Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows detected hard disk problem


  • Please log in to reply
9 replies to this topic

#1 doughboy123

doughboy123

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:03 AM

Posted 05 December 2017 - 05:10 PM

hi i was sent back here from Am I infected (Aii) forum

 

ran a tdss rootkit.  here it is in 2 replies: still pops up

 

 

14:08:48.0928 3192  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

14:08:50.0434 3192  ============================================================

14:08:50.0434 3192  Current date / time: 2017/12/05 14:08:50.0434

14:08:50.0434 3192  SystemInfo:

14:08:50.0435 3192  

14:08:50.0435 3192  OS Version: 6.1.7601 ServicePack: 1.0

14:08:50.0435 3192  Product type: Workstation

14:08:50.0435 3192  ComputerName: DAVEDOHERTY

14:08:50.0436 3192  UserName: Dave Dorehty

14:08:50.0436 3192  Windows directory: C:\Windows

14:08:50.0436 3192  System windows directory: C:\Windows

14:08:50.0436 3192  Running under WOW64

14:08:50.0436 3192  Processor architecture: Intel x64

14:08:50.0436 3192  Number of processors: 4

14:08:50.0436 3192  Page size: 0x1000

14:08:50.0436 3192  Boot type: Normal boot

14:08:50.0436 3192  ============================================================

14:09:00.0657 3192  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:09:00.0683 3192  ============================================================

14:09:00.0684 3192  \Device\Harddisk0\DR0:

14:09:00.0684 3192  MBR partitions:

14:09:00.0684 3192  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000

14:09:00.0684 3192  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x1B02C800

14:09:00.0684 3192  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B285000, BlocksNum 0x1F40000

14:09:00.0684 3192  ============================================================

14:09:00.0846 3192  C: <-> \Device\Harddisk0\DR0\Partition2

14:09:01.0067 3192  Q: <-> \Device\Harddisk0\DR0\Partition3

14:09:01.0083 3192  ============================================================

14:09:01.0083 3192  Initialize success

14:09:01.0083 3192  ============================================================

14:09:03.0185 6964  ============================================================

14:09:03.0185 6964  Scan started

14:09:03.0185 6964  Mode: Manual; 

14:09:03.0185 6964  ============================================================

14:09:03.0739 6964  ================ Scan system memory ========================

14:09:03.0739 6964  System memory - ok

14:09:03.0739 6964  ================ Scan services =============================

14:09:04.0625 6964  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

14:09:04.0653 6964  1394ohci - ok

14:09:04.0718 6964  [ F4AF97702BAD85BFEF64B9A557F11B6F ] 5U877           C:\Windows\system32\DRIVERS\5U877.sys

14:09:04.0724 6964  5U877 - ok

14:09:04.0751 6964  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

14:09:04.0757 6964  ACPI - ok

14:09:04.0798 6964  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

14:09:04.0800 6964  AcpiPmi - ok

14:09:04.0924 6964  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

14:09:04.0927 6964  AdobeARMservice - ok

14:09:05.0575 6964  [ 5D0A6467159A017D3F2222CAE67031B3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

14:09:05.0580 6964  AdobeFlashPlayerUpdateSvc - ok

14:09:05.0672 6964  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

14:09:05.0679 6964  adp94xx - ok

14:09:05.0769 6964  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys

14:09:05.0789 6964  adpahci - ok

14:09:05.0817 6964  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

14:09:05.0824 6964  adpu320 - ok

14:09:05.0885 6964  [ 262D7C87D0AC20B96EF9877D3CA478A0 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

14:09:05.0888 6964  AeLookupSvc - ok

14:09:06.0106 6964  [ 0DC2A9882540DEA4A55B08785E09D8FC ] AFD             C:\Windows\system32\drivers\afd.sys

14:09:06.0137 6964  AFD - ok

14:09:06.0290 6964  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

14:09:06.0297 6964  agp440 - ok

14:09:06.0375 6964  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

14:09:06.0385 6964  ALG - ok

14:09:06.0494 6964  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

14:09:06.0500 6964  aliide - ok

14:09:06.0570 6964  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

14:09:06.0579 6964  amdide - ok

14:09:06.0623 6964  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

14:09:06.0628 6964  AmdK8 - ok

14:09:06.0645 6964  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys

14:09:06.0650 6964  AmdPPM - ok

14:09:06.0703 6964  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

14:09:06.0714 6964  amdsata - ok

14:09:06.0771 6964  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

14:09:06.0777 6964  amdsbs - ok

14:09:06.0804 6964  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

14:09:06.0809 6964  amdxata - ok

14:09:06.0916 6964  [ C16B5B379A2A79702CC5FF923EAAE3FD ] AppID           C:\Windows\system32\drivers\appid.sys

14:09:07.0011 6964  AppID - ok

14:09:07.0064 6964  [ 5152D6B29C61EF59537DBDA92BFE2978 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

