3.ServicesHost C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Services.exe
14:30:06.0166 1780 Matrox.Pdesk3.ServicesHost - ok
14:30:06.0213 1780 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:30:06.0244 1780 Mcx2Svc - ok
14:30:06.0260 1780 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:30:06.0275 1780 megasas - ok
14:30:06.0291 1780 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:30:06.0291 1780 MegaSR - ok
14:30:06.0322 1780 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:30:06.0322 1780 MEIx64 - ok
14:30:06.0400 1780 Microsoft SharePoint Workspace Audit Service - ok
14:30:06.0416 1780 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:30:06.0431 1780 MMCSS - ok
14:30:06.0447 1780 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:30:06.0463 1780 Modem - ok
14:30:06.0509 1780 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:30:06.0525 1780 monitor - ok
14:30:06.0541 1780 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:30:06.0541 1780 mouclass - ok
14:30:06.0556 1780 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:30:06.0556 1780 mouhid - ok
14:30:06.0603 1780 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:30:06.0619 1780 mountmgr - ok
14:30:06.0650 1780 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:30:06.0665 1780 mpio - ok
14:30:06.0697 1780 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:30:06.0697 1780 mpsdrv - ok
14:30:06.0759 1780 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:30:06.0775 1780 MpsSvc - ok
14:30:06.0806 1780 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:30:06.0821 1780 MRxDAV - ok
14:30:06.0868 1780 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:30:06.0868 1780 mrxsmb - ok
14:30:06.0915 1780 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:30:06.0931 1780 mrxsmb10 - ok
14:30:06.0946 1780 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:30:06.0962 1780 mrxsmb20 - ok
14:30:07.0009 1780 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:30:07.0024 1780 msahci - ok
14:30:07.0024 1780 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:30:07.0040 1780 msdsm - ok
14:30:07.0055 1780 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:30:07.0071 1780 MSDTC - ok
14:30:07.0087 1780 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:30:07.0102 1780 Msfs - ok
14:30:07.0118 1780 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:30:07.0118 1780 mshidkmdf - ok
14:30:07.0165 1780 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:30:07.0180 1780 msisadrv - ok
14:30:07.0211 1780 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:30:07.0243 1780 MSiSCSI - ok
14:30:07.0243 1780 msiserver - ok
14:30:07.0274 1780 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:30:07.0274 1780 MSKSSRV - ok
14:30:07.0289 1780 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:30:07.0289 1780 MSPCLOCK - ok
14:30:07.0305 1780 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:30:07.0305 1780 MSPQM - ok
14:30:07.0367 1780 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:30:07.0383 1780 MsRPC - ok
14:30:07.0430 1780 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:30:07.0430 1780 mssmbios - ok
14:30:07.0461 1780 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:30:07.0461 1780 MSTEE - ok
14:30:07.0477 1780 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:30:07.0477 1780 MTConfig - ok
14:30:07.0508 1780 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:30:07.0523 1780 Mup - ok
14:30:07.0555 1780 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:30:07.0570 1780 napagent - ok
14:30:07.0586 1780 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:30:07.0601 1780 NativeWifiP - ok
14:30:07.0664 1780 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:30:07.0679 1780 NDIS - ok
14:30:07.0695 1780 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:30:07.0695 1780 NdisCap - ok
14:30:07.0726 1780 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:30:07.0726 1780 NdisTapi - ok
14:30:07.0773 1780 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:30:07.0789 1780 Ndisuio - ok
14:30:07.0835 1780 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:30:07.0851 1780 NdisWan - ok
14:30:07.0929 1780 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:30:07.0945 1780 NDProxy - ok
14:30:08.0023 1780 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:30:08.0038 1780 NetBIOS - ok
14:30:08.0101 1780 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:30:08.0116 1780 NetBT - ok
14:30:08.0132 1780 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:30:08.0132 1780 Netlogon - ok
14:30:08.0179 1780 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:30:08.0194 1780 Netman - ok
14:30:08.0210 1780 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:30:08.0210 1780 netprofm - ok
14:30:08.0225 1780 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:30:08.0288 1780 NetTcpPortSharing - ok
14:30:08.0413 1780 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:30:08.0459 1780 netw5v64 - ok
14:30:08.0615 1780 [ 30933BB56FB611D0252BAD488ADFB533 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
14:30:08.0740 1780 NETwNs64 - ok
14:30:08.0756 1780 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:30:08.0771 1780 nfrd960 - ok
14:30:08.0818 1780 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:30:08.0834 1780 NlaSvc - ok
14:30:08.0865 1780 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:30:08.0865 1780 Npfs - ok
14:30:08.0896 1780 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:30:08.0896 1780 nsi - ok
14:30:08.0912 1780 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:30:08.0912 1780 nsiproxy - ok
14:30:08.0990 1780 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:30:09.0005 1780 Ntfs - ok
14:30:09.0021 1780 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:30:09.0021 1780 Null - ok
14:30:09.0083 1780 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:30:09.0099 1780 nvraid - ok
14:30:09.0115 1780 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:30:09.0115 1780 nvstor - ok
14:30:09.0161 1780 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:30:09.0177 1780 nv_agp - ok
14:30:09.0208 1780 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:30:09.0224 1780 ohci1394 - ok
14:30:09.0271 1780 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:30:09.0286 1780 ose - ok
14:30:09.0411 1780 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:30:09.0645 1780 osppsvc - ok
14:30:09.0692 1780 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:30:09.0707 1780 p2pimsvc - ok
14:30:09.0723 1780 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:30:09.0739 1780 p2psvc - ok
14:30:09.0754 1780 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:30:09.0770 1780 Parport - ok
14:30:09.0817 1780 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:30:09.0832 1780 partmgr - ok
14:30:09.0879 1780 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:30:09.0895 1780 PcaSvc - ok
14:30:09.0926 1780 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:30:09.0941 1780 pci - ok
14:30:09.0988 1780 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:30:10.0004 1780 pciide - ok
14:30:10.0019 1780 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:30:10.0035 1780 pcmcia - ok
14:30:10.0051 1780 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:30:10.0051 1780 pcw - ok
14:30:10.0066 1780 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:30:10.0082 1780 PEAUTH - ok
14:30:10.0129 1780 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:30:10.0160 1780 PeerDistSvc - ok
14:30:10.0238 1780 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:30:10.0253 1780 PerfHost - ok
14:30:10.0269 1780 [ 18EEA095AF22AC5FA16FC27FB98C82D3 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
14:30:10.0285 1780 PHCORE - ok
14:30:10.0347 1780 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:30:10.0378 1780 pla - ok
14:30:10.0425 1780 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:30:10.0441 1780 PlugPlay - ok
14:30:10.0456 1780 [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
14:30:10.0472 1780 pmxdrv - ok
14:30:10.0503 1780 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:30:10.0519 1780 PNRPAutoReg - ok
14:30:10.0534 1780 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:30:10.0534 1780 PNRPsvc - ok
14:30:10.0581 1780 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:30:10.0597 1780 PolicyAgent - ok
14:30:10.0628 1780 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:30:10.0643 1780 Power - ok
14:30:10.0815 1780 [ D2FCBA55D4ED03E1FF9A290D5CF1CCA5 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
14:30:10.0846 1780 Power Manager DBC Service - ok
14:30:10.0909 1780 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:30:10.0924 1780 PptpMiniport - ok
14:30:10.0940 1780 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:30:10.0940 1780 Processor - ok
14:30:10.0987 1780 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:30:11.0002 1780 ProfSvc - ok
14:30:11.0002 1780 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:30:11.0018 1780 ProtectedStorage - ok
14:30:11.0033 1780 [ 515A7C5A0886FCC60901916785EFD549 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
14:30:11.0033 1780 psadd - ok
14:30:11.0096 1780 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:30:11.0111 1780 Psched - ok
14:30:11.0221 1780 [ 462059CB2914AEE993751851CDF145C9 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
14:30:11.0267 1780 PwmEWSvc - ok
14:30:11.0330 1780 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:30:11.0345 1780 ql2300 - ok
14:30:11.0377 1780 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:30:11.0392 1780 ql40xx - ok
14:30:11.0423 1780 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:30:11.0439 1780 QWAVE - ok
14:30:11.0455 1780 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:30:11.0455 1780 QWAVEdrv - ok
14:30:11.0470 1780 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:30:11.0470 1780 RasAcd - ok
14:30:11.0501 1780 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:30:11.0501 1780 RasAgileVpn - ok
14:30:11.0517 1780 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:30:11.0564 1780 RasAuto - ok
14:30:11.0595 1780 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:30:11.0611 1780 Rasl2tp - ok
14:30:11.0626 1780 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:30:11.0642 1780 RasMan - ok
14:30:11.0657 1780 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:30:11.0657 1780 RasPppoe - ok
14:30:11.0673 1780 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:30:11.0689 1780 RasSstp - ok
14:30:11.0720 1780 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:30:11.0735 1780 rdbss - ok
14:30:11.0751 1780 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:30:11.0751 1780 rdpbus - ok
14:30:11.0782 1780 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:30:11.0782 1780 RDPCDD - ok
14:30:11.0845 1780 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:30:11.0845 1780 RDPDR - ok
14:30:11.0876 1780 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:30:11.0891 1780 RDPENCDD - ok
14:30:11.0891 1780 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:30:11.0891 1780 RDPREFMP - ok
14:30:11.0954 1780 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:30:11.0954 1780 RDPWD - ok
14:30:12.0001 1780 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:30:12.0016 1780 rdyboost - ok
14:30:12.0063 1780 [ 9276F4D4109FC349925D28E00E533146 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:30:12.0079 1780 RegSrvc - ok
14:30:12.0110 1780 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:30:12.0110 1780 RemoteAccess - ok
14:30:12.0141 1780 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:30:12.0157 1780 RemoteRegistry - ok
14:30:12.0188 1780 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:30:12.0188 1780 RFCOMM - ok
14:30:12.0219 1780 [ FF501F212E5D5A97F8339928320F269E ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
14:30:12.0219 1780 risdxc - ok
14:30:12.0235 1780 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:30:12.0250 1780 RpcEptMapper - ok
14:30:12.0281 1780 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:30:12.0281 1780 RpcLocator - ok
14:30:12.0344 1780 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:30:12.0344 1780 RpcSs - ok
14:30:12.0359 1780 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:30:12.0375 1780 rspndr - ok
14:30:12.0406 1780 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:30:12.0422 1780 s3cap - ok
14:30:12.0437 1780 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:30:12.0437 1780 SamSs - ok
14:30:12.0453 1780 SAService - ok
14:30:12.0547 1780 [ 26E2192D31CC7A7421D1AE18947A6EAE ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
14:30:12.0547 1780 SAVAdminService - ok
14:30:12.0625 1780 [ C3999EF390EB460A636E9FFBA040BF8A ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
14:30:12.0640 1780 SAVOnAccess - ok
14:30:12.0656 1780 [ D31E18B53B0E52C234568BB61EEC7940 ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
14:30:12.0671 1780 SAVService - ok
14:30:12.0718 1780 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:30:12.0734 1780 sbp2port - ok
14:30:12.0749 1780 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:30:12.0765 1780 SCardSvr - ok
14:30:12.0796 1780 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:30:12.0812 1780 scfilter - ok
14:30:12.0874 1780 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:30:12.0890 1780 Schedule - ok
14:30:12.0937 1780 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:30:12.0937 1780 SCPolicySvc - ok
14:30:12.0983 1780 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:30:12.0999 1780 sdbus - ok
14:30:13.0061 1780 [ 7D67AEABEB597C602EDB5B3AE316E96A ] sdcfilter C:\Windows\system32\DRIVERS\sdcfilter.sys
14:30:13.0077 1780 sdcfilter - ok
14:30:13.0124 1780 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:30:13.0139 1780 SDRSVC - ok
14:30:13.0171 1780 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:30:13.0171 1780 secdrv - ok
14:30:13.0217 1780 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:30:13.0233 1780 seclogon - ok
14:30:13.0249 1780 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:30:13.0249 1780 SENS - ok
14:30:13.0264 1780 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:30:13.0280 1780 SensrSvc - ok
14:30:13.0280 1780 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:30:13.0280 1780 Serenum - ok
14:30:13.0295 1780 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:30:13.0311 1780 Serial - ok
14:30:13.0342 1780 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:30:13.0358 1780 sermouse - ok
14:30:13.0405 1780 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:30:13.0405 1780 SessionEnv - ok
14:30:13.0420 1780 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:30:13.0436 1780 sffdisk - ok
14:30:13.0436 1780 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:30:13.0451 1780 sffp_mmc - ok
14:30:13.0451 1780 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:30:13.0467 1780 sffp_sd - ok
14:30:13.0498 1780 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:30:13.0514 1780 sfloppy - ok
14:30:13.0545 1780 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:30:13.0763 1780 SharedAccess - ok
14:30:13.0810 1780 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:30:13.0826 1780 ShellHWDetection - ok
14:30:13.0857 1780 [ 380B52126E62C6C2D3C8BA805AADFDC7 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
14:30:13.0873 1780 Shockprf - ok
14:30:13.0888 1780 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:30:13.0904 1780 SiSRaid2 - ok
14:30:13.0919 1780 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:30:13.0935 1780 SiSRaid4 - ok
14:30:14.0013 1780 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:30:14.0153 1780 SkypeUpdate - ok
14:30:14.0153 1780 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:30:14.0169 1780 Smb - ok
14:30:14.0216 1780 [ C5B1A19B14F19B08AE72FCB20A3075B6 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
14:30:14.0231 1780 smihlp - ok
14:30:14.0247 1780 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:30:14.0263 1780 SNMPTRAP - ok
14:30:14.0341 1780 [ 025150B0A330CD29E2AF198DD3EB35FF ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
14:30:14.0356 1780 Sophos AutoUpdate Service - ok
14:30:14.0465 1780 [ BD03374253F79CE7A716A870DC85BD84 ] Sophos Web Control Service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
14:30:14.0465 1780 Sophos Web Control Service - ok
14:30:14.0512 1780 [ 69FBE35A8165ADBC313AA7F64B868CA1 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
14:30:14.0528 1780 SophosBootDriver - ok
14:30:14.0543 1780 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:30:14.0559 1780 spldr - ok
14:30:14.0606 1780 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:30:14.0621 1780 Spooler - ok
14:30:14.0715 1780 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:30:14.0824 1780 sppsvc - ok
14:30:14.0840 1780 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:30:14.0840 1780 sppuinotify - ok
14:30:14.0887 1780 [ EB1E046AC04AC33A2D4A7C8F1A8DD793 ] SROSVC C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
14:30:14.0918 1780 SROSVC - ok
14:30:14.0965 1780 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:30:14.0965 1780 srv - ok
14:30:14.0996 1780 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:30:14.0996 1780 srv2 - ok
14:30:15.0027 1780 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:30:15.0043 1780 SrvHsfHDA - ok
14:30:15.0074 1780 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:30:15.0105 1780 SrvHsfV92 - ok
14:30:15.0121 1780 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:30:15.0136 1780 SrvHsfWinac - ok
14:30:15.0167 1780 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:30:15.0183 1780 srvnet - ok
14:30:15.0214 1780 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:30:15.0230 1780 SSDPSRV - ok
14:30:15.0230 1780 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:30:15.0245 1780 SstpSvc - ok
14:30:15.0261 1780 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:30:15.0277 1780 stexstor - ok
14:30:15.0323 1780 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:30:15.0355 1780 stisvc - ok
14:30:15.0386 1780 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:30:15.0401 1780 storflt - ok
14:30:15.0433 1780 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:30:15.0433 1780 StorSvc - ok
14:30:15.0464 1780 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:30:15.0464 1780 storvsc - ok
14:30:15.0495 1780 [ 266D6BE20B40B7DC0949F5108E838B5E ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
14:30:15.0526 1780 SUService - ok
14:30:15.0573 1780 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:30:15.0589 1780 swenum - ok
14:30:15.0713 1780 [ AFE48B0B5F952D41CC9341E3DEDA646D ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
14:30:15.0916 1780 swi_service - ok
14:30:16.0041 1780 [ 038DC2AA8DA8A240A4E73C7FADD4BDB4 ] swi_update_64 C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe
14:30:16.0088 1780 swi_update_64 - ok
14:30:16.0119 1780 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:30:16.0150 1780 swprv - ok
14:30:16.0181 1780 [ B49FA98AFAD439CD7E33164C3A19BB88 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:30:16.0213 1780 SynTP - ok
14:30:16.0291 1780 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:30:16.0322 1780 SysMain - ok
14:30:16.0369 1780 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:30:16.0384 1780 TabletInputService - ok
14:30:16.0400 1780 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:30:16.0400 1780 TapiSrv - ok
14:30:16.0431 1780 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:30:16.0447 1780 TBS - ok
14:30:16.0509 1780 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:30:16.0525 1780 Tcpip - ok
14:30:16.0556 1780 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:30:16.0556 1780 TCPIP6 - ok
14:30:16.0603 1780 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:30:16.0618 1780 tcpipreg - ok
14:30:16.0634 1780 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:30:16.0634 1780 TDPIPE - ok
14:30:16.0681 1780 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:30:16.0681 1780 TDTCP - ok
14:30:16.0727 1780 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:30:16.0743 1780 tdx - ok
14:30:16.0790 1780 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:30:16.0805 1780 TermDD - ok
14:30:16.0852 1780 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:30:16.0883 1780 TermService - ok
14:30:16.0899 1780 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:30:16.0915 1780 Themes - ok
14:30:16.0930 1780 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:30:16.0930 1780 THREADORDER - ok
14:30:16.0946 1780 [ 5523C729F1ED31B63C88490AF3D220FA ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
14:30:16.0946 1780 TPDIGIMN - ok
14:30:16.0961 1780 [ ECB098A3404ACB8A05F0673DC086BB43 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
14:30:16.0977 1780 TPHDEXLGSVC - ok
14:30:17.0008 1780 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
14:30:17.0008 1780 TPM - ok
14:30:17.0071 1780 [ 6EE437A872E0184D6D09F65C5EA0AABA ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
14:30:17.0071 1780 TPPWRIF - ok
14:30:17.0102 1780 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:30:17.0117 1780 TrkWks - ok
14:30:17.0180 1780 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:30:17.0195 1780 TrustedInstaller - ok
14:30:17.0242 1780 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:30:17.0242 1780 tssecsrv - ok
14:30:17.0305 1780 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:30:17.0320 1780 TsUsbFlt - ok
14:30:17.0367 1780 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:30:17.0383 1780 tunnel - ok
14:30:17.0414 1780 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:30:17.0429 1780 uagp35 - ok
14:30:17.0461 1780 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:30:17.0476 1780 udfs - ok
14:30:17.0507 1780 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:30:17.0523 1780 UI0Detect - ok
14:30:17.0523 1780 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:30:17.0539 1780 uliagpkx - ok
14:30:17.0585 1780 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:30:17.0601 1780 umbus - ok
14:30:17.0617 1780 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:30:17.0632 1780 UmPass - ok
14:30:17.0679 1780 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:30:17.0695 1780 UmRdpService - ok
14:30:17.0773 1780 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:30:17.0975 1780 UNS - ok
14:30:18.0007 1780 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:30:18.0022 1780 upnphost - ok
14:30:18.0053 1780 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:30:18.0069 1780 USBAAPL64 - ok
14:30:18.0116 1780 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:30:18.0131 1780 usbccgp - ok
14:30:18.0178 1780 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:30:18.0194 1780 usbcir - ok
14:30:18.0209 1780 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:30:18.0209 1780 usbehci - ok
14:30:18.0241 1780 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:30:18.0241 1780 usbhub - ok
14:30:18.0256 1780 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:30:18.0272 1780 usbohci - ok
14:30:18.0287 1780 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:30:18.0303 1780 usbprint - ok
14:30:18.0334 1780 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:30:18.0350 1780 USBSTOR - ok
14:30:18.0365 1780 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:30:18.0365 1780 usbuhci - ok
14:30:18.0412 1780 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:30:18.0428 1780 usbvideo - ok