14:09:07.0085 6964  AppIDSvc - ok

14:09:07.0158 6964  [ DE23E052E557580674785CDF45B613F3 ] Appinfo         C:\Windows\System32\appinfo.dll

14:09:07.0160 6964  Appinfo - ok

14:09:07.0349 6964  [ A5E8EB3B4244358F62DADF769DB59567 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

14:09:07.0353 6964  Apple Mobile Device Service - ok

14:09:07.0516 6964  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll

14:09:07.0522 6964  AppMgmt - ok

14:09:07.0602 6964  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys

14:09:07.0607 6964  arc - ok

14:09:07.0654 6964  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys

14:09:07.0660 6964  arcsas - ok

14:09:09.0756 6964  [ 8637F3119057178364D200F2462E625C ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

14:09:09.0873 6964  aspnet_state - ok

14:09:09.0926 6964  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

14:09:09.0929 6964  AsyncMac - ok

14:09:09.0990 6964  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

14:09:09.0994 6964  atapi - ok

14:09:10.0211 6964  [ 67C717EC24FCAAE7B518D9E06AD036AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

14:09:10.0233 6964  AudioEndpointBuilder - ok

14:09:10.0423 6964  [ 67C717EC24FCAAE7B518D9E06AD036AB ] AudioSrv        C:\Windows\System32\Audiosrv.dll

14:09:10.0435 6964  AudioSrv - ok

14:09:10.0641 6964  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

14:09:10.0650 6964  AxInstSV - ok

14:09:10.0841 6964  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

14:09:10.0873 6964  b06bdrv - ok

14:09:10.0977 6964  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

14:09:10.0985 6964  b57nd60a - ok

14:09:11.0051 6964  bbhyfliq - ok

14:09:11.0089 6964  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

14:09:11.0099 6964  BDESVC - ok

14:09:11.0194 6964  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

14:09:11.0198 6964  Beep - ok

14:09:11.0386 6964  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

14:09:11.0432 6964  BFE - ok

14:09:11.0582 6964  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll

14:09:11.0722 6964  BITS - ok

14:09:11.0957 6964  [ 686045905787B68D829CE647A6DFAD2B ] Blackberry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe

14:09:11.0988 6964  Blackberry Device Manager - ok

14:09:12.0044 6964  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

14:09:12.0054 6964  blbdrive - ok

14:09:12.0188 6964  [ B5C2F92EE1106DFE7BB1CCE4D35B6037 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

14:09:12.0211 6964  Bonjour Service - ok

14:09:12.0300 6964  [ ABA3984C822E4D3F889699912D85D6C5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

14:09:12.0303 6964  bowser - ok

14:09:12.0331 6964  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

14:09:12.0334 6964  BrFiltLo - ok

14:09:12.0350 6964  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

14:09:12.0352 6964  BrFiltUp - ok

14:09:12.0396 6964  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

14:09:12.0400 6964  Browser - ok

14:09:12.0417 6964  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

14:09:12.0423 6964  Brserid - ok

14:09:12.0446 6964  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

14:09:12.0449 6964  BrSerWdm - ok

14:09:12.0461 6964  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

14:09:12.0463 6964  BrUsbMdm - ok

14:09:12.0488 6964  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

14:09:12.0489 6964  BrUsbSer - ok

14:09:12.0501 6964  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

14:09:12.0608 6964  BTHMODEM - ok

14:09:12.0655 6964  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

14:09:12.0658 6964  bthserv - ok

14:09:12.0679 6964  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

14:09:12.0681 6964  cdfs - ok

14:09:12.0723 6964  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

14:09:12.0728 6964  cdrom - ok

14:09:12.0862 6964  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

14:09:12.0869 6964  CertPropSvc - ok

14:09:12.0985 6964  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys

14:09:13.0019 6964  circlass - ok

14:09:13.0247 6964  [ 3963FEC1892368DD500E6ED1F5C286CE ] CLFS            C:\Windows\system32\CLFS.sys

14:09:13.0269 6964  CLFS - ok

14:09:13.0543 6964  [ F13EC8A783E0CB0D6DC26A3CA848B7B8 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:09:13.0548 6964  clr_optimization_v2.0.50727_32 - ok

14:09:13.0898 6964  [ B4D73F04E9BC076F7CDAC4327DF636BB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:09:13.0905 6964  clr_optimization_v2.0.50727_64 - ok

14:09:14.0406 6964  [ 2BA609641FA64BAB02ACD3C0095672F5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:09:14.0868 6964  clr_optimization_v4.0.30319_32 - ok

14:09:14.0925 6964  [ 7C7502CD2A2CFAB399D0D8DA95DB03E7 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

14:09:15.0299 6964  clr_optimization_v4.0.30319_64 - ok

14:09:15.0338 6964  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

14:09:15.0348 6964  CmBatt - ok

14:09:15.0408 6964  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

14:09:15.0412 6964  cmdide - ok

14:09:15.0561 6964  [ A98CED39AD91B445E2E442A9BD67E8B4 ] CNG             C:\Windows\system32\Drivers\cng.sys