14:30:18.0443 1780 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:30:18.0459 1780 UxSms - ok
14:30:18.0475 1780 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:30:18.0475 1780 VaultSvc - ok
14:30:18.0490 1780 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:30:18.0506 1780 vdrvroot - ok
14:30:18.0553 1780 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:30:18.0568 1780 vds - ok
14:30:18.0599 1780 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:30:18.0615 1780 vga - ok
14:30:18.0615 1780 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:30:18.0631 1780 VgaSave - ok
14:30:18.0677 1780 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:30:18.0677 1780 vhdmp - ok
14:30:18.0724 1780 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:30:18.0740 1780 viaide - ok
14:30:18.0755 1780 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:30:18.0755 1780 vmbus - ok
14:30:18.0771 1780 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:30:18.0787 1780 VMBusHID - ok
14:30:18.0802 1780 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:30:18.0802 1780 volmgr - ok
14:30:18.0865 1780 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:30:18.0880 1780 volmgrx - ok
14:30:18.0880 1780 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:30:18.0896 1780 volsnap - ok
14:30:18.0927 1780 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:30:18.0943 1780 vsmraid - ok
14:30:19.0005 1780 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:30:19.0036 1780 VSS - ok
14:30:19.0052 1780 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:30:19.0052 1780 vwifibus - ok
14:30:19.0083 1780 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:30:19.0083 1780 vwififlt - ok
14:30:19.0114 1780 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:30:19.0130 1780 W32Time - ok
14:30:19.0145 1780 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:30:19.0161 1780 WacomPen - ok
14:30:19.0208 1780 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:30:19.0223 1780 WANARP - ok
14:30:19.0223 1780 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:30:19.0223 1780 Wanarpv6 - ok
14:30:19.0286 1780 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:30:19.0426 1780 WatAdminSvc - ok
14:30:19.0489 1780 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:30:19.0520 1780 wbengine - ok
14:30:19.0535 1780 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:30:19.0551 1780 WbioSrvc - ok
14:30:19.0598 1780 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:30:19.0613 1780 wcncsvc - ok
14:30:19.0613 1780 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:30:19.0629 1780 WcsPlugInService - ok
14:30:19.0660 1780 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:30:19.0660 1780 Wd - ok
14:30:19.0723 1780 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:30:19.0738 1780 Wdf01000 - ok
14:30:19.0754 1780 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:30:19.0769 1780 WdiServiceHost - ok
14:30:19.0769 1780 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:30:19.0769 1780 WdiSystemHost - ok
14:30:19.0832 1780 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:30:19.0832 1780 WebClient - ok
14:30:19.0847 1780 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:30:19.0863 1780 Wecsvc - ok
14:30:19.0879 1780 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:30:19.0894 1780 wercplsupport - ok
14:30:19.0925 1780 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:30:19.0941 1780 WerSvc - ok
14:30:19.0972 1780 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:30:19.0972 1780 WfpLwf - ok
14:30:19.0988 1780 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:30:19.0988 1780 WIMMount - ok
14:30:20.0003 1780 WinDefend - ok
14:30:20.0003 1780 WinHttpAutoProxySvc - ok
14:30:20.0050 1780 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:30:20.0050 1780 Winmgmt - ok
14:30:20.0128 1780 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:30:20.0159 1780 WinRM - ok
14:30:20.0206 1780 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
14:30:20.0222 1780 WinUsb - ok
14:30:20.0253 1780 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:30:20.0269 1780 Wlansvc - ok
14:30:20.0284 1780 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:30:20.0284 1780 WmiAcpi - ok
14:30:20.0315 1780 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:30:20.0331 1780 wmiApSrv - ok
14:30:20.0347 1780 WMPNetworkSvc - ok
14:30:20.0378 1780 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:30:20.0393 1780 WPCSvc - ok
14:30:20.0440 1780 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:30:20.0440 1780 WPDBusEnum - ok
14:30:20.0456 1780 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:30:20.0471 1780 ws2ifsl - ok
14:30:20.0487 1780 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:30:20.0487 1780 wscsvc - ok
14:30:20.0534 1780 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
14:30:20.0534 1780 WSDPrintDevice - ok
14:30:20.0596 1780 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
14:30:20.0612 1780 WSDScan - ok
14:30:20.0612 1780 WSearch - ok
14:30:20.0690 1780 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:30:20.0721 1780 wuauserv - ok
14:30:20.0783 1780 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:30:20.0783 1780 WudfPf - ok
14:30:20.0799 1780 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:30:20.0815 1780 WUDFRd - ok
14:30:20.0830 1780 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:30:20.0830 1780 wudfsvc - ok
14:30:20.0861 1780 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:30:20.0877 1780 WwanSvc - ok
14:30:20.0893 1780 ================ Scan global ===============================
14:30:20.0908 1780 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:30:20.0955 1780 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:30:20.0971 1780 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:30:21.0002 1780 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:30:21.0017 1780 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:30:21.0033 1780 [Global] - ok
14:30:21.0033 1780 ================ Scan MBR ==================================
14:30:21.0049 1780 [ 6BFAAE116B18F1BBE44A3610A0A5F23E ] \Device\Harddisk0\DR0
14:30:21.0267 1780 \Device\Harddisk0\DR0 - ok
14:30:21.0267 1780 ================ Scan VBR ==================================
14:30:21.0283 1780 [ 03146B15E59F4CCB63C11399691CC19C ] \Device\Harddisk0\DR0\Partition1
14:30:21.0283 1780 \Device\Harddisk0\DR0\Partition1 - ok
14:30:21.0283 1780 [ 76C3900CEA3692BCB450154E31F4FA5F ] \Device\Harddisk0\DR0\Partition2
14:30:21.0283 1780 \Device\Harddisk0\DR0\Partition2 - ok
14:30:21.0314 1780 [ E3BFBEB6801564B9CE9F4BE910A339A6 ] \Device\Harddisk0\DR0\Partition3
14:30:21.0314 1780 \Device\Harddisk0\DR0\Partition3 - ok
14:30:21.0314 1780 ============================================================
14:30:21.0314 1780 Scan finished
14:30:21.0314 1780 ============================================================
14:30:21.0314 7052 Detected object count: 0
14:30:21.0314 7052 Actual detected object count: 0
14:41:20.0368 5032 ============================================================
14:41:20.0368 5032 Scan started
14:41:20.0368 5032 Mode: Manual;
14:41:20.0368 5032 ============================================================
14:41:20.0930 5032 ================ Scan system memory ========================
14:41:20.0930 5032 System memory - ok
14:41:20.0930 5032 ================ Scan services =============================
14:41:21.0086 5032 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:41:21.0101 5032 1394ohci - ok
14:41:21.0133 5032 [ 6FC47AA89B4ABD3E2F8766E55A52E426 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
14:41:21.0133 5032 5U877 - ok
14:41:21.0179 5032 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:41:21.0195 5032 ACPI - ok
14:41:21.0211 5032 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:41:21.0226 5032 AcpiPmi - ok
14:41:21.0335 5032 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:41:21.0351 5032 AdobeARMservice - ok
14:41:21.0460 5032 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:41:21.0491 5032 AdobeFlashPlayerUpdateSvc - ok
14:41:21.0538 5032 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:41:21.0538 5032 adp94xx - ok
14:41:21.0569 5032 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:41:21.0585 5032 adpahci - ok
14:41:21.0601 5032 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:41:21.0601 5032 adpu320 - ok
14:41:21.0616 5032 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:41:21.0616 5032 AeLookupSvc - ok
14:41:21.0679 5032 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:41:21.0679 5032 AFD - ok
14:41:21.0850 5032 [ 6196355C8D37DD3ED8D2D1396AC9ABDA ] AgentService C:\Program Files (x86)\Iron Mountain\Connected BackupPC\AgentService.exe
14:41:23.0473 5032 AgentService - ok
14:41:23.0535 5032 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:41:23.0551 5032 agp440 - ok
14:41:23.0566 5032 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:41:23.0582 5032 ALG - ok
14:41:23.0597 5032 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:41:23.0597 5032 aliide - ok
14:41:23.0613 5032 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:41:23.0629 5032 amdide - ok
14:41:23.0660 5032 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:41:23.0675 5032 AmdK8 - ok
14:41:23.0691 5032 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:41:23.0691 5032 AmdPPM - ok
14:41:23.0738 5032 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:41:23.0753 5032 amdsata - ok
14:41:23.0753 5032 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:41:23.0769 5032 amdsbs - ok
14:41:23.0785 5032 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:41:23.0785 5032 amdxata - ok
14:41:23.0831 5032 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:41:23.0847 5032 AppID - ok
14:41:23.0863 5032 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:41:23.0878 5032 AppIDSvc - ok
14:41:23.0925 5032 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:41:23.0925 5032 Appinfo - ok
14:41:24.0034 5032 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:41:24.0050 5032 Apple Mobile Device - ok
14:41:24.0065 5032 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:41:24.0081 5032 AppMgmt - ok
14:41:24.0097 5032 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:41:24.0097 5032 arc - ok
14:41:24.0112 5032 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:41:24.0112 5032 arcsas - ok
14:41:24.0159 5032 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:41:24.0175 5032 aswFsBlk - ok
14:41:24.0190 5032 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:41:24.0206 5032 aswMonFlt - ok
14:41:24.0221 5032 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
14:41:24.0221 5032 aswRdr - ok
14:41:24.0253 5032 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:41:24.0284 5032 aswSnx - ok
14:41:24.0299 5032 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:41:24.0315 5032 aswSP - ok
14:41:24.0346 5032 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:41:24.0362 5032 aswTdi - ok
14:41:24.0393 5032 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:41:24.0409 5032 AsyncMac - ok
14:41:24.0440 5032 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:41:24.0455 5032 atapi - ok
14:41:24.0518 5032 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:41:24.0549 5032 AudioEndpointBuilder - ok
14:41:24.0549 5032 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:41:24.0549 5032 AudioSrv - ok
14:41:24.0674 5032 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:41:24.0721 5032 avast! Antivirus - ok
14:41:24.0767 5032 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:41:24.0767 5032 AxInstSV - ok
14:41:24.0799 5032 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:41:24.0814 5032 b06bdrv - ok
14:41:24.0845 5032 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:41:24.0861 5032 b57nd60a - ok