14:09:15.0574 6964  CNG - ok

14:09:15.0692 6964  [ DB6F09464C57606892BF6D2458483417 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys

14:09:15.0744 6964  CnxtHdAudService - ok

14:09:15.0826 6964  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

14:09:15.0836 6964  Compbatt - ok

14:09:15.0877 6964  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

14:09:15.0882 6964  CompositeBus - ok

14:09:15.0905 6964  COMSysApp - ok

14:09:15.0920 6964  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

14:09:15.0923 6964  crcdisk - ok

14:09:16.0007 6964  [ 48FEDBE324F1EA9417BA1D62AE863011 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

14:09:16.0091 6964  CryptSvc - ok

14:09:16.0197 6964  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys

14:09:16.0223 6964  CSC - ok

14:09:16.0268 6964  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll

14:09:16.0291 6964  CscService - ok

14:09:16.0410 6964  [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe

14:09:16.0416 6964  CxAudMsg - ok

14:09:16.0616 6964  [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

14:09:16.0617 6964  dbupdate - ok

14:09:16.0700 6964  [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

14:09:16.0702 6964  dbupdatem - ok

14:09:16.0776 6964  dbx - ok

14:09:16.0835 6964  [ 617E755C8446E1B22E8E4CFBA4ADC4A3 ] DbxSvc          C:\Windows\system32\DbxSvc.exe

14:09:16.0837 6964  DbxSvc - ok

14:09:16.0918 6964  [ 3F1A199859B4F3F8357B2A0AF5666A54 ] DcomLaunch      C:\Windows\system32\rpcss.dll

14:09:16.0940 6964  DcomLaunch - ok

14:09:17.0027 6964  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

14:09:17.0037 6964  defragsvc - ok

14:09:17.0100 6964  [ 9B38580063D281A99E68EF5813022A5F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

14:09:17.0166 6964  DfsC - ok

14:09:17.0265 6964  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

14:09:17.0276 6964  Dhcp - ok

14:09:17.0515 6964  [ EE9954237F15BE4DD9304D12E4D305ED ] DiagTrack       C:\Windows\system32\diagtrack.dll

14:09:17.0552 6964  DiagTrack - ok

14:09:17.0587 6964  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

14:09:17.0589 6964  discache - ok

14:09:17.0625 6964  [ 616387BBD83372220B09DE95F4E67BBC ] Disk            C:\Windows\system32\drivers\disk.sys

14:09:17.0627 6964  Disk - ok

14:09:17.0648 6964  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys

14:09:17.0654 6964  dmvsc - ok

14:09:17.0768 6964  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

14:09:17.0773 6964  Dnscache - ok

14:09:17.0812 6964  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

14:09:17.0818 6964  dot3svc - ok

14:09:18.0029 6964  [ E6987F7818154791A6937BCC6655599B ] DozeSvc         C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE

14:09:18.0053 6964  DozeSvc - ok

14:09:18.0098 6964  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

14:09:18.0105 6964  DPS - ok

14:09:18.0145 6964  [ 26FE888505E5A945B0536AF9A2A27A6F ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

14:09:18.0149 6964  drmkaud - ok

14:09:18.0723 6964  [ 5CEF80AE869336376F550ECAE91E424A ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

14:09:18.0856 6964  DXGKrnl - ok

14:09:18.0986 6964  [ CE4CFFD9F64B86BCEB1C343FC9924D72 ] DzHDD64         C:\Windows\system32\DRIVERS\DzHDD64.sys

14:09:18.0995 6964  DzHDD64 - ok

14:09:19.0071 6964  [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys

14:09:19.0082 6964  e1cexpress - ok

14:09:19.0173 6964  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

14:09:19.0177 6964  EapHost - ok

14:09:19.0418 6964  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys

14:09:19.0549 6964  ebdrv - ok

14:09:19.0630 6964  [ 62056ADD38513A86C4866E912371B56B ] EFS             C:\Windows\System32\lsass.exe

14:09:19.0636 6964  EFS - ok

14:09:19.0840 6964  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

14:09:19.0901 6964  ehRecvr - ok

14:09:19.0924 6964  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

14:09:19.0929 6964  ehSched - ok

14:09:20.0074 6964  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

14:09:20.0128 6964  elxstor - ok

14:09:20.0285 6964  [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

14:09:20.0288 6964  EpsonBidirectionalService - ok

14:09:20.0305 6964  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

14:09:20.0309 6964  ErrDev - ok

14:09:20.0372 6964  [ 7D0520A12B31E6858B3BB7E675AFA34E ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys

14:09:20.0376 6964  ESProtectionDriver - ok

14:09:20.0540 6964  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

14:09:20.0582 6964  EventSystem - ok

14:09:20.0797 6964  [ 7E45F8B117419ABA3BB26579F6E70324 ] exfat           C:\Windows\system32\drivers\exfat.sys

14:09:20.0876 6964  exfat - ok

14:09:20.0917 6964  [ 6EDFA237D25433C03F42FBFDB16BDD24 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

14:09:20.0924 6964  fastfat - ok

14:09:21.0109 6964  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

14:09:21.0151 6964  Fax - ok

14:09:21.0241 6964  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys

14:09:21.0246 6964  fdc - ok

14:09:21.0335 6964  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

14:09:21.0341 6964  fdPHost - ok

14:09:21.0394 6964  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

14:09:21.0398 6964  FDResPub - ok

14:09:21.0439 6964  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

14:09:21.0444 6964  FileInfo - ok

14:09:21.0467 6964  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

14:09:21.0470 6964  Filetrace - ok

14:09:21.0508 6964  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

14:09:21.0512 6964  flpydisk - ok

14:09:21.0599 6964  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

14:09:21.0688 6964  FltMgr - ok

14:09:21.0908 6964  [ 785F474FB5E67E448E1931C98E8D0ABC ] FontCache       C:\Windows\system32\FntCache.dll

14:09:22.0058 6964  FontCache - ok

14:09:22.0176 6964  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:09:22.0180 6964  FontCache3.0.0.0 - ok

14:09:22.0225 6964  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

14:09:22.0228 6964  FsDepends - ok

14:09:22.0280 6964  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

14:09:22.0283 6964  Fs_Rec - ok

14:09:22.0391 6964  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

14:09:22.0396 6964  fvevol - ok

14:09:22.0489 6964  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

14:09:22.0494 6964  gagp30kx - ok

14:09:22.0595 6964  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:09:22.0600 6964  GEARAspiWDM - ok

14:09:22.0658 6964  [ E4AE497857409127ED57562AF913A903 ] gpsvc           C:\Windows\System32\gpsvc.dll

14:09:22.0680 6964  gpsvc - ok

14:09:22.0760 6964  [ 053EEEE1ABAE53F044F1E386E22AE525 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

14:09:22.0761 6964  gupdate - ok

14:09:22.0769 6964  [ 053EEEE1ABAE53F044F1E386E22AE525 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

14:09:22.0770 6964  gupdatem - ok

14:09:22.0792 6964  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

14:09:22.0793 6964  hcw85cir - ok

14:09:22.0879 6964  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

14:09:22.0900 6964  HdAudAddService - ok

14:09:22.0942 6964  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

14:09:22.0950 6964  HDAudBus - ok

14:09:22.0986 6964  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

14:09:23.0045 6964  HidBatt - ok

14:09:23.0078 6964  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys

14:09:23.0085 6964  HidBth - ok

14:09:23.0194 6964  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys

14:09:23.0198 6964  HidIr - ok

14:09:23.0235 6964  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll

14:09:23.0240 6964  hidserv - ok

14:09:23.0359 6964  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

14:09:23.0364 6964  HidUsb - ok

14:09:23.0398 6964  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

14:09:23.0402 6964  hkmsvc - ok

14:09:23.0428 6964  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

14:09:23.0433 6964  HomeGroupListener - ok

14:09:23.0464 6964  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

14:09:23.0468 6964  HomeGroupProvider - ok

14:09:23.0496 6964  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

14:09:23.0498 6964  HpSAMD - ok

14:09:23.0637 6964  [ 02F1253476B7F5F818364443DFED3264 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

14:09:23.0643 6964  HPSupportSolutionsFrameworkService - ok

14:09:23.0717 6964  [ CF5C9BD985120781200D35FD445D0BD5 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

14:09:23.0726 6964  HTTP - ok

14:09:23.0754 6964  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

14:09:23.0755 6964  hwpolicy - ok

14:09:23.0812 6964  [ 9149907FF8681AD6475607EEBF62DD2F ] HyperW7Svc      C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe

14:09:23.0815 6964  HyperW7Svc - ok

14:09:23.0845 6964  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

14:09:23.0847 6964  i8042prt - ok

14:09:23.0912 6964  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\drivers\iaStor.sys

14:09:23.0914 6964  iaStor - ok

14:09:23.0964 6964  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

14:09:23.0971 6964  iaStorV - ok

14:09:24.0000 6964  [ 29ED470689B7C597A9701D6A4C57A578 ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys

14:09:24.0001 6964  IBMPMDRV - ok

14:09:24.0012 6964  [ BC7AF43EEC24E995D770EC92A441D5D8 ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe

14:09:24.0014 6964  IBMPMSVC - ok

14:09:24.0078 6964  [ C98A5B9D932430AD8EEBD3EF73756EF7 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:09:24.0123 6964  idsvc - ok

14:09:24.0656 6964  [ 66DC0CE2D1867B8178EAA0E11930DBD7 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys

14:09:24.0906 6964  igfx - ok

14:09:24.0978 6964  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

14:09:24.0981 6964  iirsp - ok

14:09:25.0050 6964  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll

14:09:25.0077 6964  IKEEXT - ok

14:09:25.0191 6964  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys

14:09:25.0212 6964  IntcDAud - ok

14:09:25.0278 6964  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

14:09:25.0284 6964  intelide - ok

14:09:25.0351 6964  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

14:09:25.0355 6964  intelppm - ok

14:09:25.0405 6964  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

14:09:25.0415 6964  IPBusEnum - ok

 


BC AdBot (Login to Remove)

 


#2 doughboy123

doughboy123
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:03 AM

Posted 05 December 2017 - 05:12 PM

14:09:25.0449 6964  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:09:25.0457 6964  IpFilterDriver - ok

14:09:25.0566 6964  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

14:09:25.0593 6964  iphlpsvc - ok

14:09:25.0628 6964  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

14:09:25.0633 6964  IPMIDRV - ok

14:09:25.0673 6964  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

14:09:25.0682 6964  IPNAT - ok

14:09:25.0793 6964  [ 6F836118C67812A6CC3F8FC9EAF0E65D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

14:09:25.0804 6964  iPod Service - ok

14:09:25.0884 6964  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

14:09:25.0887 6964  IRENUM - ok

14:09:25.0930 6964  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

14:09:25.0935 6964  isapnp - ok

14:09:26.0041 6964  [ 96BB922A0981BC7432C8CF52B5410FE6 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

14:09:26.0063 6964  iScsiPrt - ok

14:09:26.0188 6964  [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

14:09:26.0193 6964  jhi_service - ok

14:09:26.0268 6964  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

14:09:26.0272 6964  kbdclass - ok

14:09:26.0354 6964  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

14:09:26.0363 6964  kbdhid - ok

14:09:26.0453 6964  [ 62056ADD38513A86C4866E912371B56B ] KeyIso          C:\Windows\system32\lsass.exe

14:09:26.0458 6964  KeyIso - ok

14:09:26.0515 6964  [ DFE85B031220F8E0271716BBB3C4C8FF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

14:09:26.0518 6964  KSecDD - ok

14:09:26.0538 6964  [ 70D7302DD70B979637179BFD8295C924 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

14:09:26.0541 6964  KSecPkg - ok

14:09:26.0563 6964  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

14:09:26.0565 6964  ksthunk - ok

14:09:26.0596 6964  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

14:09:26.0604 6964  KtmRm - ok

14:09:26.0666 6964  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll

14:09:26.0671 6964  LanmanServer - ok

14:09:26.0699 6964  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

14:09:26.0703 6964  LanmanWorkstation - ok

14:09:26.0757 6964  [ 1EF45F1BD62B8F4C19458326A3E91930 ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

14:09:26.0759 6964  LENOVO.CAMMUTE - ok

14:09:26.0804 6964  [ FCE735941DA27929DBFC1918F286FFD8 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

14:09:26.0805 6964  LENOVO.MICMUTE - ok

14:09:26.0824 6964  [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi      C:\Windows\system32\DRIVERS\smiifx64.sys

14:09:26.0826 6964  lenovo.smi - ok

14:09:26.0840 6964  [ 448BE3E001004A55E8A959C57E17F6D8 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

14:09:26.0843 6964  LENOVO.TPKNRSVC - ok

14:09:26.0861 6964  [ 6F2CC57EB5836D2AC9BD37F3554D55F8 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

14:09:26.0863 6964  Lenovo.VIRTSCRLSVC - ok

14:09:26.0896 6964  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

14:09:26.0898 6964  lltdio - ok

14:09:26.0926 6964  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

14:09:26.0932 6964  lltdsvc - ok

14:09:26.0965 6964  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

14:09:26.0967 6964  lmhosts - ok

14:09:27.0002 6964  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

14:09:27.0013 6964  LSI_FC - ok

14:09:27.0057 6964  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

14:09:27.0067 6964  LSI_SAS - ok

14:09:27.0094 6964  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

14:09:27.0098 6964  LSI_SAS2 - ok

14:09:27.0121 6964  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

14:09:27.0132 6964  LSI_SCSI - ok

14:09:27.0185 6964  [ 5416CEB2916BBE635288C4D1075B045E ] luafv           C:\Windows\system32\drivers\luafv.sys

14:09:27.0299 6964  luafv - ok

14:09:27.0448 6964  [ C3C2C7E2EEFECD88A76FF626E72BF123 ] MBAMChameleon   C:\Windows\System32\Drivers\MbamChameleon.sys

14:09:27.0452 6964  MBAMChameleon - ok

14:09:27.0608 6964  [ 20046A5DB1466EBD0DCAEB84D00C5432 ] MBAMFarflt      C:\Windows\system32\DRIVERS\farflt.sys

14:09:27.0612 6964  MBAMFarflt - ok

14:09:27.0692 6964  [ 29BD0BB2CD7E37B8C248CFA933FBD1F4 ] MBAMProtection  C:\Windows\system32\DRIVERS\mbam.sys