14:41:24.0892 5032 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:41:24.0892 5032 BDESVC - ok
14:41:24.0908 5032 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:41:24.0923 5032 Beep - ok
14:41:25.0017 5032 [ 1B32C3C06F9E1C953865414767C5AD27 ] BESClient C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe
14:41:25.0282 5032 BESClient - ok
14:41:25.0329 5032 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:41:25.0345 5032 BFE - ok
14:41:25.0407 5032 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:41:25.0438 5032 BITS - ok
14:41:25.0454 5032 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:41:25.0454 5032 blbdrive - ok
14:41:25.0516 5032 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:41:25.0563 5032 Bonjour Service - ok
14:41:25.0594 5032 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:41:25.0610 5032 bowser - ok
14:41:25.0625 5032 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:41:25.0625 5032 BrFiltLo - ok
14:41:25.0657 5032 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:41:25.0657 5032 BrFiltUp - ok
14:41:25.0719 5032 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:41:25.0719 5032 Browser - ok
14:41:25.0735 5032 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:41:25.0750 5032 Brserid - ok
14:41:25.0766 5032 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:41:25.0781 5032 BrSerWdm - ok
14:41:25.0781 5032 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:41:25.0797 5032 BrUsbMdm - ok
14:41:25.0828 5032 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:41:25.0828 5032 BrUsbSer - ok
14:41:25.0906 5032 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:41:25.0906 5032 BthEnum - ok
14:41:25.0953 5032 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:41:25.0969 5032 BTHMODEM - ok
14:41:25.0969 5032 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:41:25.0984 5032 BthPan - ok
14:41:26.0000 5032 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:41:26.0015 5032 BTHPORT - ok
14:41:26.0031 5032 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:41:26.0047 5032 bthserv - ok
14:41:26.0078 5032 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:41:26.0093 5032 BTHUSB - ok
14:41:26.0125 5032 [ 8834F87A6A745872894DF8223201A6C3 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
14:41:26.0140 5032 BTWAMPFL - ok
14:41:26.0156 5032 [ 9863D82ECBEC6106D377ED73680D99D8 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:41:26.0156 5032 btwaudio - ok
14:41:26.0171 5032 [ 3432DD66AE75AB2DE6D0527AD78DBFC7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
14:41:26.0187 5032 btwavdt - ok
14:41:26.0218 5032 [ EB4AFE08FB39BB444F221D7D501E0915 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
14:41:26.0234 5032 btwdins - ok
14:41:26.0265 5032 [ 382DC5A631CED0462EA09B7EB898BDBF ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:41:26.0265 5032 btwl2cap - ok
14:41:26.0281 5032 [ 13A9C2CEDD44C175E6CA39A536795CA6 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:41:26.0281 5032 btwrchid - ok
14:41:26.0312 5032 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:41:26.0327 5032 cdfs - ok
14:41:26.0374 5032 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:41:26.0374 5032 cdrom - ok
14:41:26.0421 5032 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:41:26.0437 5032 CertPropSvc - ok
14:41:26.0452 5032 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:41:26.0452 5032 circlass - ok
14:41:26.0483 5032 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:41:26.0499 5032 CLFS - ok
14:41:26.0546 5032 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:41:26.0577 5032 clr_optimization_v2.0.50727_32 - ok
14:41:26.0608 5032 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:41:26.0624 5032 clr_optimization_v2.0.50727_64 - ok
14:41:26.0702 5032 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:41:26.0764 5032 clr_optimization_v4.0.30319_32 - ok
14:41:26.0795 5032 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:41:26.0795 5032 clr_optimization_v4.0.30319_64 - ok
14:41:26.0811 5032 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:41:26.0827 5032 CmBatt - ok
14:41:26.0842 5032 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:41:26.0842 5032 cmdide - ok
14:41:26.0905 5032 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:41:26.0905 5032 CNG - ok
14:41:26.0951 5032 [ D01E9A7C1A51D5CEFAE45CDB9A3F7EDC ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:41:26.0967 5032 CnxtHdAudService - ok
14:41:26.0983 5032 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:41:26.0998 5032 Compbatt - ok
14:41:27.0029 5032 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:41:27.0045 5032 CompositeBus - ok
14:41:27.0045 5032 COMSysApp - ok
14:41:27.0061 5032 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:41:27.0061 5032 crcdisk - ok
14:41:27.0107 5032 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:41:27.0107 5032 CryptSvc - ok
14:41:27.0154 5032 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:41:27.0170 5032 CSC - ok
14:41:27.0201 5032 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:41:27.0201 5032 CscService - ok
14:41:27.0232 5032 [ BF62FF663AE55E4ED99DE76881C2C0F1 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
14:41:27.0232 5032 ctxusbm - ok
14:41:27.0263 5032 [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
14:41:27.0263 5032 CVirtA - ok
14:41:27.0310 5032 [ 66257CB4E4FB69887CDDC71663741435 ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
14:41:27.0435 5032 CVPND - ok
14:41:27.0451 5032 [ CC8E52DAA9826064BA464DBE531F2BB5 ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
14:41:27.0466 5032 CVPNDRVA - ok
14:41:27.0482 5032 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
14:41:27.0497 5032 CxAudMsg - ok
14:41:27.0544 5032 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:41:27.0560 5032 DcomLaunch - ok
14:41:27.0575 5032 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:41:27.0591 5032 defragsvc - ok
14:41:27.0638 5032 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:41:27.0638 5032 DfsC - ok
14:41:27.0653 5032 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:41:27.0669 5032 Dhcp - ok
14:41:27.0685 5032 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:41:27.0700 5032 discache - ok
14:41:27.0700 5032 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:41:27.0716 5032 Disk - ok
14:41:27.0731 5032 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
14:41:27.0731 5032 DNE - ok
14:41:27.0763 5032 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:41:27.0778 5032 Dnscache - ok
14:41:27.0825 5032 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:41:27.0841 5032 dot3svc - ok
14:41:27.0934 5032 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
14:41:27.0950 5032 DozeSvc - ok
14:41:27.0981 5032 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:41:27.0997 5032 DPS - ok
14:41:28.0028 5032 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:41:28.0028 5032 drmkaud - ok
14:41:28.0106 5032 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:41:28.0121 5032 DXGKrnl - ok
14:41:28.0153 5032 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
14:41:28.0153 5032 DzHDD64 - ok
14:41:28.0184 5032 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
14:41:28.0199 5032 e1cexpress - ok
14:41:28.0215 5032 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:41:28.0215 5032 EapHost - ok
14:41:28.0293 5032 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:41:28.0309 5032 ebdrv - ok
14:41:28.0355 5032 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:41:28.0371 5032 EFS - ok
14:41:28.0402 5032 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:41:28.0418 5032 ehRecvr - ok
14:41:28.0433 5032 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:41:28.0449 5032 ehSched - ok
14:41:28.0465 5032 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:41:28.0480 5032 elxstor - ok
14:41:28.0527 5032 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:41:28.0543 5032 ErrDev - ok
14:41:28.0558 5032 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:41:28.0574 5032 EventSystem - ok
14:41:28.0636 5032 [ F8F610093E1D7FDFA477FC34D15D5C60 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:41:28.0667 5032 EvtEng - ok
14:41:28.0683 5032 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:41:28.0699 5032 exfat - ok
14:41:28.0699 5032 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:41:28.0714 5032 fastfat - ok
14:41:28.0761 5032 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:41:28.0761 5032 Fax - ok
14:41:28.0777 5032 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:41:28.0777 5032 fdc - ok
14:41:28.0808 5032 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:41:28.0823 5032 fdPHost - ok
14:41:28.0823 5032 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:41:28.0839 5032 FDResPub - ok
14:41:28.0839 5032 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:41:28.0855 5032 FileInfo - ok
14:41:28.0855 5032 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:41:28.0870 5032 Filetrace - ok
14:41:28.0886 5032 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:41:28.0901 5032 flpydisk - ok
14:41:28.0933 5032 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:41:28.0948 5032 FltMgr - ok
14:41:29.0011 5032 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:41:29.0026 5032 FontCache - ok
14:41:29.0089 5032 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:41:29.0120 5032 FontCache3.0.0.0 - ok
14:41:29.0135 5032 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:41:29.0135 5032 FsDepends - ok
14:41:29.0182 5032 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:41:29.0198 5032 Fs_Rec - ok
14:41:29.0229 5032 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:41:29.0245 5032 fvevol - ok
14:41:29.0260 5032 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:41:29.0276 5032 gagp30kx - ok
14:41:29.0307 5032 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:41:29.0323 5032 GEARAspiWDM - ok
14:41:29.0369 5032 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:41:29.0385 5032 gpsvc - ok
14:41:29.0401 5032 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:41:29.0416 5032 hcw85cir - ok
14:41:29.0463 5032 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:41:29.0479 5032 HdAudAddService - ok
14:41:29.0494 5032 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:41:29.0494 5032 HDAudBus - ok
14:41:29.0510 5032 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:41:29.0525 5032 HidBatt - ok
14:41:29.0525 5032 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:41:29.0541 5032 HidBth - ok
14:41:29.0557 5032 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:41:29.0572 5032 HidIr - ok
14:41:29.0588 5032 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:41:29.0588 5032 hidserv - ok
14:41:29.0635 5032 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:41:29.0635 5032 HidUsb - ok
14:41:29.0681 5032 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:41:29.0713 5032 hkmsvc - ok
14:41:29.0744 5032 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:41:29.0775 5032 HomeGroupListener - ok
14:41:29.0837 5032 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:41:29.0837 5032 HomeGroupProvider - ok
14:41:29.0869 5032 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:41:29.0884 5032 HpSAMD - ok
14:41:29.0947 5032 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:41:29.0947 5032 HTTP - ok
14:41:29.0993 5032 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:41:30.0009 5032 hwpolicy - ok
14:41:30.0056 5032 [ 9149907FF8681AD6475607EEBF62DD2F ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
14:41:30.0071 5032 HyperW7Svc - ok
14:41:30.0103 5032 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:41:30.0118 5032 i8042prt - ok
14:41:30.0134 5032 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:41:30.0149 5032 iaStor - ok
14:41:30.0165 5032 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:41:30.0181 5032 iaStorV - ok
14:41:30.0196 5032 [ A9BD44426A69079240767FE4AEE0EA71 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
14:41:30.0212 5032 IBMPMDRV - ok
14:41:30.0227 5032 [ 57D4A3ED5497DB0C5A53E680A9BDD1C6 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
14:41:30.0227 5032 IBMPMSVC - ok
14:41:30.0290 5032 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:41:30.0352 5032 idsvc - ok
14:41:30.0524 5032 [ 66DC0CE2D1867B8178EAA0E11930DBD7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:41:30.0586 5032 igfx - ok
14:41:30.0602 5032 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:41:30.0617 5032 iirsp - ok
14:41:30.0664 5032 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:41:30.0680 5032 IKEEXT - ok
14:41:30.0711 5032 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:41:30.0727 5032 IntcDAud - ok
14:41:30.0758 5032 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:41:30.0773 5032 intelide - ok
14:41:30.0805 5032 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:41:30.0805 5032 intelppm - ok
14:41:30.0820 5032 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:41:30.0836 5032 IPBusEnum - ok
14:41:30.0883 5032 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:41:30.0883 5032 IpFilterDriver - ok
14:41:30.0945 5032 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:41:30.0945 5032 iphlpsvc - ok
14:41:30.0992 5032 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:41:31.0007 5032 IPMIDRV - ok
14:41:31.0039 5032 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:41:31.0039 5032 IPNAT - ok
14:41:31.0101 5032 [ 4472C8825B5E41D8697D5962F47AB1C9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:41:31.0117 5032 iPod Service - ok
14:41:31.0132 5032 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:41:31.0132 5032 IRENUM - ok
14:41:31.0179 5032 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:41:31.0195 5032 isapnp - ok
14:41:31.0195 5032 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:41:31.0210 5032 iScsiPrt - ok
14:41:31.0273 5032 [ 3B794CA0DE73790420DEBA3C759F1502 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
14:41:31.0304 5032 jhi_service - ok
14:41:31.0335 5032 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:41:31.0351 5032 kbdclass - ok
14:41:31.0382 5032 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:41:31.0397 5032 kbdhid - ok
14:41:31.0413 5032 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:41:31.0413 5032 KeyIso - ok
14:41:31.0444 5032 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:41:31.0460 5032 KSecDD - ok
14:41:31.0507 5032 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:41:31.0522 5032 KSecPkg - ok
14:41:31.0553 5032 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:41:31.0553 5032 ksthunk - ok
14:41:31.0585 5032 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:41:31.0585 5032 KtmRm - ok
14:41:31.0631 5032 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:41:31.0647 5032 LanmanServer - ok
14:41:31.0694 5032 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:41:31.0709 5032 LanmanWorkstation - ok
14:41:31.0756 5032 [ 094AA6ADBB4A5BE48F8426B628D938DC ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
14:41:31.0772 5032 LENOVO.CAMMUTE - ok
14:41:31.0787 5032 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
14:41:31.0803 5032 lenovo.smi - ok
14:41:31.0834 5032 [ 7F56266131AADAF019DC2F5540ECC284 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
14:41:31.0850 5032 LENOVO.TPKNRSVC - ok
14:41:31.0865 5032 [ 6F2CC57EB5836D2AC9BD37F3554D55F8 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
14:41:31.0881 5032 Lenovo.VIRTSCRLSVC - ok
14:41:31.0943 5032 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:41:31.0943 5032 lltdio - ok
14:41:31.0975 5032 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:41:32.0006 5032 lltdsvc - ok
14:41:32.0006 5032 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:41:32.0021 5032 lmhosts - ok
14:41:32.0053 5032 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:41:32.0146 5032 LMS - ok
14:41:32.0162 5032 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:41:32.0162 5032 LSI_FC - ok
14:41:32.0177 5032 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:41:32.0193 5032 LSI_SAS - ok
14:41:32.0193 5032 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:41:32.0209 5032 LSI_SAS2 - ok
14:41:32.0224 5032 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:41:32.0240 5032 LSI_SCSI - ok
14:41:32.0255 5032 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:41:32.0255 5032 luafv - ok
14:41:32.0302 5032 [ 1D12D4D0ABC5BB00A5E8FEB9A9601731 ] LV_Tracker C:\Windows\system32\DRIVERS\LV_Tracker64.sys
14:41:32.0302 5032 LV_Tracker - ok
14:41:32.0427 5032 [ C2F3BBA0760AB9DD33BCC60A663A108C ] Matrox.Pdesk3.ServicesHost C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Services.exe
14:41:32.0458 5032 Matrox.Pdesk3.ServicesHost - ok
14:41:32.0505 5032 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:41:32.0536 5032 Mcx2Svc - ok
14:41:32.0552 5032 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:41:32.0567 5032 megasas - ok
14:41:32.0583 5032 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:41:32.0583 5032 MegaSR - ok
14:41:32.0614 5032 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:41:32.0614 5032 MEIx64 - ok
14:41:32.0692 5032 Microsoft SharePoint Workspace Audit Service - ok
14:41:32.0708 5032 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:41:32.0723 5032 MMCSS - ok
14:41:32.0739 5032 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:41:32.0755 5032 Modem - ok
14:41:32.0801 5032 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:41:32.0817 5032 monitor - ok
14:41:32.0817 5032 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:41:32.0817 5032 mouclass - ok
14:41:32.0833 5032 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:41:32.0833 5032 mouhid - ok
14:41:32.0879 5032 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:41:32.0895 5032 mountmgr - ok
14:41:32.0926 5032 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:41:32.0942 5032 mpio - ok
14:41:32.0957 5032 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:41:32.0973 5032 mpsdrv - ok
14:41:33.0020 5032 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:41:33.0035 5032 MpsSvc - ok
14:41:33.0082 5032 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:41:33.0082 5032 MRxDAV - ok
14:41:33.0129 5032 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:41:33.0145 5032 mrxsmb - ok
14:41:33.0191 5032 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:41:33.0207 5032 mrxsmb10 - ok
14:41:33.0223 5032 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:41:33.0223 5032 mrxsmb20 - ok
14:41:33.0254 5032 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:41:33.0269 5032 msahci - ok
14:41:33.0285 5032 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:41:33.0285 5032 msdsm - ok
14:41:33.0301 5032 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:41:33.0316 5032 MSDTC - ok
14:41:33.0332 5032 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:41:33.0347 5032 Msfs - ok
14:41:33.0347 5032 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:41:33.0363 5032 mshidkmdf - ok
14:41:33.0410 5032 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:41:33.0410 5032 msisadrv - ok
14:41:33.0441 5032 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:41:33.0472 5032 MSiSCSI - ok
14:41:33.0472 5032 msiserver - ok
14:41:33.0488 5032 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:41:33.0488 5032 MSKSSRV - ok
14:41:33.0503 5032 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:41:33.0519 5032 MSPCLOCK - ok
14:41:33.0535 5032 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:41:33.0550 5032 MSPQM - ok
14:41:33.0597 5032 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:41:33.0613 5032 MsRPC - ok
14:41:33.0659 5032 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:41:33.0675 5032 mssmbios - ok
14:41:33.0675 5032 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:41:33.0675 5032 MSTEE - ok
14:41:33.0691 5032 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:41:33.0706 5032 MTConfig - ok
14:41:33.0722 5032 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:41:33.0722 5032 Mup - ok
14:41:33.0769 5032 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:41:33.0784 5032 napagent - ok
14:41:33.0847 5032 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:41:33.0862 5032 NativeWifiP - ok
14:41:33.0909 5032 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:41:33.0925 5032 NDIS - ok
14:41:33.0940 5032 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:41:33.0940 5032 NdisCap - ok
14:41:33.0956 5032 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:41:33.0956 5032 NdisTapi - ok
14:41:34.0003 5032 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:41:34.0018 5032 Ndisuio - ok
14:41:34.0065 5032 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:41:34.0065 5032 NdisWan - ok
14:41:34.0112 5032 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:41:34.0127 5032 NDProxy - ok
14:41:34.0143 5032 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:41:34.0143 5032 NetBIOS - ok
14:41:34.0190 5032 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:41:34.0205 5032 NetBT - ok
14:41:34.0221 5032 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:41:34.0221 5032 Netlogon - ok
14:41:34.0237 5032 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:41:34.0252 5032 Netman - ok
14:41:34.0268 5032 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:41:34.0268 5032 netprofm - ok
14:41:34.0283 5032 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:41:34.0346 5032 NetTcpPortSharing - ok
14:41:34.0439 5032 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:41:34.0471 5032 netw5v64 - ok
14:41:34.0611 5032 [ 30933BB56FB611D0252BAD488ADFB533 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
14:41:34.0642 5032 NETwNs64 - ok
14:41:34.0658 5032 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:41:34.0673 5032 nfrd960 - ok
14:41:34.0705 5032 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:41:34.0720 5032 NlaSvc - ok
14:41:34.0751 5032 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:41:34.0751 5032 Npfs - ok
14:41:34.0783 5032 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:41:34.0783 5032 nsi - ok
14:41:34.0798 5032 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:41:34.0814 5032 nsiproxy - ok
14:41:34.0876 5032 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:41:34.0907 5032 Ntfs - ok
14:41:34.0923 5032 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:41:34.0939 5032 Null - ok
14:41:34.0985 5032 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:41:35.0001 5032 nvraid - ok
14:41:35.0001 5032 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:41:35.0017 5032 nvstor - ok
14:41:35.0063 5032 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:41:35.0063 5032 nv_agp - ok
14:41:35.0079 5032 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:41:35.0095 5032 ohci1394 - ok
14:41:35.0141 5032 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:41:35.0157 5032 ose - ok
14:41:35.0282 5032 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:41:35.0516 5032 osppsvc - ok
14:41:35.0531 5032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:41:35.0547 5032 p2pimsvc - ok
14:41:35.0563 5032 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:41:35.0563 5032 p2psvc - ok
14:41:35.0594 5032 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:41:35.0594 5032 Parport - ok
14:41:35.0641 5032 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:41:35.0656 5032 partmgr - ok
14:41:35.0672 5032 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:41:35.0687 5032 PcaSvc - ok
14:41:35.0703 5032 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:41:35.0703 5032 pci - ok