14:09:27.0700 6964  MBAMProtection - ok

14:09:27.0978 6964  [ 734B435E1693386213EEFD4D17A70DEB ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe

14:09:28.0006 6964  MBAMService - ok

14:09:28.0084 6964  [ B047B9CE5A0D800E6D713B43D0405221 ] MBAMSwissArmy   C:\Windows\System32\Drivers\mbamswissarmy.sys

14:09:28.0088 6964  MBAMSwissArmy - ok

14:09:28.0135 6964  [ 8135271183EA7C59BD865873C972159D ] MBAMWebProtection C:\Windows\system32\DRIVERS\mwac.sys

14:09:28.0137 6964  MBAMWebProtection - ok

14:09:28.0165 6964  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

14:09:28.0169 6964  Mcx2Svc - ok

14:09:28.0199 6964  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys

14:09:28.0201 6964  megasas - ok

14:09:28.0226 6964  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

14:09:28.0231 6964  MegaSR - ok

14:09:28.0268 6964  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys

14:09:28.0271 6964  MEIx64 - ok

14:09:28.0300 6964  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

14:09:28.0302 6964  MMCSS - ok

14:09:28.0318 6964  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

14:09:28.0330 6964  Modem - ok

14:09:28.0362 6964  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

14:09:28.0363 6964  monitor - ok

14:09:28.0399 6964  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

14:09:28.0402 6964  mouclass - ok

14:09:28.0425 6964  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

14:09:28.0433 6964  mouhid - ok

14:09:28.0481 6964  [ 072D8646E23ECF8A3F5F0157017B4DB6 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

14:09:28.0484 6964  mountmgr - ok

14:09:28.0560 6964  [ 3665AB2F67F4024F5F3F80335ED5322A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys

14:09:28.0566 6964  MpFilter - ok

14:09:28.0590 6964  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

14:09:28.0593 6964  mpio - ok

14:09:28.0841 6964  [ BF2513029E231BE96D82F7C3ABFF87F4 ] MpKsl19cf995e   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{718FFA24-645F-4A77-9A25-66289384AAB1}\MpKsl19cf995e.sys

14:09:29.0007 6964  MpKsl19cf995e - ok

14:09:29.0046 6964  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

14:09:29.0050 6964  mpsdrv - ok

14:09:29.0117 6964  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

14:09:29.0173 6964  MpsSvc - ok

14:09:29.0237 6964  [ 98DB1790F0A584E0A2528B92B052417F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

14:09:29.0317 6964  MRxDAV - ok

14:09:29.0368 6964  [ 767C6DF04C5758B9F0790D400541B44F ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

14:09:29.0373 6964  mrxsmb - ok

14:09:29.0419 6964  [ BD55F604FFABC911F8E5500186AE70E5 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:09:29.0426 6964  mrxsmb10 - ok

14:09:29.0494 6964  [ 92EECFB046D4706A4B8D699A4069B6EC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:09:29.0505 6964  mrxsmb20 - ok

14:09:29.0557 6964  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

14:09:29.0560 6964  msahci - ok

14:09:29.0604 6964  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

14:09:29.0637 6964  msdsm - ok

14:09:29.0661 6964  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

14:09:29.0665 6964  MSDTC - ok

14:09:29.0698 6964  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

14:09:29.0699 6964  Msfs - ok

14:09:29.0719 6964  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

14:09:29.0722 6964  mshidkmdf - ok

14:09:29.0728 6964  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

14:09:29.0730 6964  msisadrv - ok

14:09:29.0791 6964  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

14:09:29.0796 6964  MSiSCSI - ok

14:09:29.0799 6964  msiserver - ok

14:09:29.0849 6964  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

14:09:29.0852 6964  MSKSSRV - ok

14:09:29.0990 6964  [ 5ADED2C1239D7BD798E2C4EF9EAA1FA3 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe

14:09:29.0993 6964  MsMpSvc - ok

14:09:30.0004 6964  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

14:09:30.0031 6964  MSPCLOCK - ok

14:09:30.0082 6964  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

14:09:30.0083 6964  MSPQM - ok

14:09:30.0107 6964  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

14:09:30.0112 6964  MsRPC - ok

14:09:30.0132 6964  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

14:09:30.0134 6964  mssmbios - ok

14:09:30.0139 6964  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

14:09:30.0140 6964  MSTEE - ok

14:09:30.0158 6964  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

14:09:30.0160 6964  MTConfig - ok

14:09:30.0177 6964  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

14:09:30.0180 6964  Mup - ok

14:09:30.0260 6964  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

14:09:30.0273 6964  napagent - ok

14:09:30.0361 6964  [ 9FB2A095B1166CB3C9A06651863B3452 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

14:09:30.0406 6964  NativeWifiP - ok

14:09:30.0496 6964  [ F7309F42555F8AAB7144A51A1F2585B0 ] NDIS            C:\Windows\system32\drivers\ndis.sys