14:41:35.0750 5032 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:41:35.0765 5032 pciide - ok
14:41:35.0781 5032 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:41:35.0797 5032 pcmcia - ok
14:41:35.0812 5032 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:41:35.0812 5032 pcw - ok
14:41:35.0828 5032 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:41:35.0843 5032 PEAUTH - ok
14:41:35.0875 5032 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:41:35.0890 5032 PeerDistSvc - ok
14:41:35.0968 5032 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:41:35.0984 5032 PerfHost - ok
14:41:35.0999 5032 [ 18EEA095AF22AC5FA16FC27FB98C82D3 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
14:41:35.0999 5032 PHCORE - ok
14:41:36.0109 5032 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:41:36.0109 5032 pla - ok
14:41:36.0155 5032 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:41:36.0171 5032 PlugPlay - ok
14:41:36.0202 5032 [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
14:41:36.0202 5032 pmxdrv - ok
14:41:36.0233 5032 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:41:36.0249 5032 PNRPAutoReg - ok
14:41:36.0249 5032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:41:36.0265 5032 PNRPsvc - ok
14:41:36.0311 5032 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:41:36.0327 5032 PolicyAgent - ok
14:41:36.0343 5032 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:41:36.0343 5032 Power - ok
14:41:36.0514 5032 [ D2FCBA55D4ED03E1FF9A290D5CF1CCA5 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
14:41:36.0530 5032 Power Manager DBC Service - ok
14:41:36.0577 5032 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:41:36.0577 5032 PptpMiniport - ok
14:41:36.0608 5032 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:41:36.0608 5032 Processor - ok
14:41:36.0655 5032 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:41:36.0670 5032 ProfSvc - ok
14:41:36.0670 5032 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:41:36.0670 5032 ProtectedStorage - ok
14:41:36.0701 5032 [ 515A7C5A0886FCC60901916785EFD549 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
14:41:36.0701 5032 psadd - ok
14:41:36.0748 5032 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:41:36.0748 5032 Psched - ok
14:41:36.0842 5032 [ 462059CB2914AEE993751851CDF145C9 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
14:41:36.0873 5032 PwmEWSvc - ok
14:41:36.0920 5032 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:41:36.0935 5032 ql2300 - ok
14:41:36.0967 5032 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:41:36.0982 5032 ql40xx - ok
14:41:37.0013 5032 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:41:37.0029 5032 QWAVE - ok
14:41:37.0029 5032 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:41:37.0045 5032 QWAVEdrv - ok
14:41:37.0045 5032 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:41:37.0060 5032 RasAcd - ok
14:41:37.0076 5032 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:41:37.0091 5032 RasAgileVpn - ok
14:41:37.0091 5032 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:41:37.0138 5032 RasAuto - ok
14:41:37.0169 5032 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:41:37.0185 5032 Rasl2tp - ok
14:41:37.0201 5032 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:41:37.0216 5032 RasMan - ok
14:41:37.0232 5032 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:41:37.0247 5032 RasPppoe - ok
14:41:37.0263 5032 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:41:37.0263 5032 RasSstp - ok
14:41:37.0310 5032 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:41:37.0325 5032 rdbss - ok
14:41:37.0325 5032 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:41:37.0341 5032 rdpbus - ok
14:41:37.0357 5032 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:41:37.0357 5032 RDPCDD - ok
14:41:37.0403 5032 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:41:37.0419 5032 RDPDR - ok
14:41:37.0435 5032 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:41:37.0450 5032 RDPENCDD - ok
14:41:37.0450 5032 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:41:37.0466 5032 RDPREFMP - ok
14:41:37.0513 5032 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:41:37.0528 5032 RDPWD - ok
14:41:37.0575 5032 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:41:37.0591 5032 rdyboost - ok
14:41:37.0637 5032 [ 9276F4D4109FC349925D28E00E533146 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:41:37.0653 5032 RegSrvc - ok
14:41:37.0669 5032 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:41:37.0684 5032 RemoteAccess - ok
14:41:37.0700 5032 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:41:37.0715 5032 RemoteRegistry - ok
14:41:37.0731 5032 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:41:37.0747 5032 RFCOMM - ok
14:41:37.0762 5032 [ FF501F212E5D5A97F8339928320F269E ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
14:41:37.0778 5032 risdxc - ok
14:41:37.0793 5032 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:41:37.0809 5032 RpcEptMapper - ok
14:41:37.0856 5032 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:41:37.0871 5032 RpcLocator - ok
14:41:37.0918 5032 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:41:37.0918 5032 RpcSs - ok
14:41:37.0934 5032 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:41:37.0949 5032 rspndr - ok
14:41:37.0981 5032 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:41:37.0996 5032 s3cap - ok
14:41:38.0012 5032 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:41:38.0012 5032 SamSs - ok
14:41:38.0027 5032 SAService - ok
14:41:38.0090 5032 [ 26E2192D31CC7A7421D1AE18947A6EAE ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
14:41:38.0090 5032 SAVAdminService - ok
14:41:38.0137 5032 [ C3999EF390EB460A636E9FFBA040BF8A ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
14:41:38.0152 5032 SAVOnAccess - ok
14:41:38.0168 5032 [ D31E18B53B0E52C234568BB61EEC7940 ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
14:41:38.0168 5032 SAVService - ok
14:41:38.0215 5032 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:41:38.0230 5032 sbp2port - ok
14:41:38.0246 5032 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:41:38.0261 5032 SCardSvr - ok
14:41:38.0308 5032 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:41:38.0308 5032 scfilter - ok
14:41:38.0371 5032 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:41:38.0386 5032 Schedule - ok
14:41:38.0433 5032 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:41:38.0433 5032 SCPolicySvc - ok
14:41:38.0480 5032 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:41:38.0480 5032 sdbus - ok
14:41:38.0527 5032 [ 7D67AEABEB597C602EDB5B3AE316E96A ] sdcfilter C:\Windows\system32\DRIVERS\sdcfilter.sys
14:41:38.0542 5032 sdcfilter - ok
14:41:38.0589 5032 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:41:38.0605 5032 SDRSVC - ok
14:41:38.0620 5032 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:41:38.0620 5032 secdrv - ok
14:41:38.0667 5032 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:41:38.0683 5032 seclogon - ok
14:41:38.0698 5032 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:41:38.0698 5032 SENS - ok
14:41:38.0714 5032 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:41:38.0714 5032 SensrSvc - ok
14:41:38.0729 5032 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:41:38.0729 5032 Serenum - ok
14:41:38.0745 5032 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:41:38.0761 5032 Serial - ok
14:41:38.0792 5032 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:41:38.0807 5032 sermouse - ok
14:41:38.0854 5032 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:41:38.0854 5032 SessionEnv - ok
14:41:38.0870 5032 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:41:38.0885 5032 sffdisk - ok
14:41:38.0885 5032 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:41:38.0901 5032 sffp_mmc - ok
14:41:38.0901 5032 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:41:38.0917 5032 sffp_sd - ok
14:41:38.0948 5032 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:41:38.0948 5032 sfloppy - ok
14:41:38.0995 5032 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:41:39.0213 5032 SharedAccess - ok
14:41:39.0213 5032 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:41:39.0229 5032 ShellHWDetection - ok
14:41:39.0244 5032 [ 380B52126E62C6C2D3C8BA805AADFDC7 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
14:41:39.0260 5032 Shockprf - ok
14:41:39.0275 5032 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:41:39.0275 5032 SiSRaid2 - ok
14:41:39.0291 5032 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:41:39.0307 5032 SiSRaid4 - ok
14:41:39.0369 5032 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:41:39.0509 5032 SkypeUpdate - ok
14:41:39.0525 5032 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:41:39.0525 5032 Smb - ok
14:41:39.0556 5032 [ C5B1A19B14F19B08AE72FCB20A3075B6 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
14:41:39.0572 5032 smihlp - ok
14:41:39.0603 5032 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:41:39.0603 5032 SNMPTRAP - ok
14:41:39.0665 5032 [ 025150B0A330CD29E2AF198DD3EB35FF ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
14:41:39.0697 5032 Sophos AutoUpdate Service - ok
14:41:39.0775 5032 [ BD03374253F79CE7A716A870DC85BD84 ] Sophos Web Control Service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
14:41:39.0775 5032 Sophos Web Control Service - ok
14:41:39.0837 5032 [ 69FBE35A8165ADBC313AA7F64B868CA1 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
14:41:39.0853 5032 SophosBootDriver - ok
14:41:39.0899 5032 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:41:39.0899 5032 spldr - ok
14:41:39.0946 5032 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:41:39.0962 5032 Spooler - ok
14:41:40.0055 5032 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:41:40.0165 5032 sppsvc - ok
14:41:40.0180 5032 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:41:40.0196 5032 sppuinotify - ok
14:41:40.0243 5032 [ EB1E046AC04AC33A2D4A7C8F1A8DD793 ] SROSVC C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
14:41:40.0258 5032 SROSVC - ok
14:41:40.0305 5032 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:41:40.0321 5032 srv - ok
14:41:40.0336 5032 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:41:40.0336 5032 srv2 - ok
14:41:40.0367 5032 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:41:40.0367 5032 SrvHsfHDA - ok
14:41:40.0414 5032 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:41:40.0430 5032 SrvHsfV92 - ok
14:41:40.0445 5032 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:41:40.0445 5032 SrvHsfWinac - ok
14:41:40.0492 5032 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:41:40.0508 5032 srvnet - ok
14:41:40.0523 5032 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:41:40.0539 5032 SSDPSRV - ok
14:41:40.0555 5032 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:41:40.0570 5032 SstpSvc - ok
14:41:40.0586 5032 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:41:40.0601 5032 stexstor - ok
14:41:40.0648 5032 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:41:40.0664 5032 stisvc - ok
14:41:40.0711 5032 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:41:40.0726 5032 storflt - ok
14:41:40.0742 5032 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:41:40.0757 5032 StorSvc - ok
14:41:40.0757 5032 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:41:40.0773 5032 storvsc - ok
14:41:40.0804 5032 [ 266D6BE20B40B7DC0949F5108E838B5E ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
14:41:40.0835 5032 SUService - ok
14:41:40.0867 5032 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:41:40.0882 5032 swenum - ok
14:41:41.0007 5032 [ AFE48B0B5F952D41CC9341E3DEDA646D ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
14:41:41.0210 5032 swi_service - ok
14:41:41.0335 5032 [ 038DC2AA8DA8A240A4E73C7FADD4BDB4 ] swi_update_64 C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe
14:41:41.0366 5032 swi_update_64 - ok
14:41:41.0397 5032 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:41:41.0413 5032 swprv - ok
14:41:41.0444 5032 [ B49FA98AFAD439CD7E33164C3A19BB88 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:41:41.0475 5032 SynTP - ok
14:41:41.0537 5032 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:41:41.0584 5032 SysMain - ok
14:41:41.0631 5032 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:41:41.0647 5032 TabletInputService - ok
14:41:41.0647 5032 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:41:41.0662 5032 TapiSrv - ok
14:41:41.0678 5032 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:41:41.0693 5032 TBS - ok
14:41:41.0756 5032 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:41:41.0787 5032 Tcpip - ok
14:41:41.0803 5032 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:41:41.0818 5032 TCPIP6 - ok
14:41:41.0834 5032 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:41:41.0834 5032 tcpipreg - ok
14:41:41.0849 5032 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:41:41.0865 5032 TDPIPE - ok
14:41:41.0896 5032 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:41:41.0912 5032 TDTCP - ok
14:41:41.0959 5032 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:41:41.0959 5032 tdx - ok
14:41:42.0005 5032 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:41:42.0021 5032 TermDD - ok
14:41:42.0068 5032 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:41:42.0083 5032 TermService - ok
14:41:42.0099 5032 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:41:42.0115 5032 Themes - ok
14:41:42.0130 5032 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:41:42.0130 5032 THREADORDER - ok
14:41:42.0146 5032 [ 5523C729F1ED31B63C88490AF3D220FA ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
14:41:42.0161 5032 TPDIGIMN - ok
14:41:42.0177 5032 [ ECB098A3404ACB8A05F0673DC086BB43 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
14:41:42.0193 5032 TPHDEXLGSVC - ok
14:41:42.0208 5032 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
14:41:42.0208 5032 TPM - ok
14:41:42.0255 5032 [ 6EE437A872E0184D6D09F65C5EA0AABA ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
14:41:42.0271 5032 TPPWRIF - ok
14:41:42.0286 5032 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:41:42.0302 5032 TrkWks - ok
14:41:42.0380 5032 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:41:42.0380 5032 TrustedInstaller - ok
14:41:42.0427 5032 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:41:42.0442 5032 tssecsrv - ok
14:41:42.0473 5032 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:41:42.0489 5032 TsUsbFlt - ok
14:41:42.0536 5032 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:41:42.0536 5032 tunnel - ok
14:41:42.0567 5032 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:41:42.0583 5032 uagp35 - ok
14:41:42.0598 5032 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:41:42.0598 5032 udfs - ok
14:41:42.0629 5032 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:41:42.0645 5032 UI0Detect - ok
14:41:42.0661 5032 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:41:42.0661 5032 uliagpkx - ok
14:41:42.0707 5032 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:41:42.0707 5032 umbus - ok
14:41:42.0723 5032 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:41:42.0739 5032 UmPass - ok
14:41:42.0785 5032 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:41:42.0801 5032 UmRdpService - ok
14:41:42.0895 5032 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:41:43.0082 5032 UNS - ok
14:41:43.0113 5032 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:41:43.0113 5032 upnphost - ok
14:41:43.0160 5032 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:41:43.0175 5032 USBAAPL64 - ok
14:41:43.0207 5032 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:41:43.0222 5032 usbccgp - ok
14:41:43.0269 5032 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:41:43.0285 5032 usbcir - ok
14:41:43.0285 5032 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:41:43.0300 5032 usbehci - ok
14:41:43.0316 5032 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:41:43.0316 5032 usbhub - ok
14:41:43.0331 5032 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:41:43.0347 5032 usbohci - ok
14:41:43.0363 5032 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:41:43.0363 5032 usbprint - ok
14:41:43.0409 5032 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:41:43.0425 5032 USBSTOR - ok
14:41:43.0425 5032 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:41:43.0441 5032 usbuhci - ok
14:41:43.0487 5032 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:41:43.0487 5032 usbvideo - ok
14:41:43.0519 5032 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:41:43.0519 5032 UxSms - ok
14:41:43.0550 5032 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:41:43.0550 5032 VaultSvc - ok
14:41:43.0550 5032 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:41:43.0565 5032 vdrvroot - ok
14:41:43.0612 5032 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:41:43.0628 5032 vds - ok
14:41:43.0643 5032 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:41:43.0659 5032 vga - ok
14:41:43.0659 5032 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:41:43.0675 5032 VgaSave - ok
14:41:43.0706 5032 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:41:43.0721 5032 vhdmp - ok
14:41:43.0753 5032 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:41:43.0768 5032 viaide - ok
14:41:43.0799 5032 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:41:43.0815 5032 vmbus - ok
14:41:43.0846 5032 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:41:43.0846 5032 VMBusHID - ok
14:41:43.0877 5032 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:41:43.0893 5032 volmgr - ok
14:41:43.0940 5032 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:41:43.0971 5032 volmgrx - ok
14:41:43.0971 5032 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:41:43.0987 5032 volsnap - ok
14:41:44.0018 5032 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:41:44.0033 5032 vsmraid - ok
14:41:44.0096 5032 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:41:44.0111 5032 VSS - ok
14:41:44.0127 5032 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:41:44.0127 5032 vwifibus - ok
14:41:44.0127 5032 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:41:44.0143 5032 vwififlt - ok
14:41:44.0174 5032 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:41:44.0189 5032 W32Time - ok
14:41:44.0205 5032 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:41:44.0221 5032 WacomPen - ok
14:41:44.0252 5032 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:41:44.0267 5032 WANARP - ok
14:41:44.0267 5032 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:41:44.0267 5032 Wanarpv6 - ok
14:41:44.0330 5032 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:41:44.0455 5032 WatAdminSvc - ok
14:41:44.0517 5032 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:41:44.0533 5032 wbengine - ok
14:41:44.0548 5032 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:41:44.0564 5032 WbioSrvc - ok
14:41:44.0611 5032 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:41:44.0626 5032 wcncsvc - ok
14:41:44.0642 5032 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:41:44.0642 5032 WcsPlugInService - ok
14:41:44.0673 5032 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:41:44.0673 5032 Wd - ok
14:41:44.0735 5032 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:41:44.0751 5032 Wdf01000 - ok
14:41:44.0767 5032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:41:44.0782 5032 WdiServiceHost - ok
14:41:44.0782 5032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:41:44.0782 5032 WdiSystemHost - ok
14:41:44.0829 5032 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:41:44.0845 5032 WebClient - ok
14:41:44.0845 5032 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:41:44.0860 5032 Wecsvc - ok
14:41:44.0860 5032 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:41:44.0876 5032 wercplsupport - ok
14:41:44.0891 5032 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:41:44.0891 5032 WerSvc - ok
14:41:44.0907 5032 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:41:44.0923 5032 WfpLwf - ok
14:41:44.0938 5032 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:41:44.0938 5032 WIMMount - ok
14:41:44.0954 5032 WinDefend - ok
14:41:44.0954 5032 WinHttpAutoProxySvc - ok
14:41:44.0985 5032 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:41:45.0001 5032 Winmgmt - ok
14:41:45.0079 5032 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:41:45.0094 5032 WinRM - ok
14:41:45.0141 5032 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
14:41:45.0157 5032 WinUsb - ok
14:41:45.0188 5032 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:41:45.0188 5032 Wlansvc - ok
14:41:45.0203 5032 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:41:45.0219 5032 WmiAcpi - ok
14:41:45.0235 5032 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:41:45.0250 5032 wmiApSrv - ok
14:41:45.0266 5032 WMPNetworkSvc - ok
14:41:45.0281 5032 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:41:45.0297 5032 WPCSvc - ok
14:41:45.0344 5032 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:41:45.0359 5032 WPDBusEnum - ok
14:41:45.0375 5032 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:41:45.0375 5032 ws2ifsl - ok
14:41:45.0391 5032 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:41:45.0406 5032 wscsvc - ok
14:41:45.0453 5032 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
14:41:45.0453 5032 WSDPrintDevice - ok
14:41:45.0500 5032 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
14:41:45.0515 5032 WSDScan - ok
14:41:45.0515 5032 WSearch - ok
14:41:45.0593 5032 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:41:45.0625 5032 wuauserv - ok
14:41:45.0671 5032 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:41:45.0671 5032 WudfPf - ok
14:41:45.0687 5032 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:41:45.0703 5032 WUDFRd - ok
14:41:45.0718 5032 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:41:45.0718 5032 wudfsvc - ok
14:41:45.0749 5032 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:41:45.0765 5032 WwanSvc - ok
14:41:45.0765 5032 ================ Scan global ===============================
14:41:45.0796 5032 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:41:45.0859 5032 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:41:45.0874 5032 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:41:45.0890 5032 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:41:45.0921 5032 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:41:45.0937 5032 [Global] - ok
14:41:45.0937 5032 ================ Scan MBR ==================================
14:41:45.0937 5032 [ 6BFAAE116B18F1BBE44A3610A0A5F23E ] \Device\Harddisk0\DR0
14:41:46.0171 5032 \Device\Harddisk0\DR0 - ok
14:41:46.0171 5032 ================ Scan VBR ==================================
14:41:46.0171 5032 [ 03146B15E59F4CCB63C11399691CC19C ] \Device\Harddisk0\DR0\Partition1
14:41:46.0171 5032 \Device\Harddisk0\DR0\Partition1 - ok
14:41:46.0186 5032 [ 76C3900CEA3692BCB450154E31F4FA5F ] \Device\Harddisk0\DR0\Partition2
14:41:46.0186 5032 \Device\Harddisk0\DR0\Partition2 - ok
14:41:46.0202 5032 [ E3BFBEB6801564B9CE9F4BE910A339A6 ] \Device\Harddisk0\DR0\Partition3
14:41:46.0202 5032 \Device\Harddisk0\DR0\Partition3 - ok
14:41:46.0202 5032 ============================================================
14:41:46.0202 5032 Scan finished
14:41:46.0202 5032 ============================================================
14:41:46.0217 6132 Detected object count: 0
14:41:46.0217 6132 Actual detected object count: 0
14:42:36.0543 2704 Deinitialize success