14:09:30.0530 6964  NDIS - ok

14:09:30.0559 6964  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

14:09:30.0561 6964  NdisCap - ok

14:09:30.0587 6964  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

14:09:30.0589 6964  NdisTapi - ok

14:09:30.0607 6964  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

14:09:30.0610 6964  Ndisuio - ok

14:09:30.0626 6964  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

14:09:30.0630 6964  NdisWan - ok

14:09:30.0648 6964  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

14:09:30.0652 6964  NDProxy - ok

14:09:30.0676 6964  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

14:09:30.0678 6964  NetBIOS - ok

14:09:30.0733 6964  [ 734837208CAFD6E0959A7A0333C95C9D ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

14:09:30.0736 6964  NetBT - ok

14:09:30.0745 6964  [ 62056ADD38513A86C4866E912371B56B ] Netlogon        C:\Windows\system32\lsass.exe

14:09:30.0747 6964  Netlogon - ok

14:09:30.0799 6964  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

14:09:30.0821 6964  Netman - ok

14:09:30.0894 6964  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

14:09:30.0953 6964  NetMsmqActivator - ok

14:09:30.0962 6964  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

14:09:30.0965 6964  NetPipeActivator - ok

14:09:31.0024 6964  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

14:09:31.0044 6964  netprofm - ok

14:09:31.0052 6964  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

14:09:31.0053 6964  NetTcpActivator - ok

14:09:31.0060 6964  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

14:09:31.0062 6964  NetTcpPortSharing - ok

14:09:31.0095 6964  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

14:09:31.0099 6964  nfrd960 - ok

14:09:31.0161 6964  [ CE5F6E635FE4506AE6F2D6EB87425128 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys

14:09:31.0165 6964  NisDrv - ok

14:09:31.0221 6964  [ D630B510E1E3FF6BA12B705F47F115D9 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe

14:09:31.0229 6964  NisSrv - ok

14:09:31.0282 6964  [ 8B301D474B478E9A92823BAB50A7BC49 ] NlaSvc          C:\Windows\System32\nlasvc.dll

14:09:31.0291 6964  NlaSvc - ok

14:09:31.0311 6964  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

14:09:31.0314 6964  Npfs - ok

14:09:31.0360 6964  [ 668B9EFF5CCA4542F435D2CD9CE3C778 ] nsi             C:\Windows\system32\nsisvc.dll

14:09:31.0410 6964  nsi - ok

14:09:31.0433 6964  [ BE313E566EEA2A4B7F9AAC9782A567D4 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

14:09:31.0434 6964  nsiproxy - ok

14:09:31.0527 6964  [ 1065D9AFE491706EB00AD3CBB76C9E54 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

14:09:31.0704 6964  Ntfs - ok

14:09:31.0741 6964  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

14:09:31.0750 6964  Null - ok

14:09:31.0789 6964  [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys

14:09:31.0792 6964  nusb3hub - ok

14:09:31.0825 6964  [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys

14:09:31.0829 6964  nusb3xhc - ok

14:09:31.0862 6964  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

14:09:31.0867 6964  nvraid - ok

14:09:31.0890 6964  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

14:09:31.0898 6964  nvstor - ok

14:09:31.0932 6964  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

14:09:31.0938 6964  nv_agp - ok

14:09:31.0957 6964  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

14:09:31.0962 6964  ohci1394 - ok

14:09:32.0054 6964  [ D30981DA22F2EDB8678AF50B634A9587 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

14:09:32.0062 6964  ose - ok

14:09:32.0215 6964  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

14:09:32.0334 6964  osppsvc - ok

14:09:32.0368 6964  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

14:09:32.0374 6964  p2pimsvc - ok

14:09:32.0400 6964  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

14:09:32.0407 6964  p2psvc - ok

14:09:32.0440 6964  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys

14:09:32.0443 6964  Parport - ok

14:09:32.0478 6964  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

14:09:32.0481 6964  partmgr - ok

14:09:32.0556 6964  [ 5EACB8A19CAD7057806FBBF9550165E1 ] PcaSp60         C:\Windows\system32\DRIVERS\PcaSp60.sys

14:09:32.0600 6964  PcaSp60 - ok

14:09:32.0680 6964  [ 3CD83692C43D87088E85E3C916146FFB ] PcaSvc          C:\Windows\System32\pcasvc.dll

14:09:32.0689 6964  PcaSvc - ok

14:09:32.0724 6964  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

14:09:32.0731 6964  pci - ok

14:09:32.0782 6964  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

14:09:32.0786 6964  pciide - ok

14:09:32.0809 6964  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

14:09:32.0816 6964  pcmcia - ok

14:09:32.0851 6964  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

14:09:32.0861 6964  pcw - ok

14:09:32.0945 6964  [ EA4D67448BE493D543F1730D6CD04694 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