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:54 PM

Posted 02 December 2012 - 02:43 AM

That looks good. Please give it a day or so and see if the redirects come back or not.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 rancho

rancho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 03 December 2012 - 12:27 PM

OK thanks, IE and google seem to be working fine now, no redirects. One thing I did notice that seemed strange though was that in my Add/Remove program list are 5 programs (or files) called CVE-2012-1889. It's listed 5 times in a row. I clicked uninstall and it was deleted instantly and nothing else happened. Is this related to the problems I've been having?

#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:54 PM

Posted 03 December 2012 - 12:55 PM

That is indeed strange, were you able to remove all of the isntances?

Please download and run Security Check and post me the resulting log. You can download it here.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 rancho

rancho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 03 December 2012 - 01:41 PM

Yes I clicked Uninstall for all 5 and they all were removed.

I ran Security Check and the log is below:


Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Sophos Anti-Virus
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 9
Adobe Flash Player 11.5.502.110
Adobe Reader 9 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Sophos Sophos Anti-Virus SavService.exe
Sophos Sophos Anti-Virus SAVAdminService.exe
Sophos Sophos Anti-Virus Web Control swc_service.exe
Sophos Sophos Anti-Virus Web Intelligence swi_service.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:54 PM

Posted 03 December 2012 - 01:55 PM

Just to be sure lets check out your internet/security services.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:
  • Download the latest version of Adobe Reader Version X. and save it to your desktop.
  • Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offered
  • Click the download button at the bottom.
  • If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.
  • Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat.
    If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your Computer
  • Then from your desktop double-click on Adobe Reader to install the newest version.
    If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the "Adobe Setup - Welcome" window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
Your Adobe Reader is now up to date!

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 rancho

rancho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 05 December 2012 - 02:38 PM

Hi the computer seems to be running fine last few days, no more google redirects.

I removed Adobe Reader 9.5.x and installed the Adobe Reader 11 (latest version).

I ran Farbar, see below for log.

Log from Farbar Service Scanner:
Farbar Service Scanner Version: 04-12-2012
Ran by AndyQ (administrator) on 05-12-2012 at 11:26:19
Running from "C:\Users\AndyQ\Desktop"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#15 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:54 PM

Posted 05 December 2012 - 02:41 PM

That all looks excellent. :)

I have included below some general prevention information.

Please read the following advice on how to prevent reinfecting your PC:
  • Install and update the following programs regularly:
    • an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
      A comprehensive tutorial and a list of possible firewalls can be found here.
    • an AntiVirus Software
      It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
  • Keep Windows (and your other Microsoft software) up to date!
    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.
    Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!
  • Keep your other software up to date as well
    Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.
  • Stay up to date!
    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.
Some more links you might find of interest:

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users