14:09:32.0968 6964  PEAUTH - ok

14:09:33.0171 6964  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

14:09:33.0229 6964  PeerDistSvc - ok

14:09:33.0753 6964  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

14:09:33.0758 6964  PerfHost - ok

14:09:33.0870 6964  [ 18EEA095AF22AC5FA16FC27FB98C82D3 ] PHCORE          C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS

14:09:33.0874 6964  PHCORE - ok

14:09:34.0145 6964  [ BC5F8C5C7ACCD0B884FCB8B67616F537 ] pla             C:\Windows\system32\pla.dll

14:09:34.0312 6964  pla - ok

14:09:34.0488 6964  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

14:09:34.0531 6964  PlugPlay - ok

14:09:34.0575 6964  [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv          C:\Windows\system32\drivers\pmxdrv.sys

14:09:34.0584 6964  pmxdrv - ok

14:09:34.0731 6964  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

14:09:34.0740 6964  PNRPAutoReg - ok

14:09:34.0895 6964  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

14:09:34.0904 6964  PNRPsvc - ok

14:09:34.0969 6964  [ 80D6B0563ED2BF10656B1D4748331082 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

14:09:34.0989 6964  PolicyAgent - ok

14:09:35.0039 6964  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll

14:09:35.0045 6964  Power - ok

14:09:35.0096 6964  [ AF7186CF9909BEF0D86097175175178F ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE

14:09:35.0101 6964  Power Manager DBC Service - ok

14:09:35.0216 6964  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

14:09:35.0219 6964  PptpMiniport - ok

14:09:35.0233 6964  prkslklv - ok

14:09:35.0257 6964  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys

14:09:35.0259 6964  Processor - ok

14:09:35.0322 6964  [ B6A58491307B4CADA572583D863DC602 ] ProfSvc         C:\Windows\system32\profsvc.dll

14:09:35.0325 6964  ProfSvc - ok

14:09:35.0357 6964  [ 62056ADD38513A86C4866E912371B56B ] ProtectedStorage C:\Windows\system32\lsass.exe

14:09:35.0360 6964  ProtectedStorage - ok

14:09:35.0387 6964  [ A70AD30223866947E39BC221DF4C2306 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys

14:09:35.0389 6964  psadd - ok

14:09:35.0419 6964  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

14:09:35.0422 6964  Psched - ok

14:09:35.0453 6964  [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

14:09:35.0460 6964  PSI_SVC_2 - ok

14:09:35.0547 6964  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

14:09:35.0615 6964  ql2300 - ok

14:09:35.0636 6964  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

14:09:35.0641 6964  ql40xx - ok

14:09:35.0671 6964  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

14:09:35.0680 6964  QWAVE - ok

14:09:35.0698 6964  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

14:09:35.0701 6964  QWAVEdrv - ok

14:09:35.0725 6964  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

14:09:35.0728 6964  RasAcd - ok

14:09:35.0768 6964  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

14:09:35.0773 6964  RasAgileVpn - ok

14:09:35.0797 6964  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

14:09:35.0803 6964  RasAuto - ok

14:09:35.0821 6964  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

14:09:35.0828 6964  Rasl2tp - ok

14:09:35.0849 6964  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

14:09:35.0860 6964  RasMan - ok

14:09:35.0883 6964  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

14:09:35.0888 6964  RasPppoe - ok

14:09:35.0926 6964  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

14:09:35.0930 6964  RasSstp - ok

14:09:35.0958 6964  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

14:09:35.0967 6964  rdbss - ok

14:09:36.0004 6964  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

14:09:36.0007 6964  rdpbus - ok

14:09:36.0034 6964  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

14:09:36.0036 6964  RDPCDD - ok

14:09:36.0067 6964  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

14:09:36.0074 6964  RDPDR - ok

14:09:36.0083 6964  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

14:09:36.0084 6964  RDPENCDD - ok

14:09:36.0127 6964  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

14:09:36.0128 6964  RDPREFMP - ok

14:09:36.0180 6964  [ FE571E088C2D83619D2D48D4E961BF41 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

14:09:36.0188 6964  RDPWD - ok

14:09:36.0222 6964  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

14:09:36.0229 6964  rdyboost - ok

14:09:36.0268 6964  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

14:09:36.0274 6964  RemoteAccess - ok

14:09:36.0318 6964  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

14:09:36.0327 6964  RemoteRegistry - ok

14:09:36.0390 6964  [ 87ECA4118B28344139DCE9EA9A16F8F8 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys

14:09:36.0395 6964  RimUsb - ok

14:09:36.0471 6964  [ 344604E6913BD6E4EAEC34AF2E0943D7 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys

14:09:36.0474 6964  RimVSerPort - ok

14:09:36.0511 6964  [ 819FE65AE1C0312B535B7AA54D30CFDA ] risdxc          C:\Windows\system32\DRIVERS\risdxc64.sys

14:09:36.0517 6964  risdxc - ok

14:09:36.0566 6964  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys

14:09:36.0570 6964  ROOTMODEM - ok

14:09:36.0604 6964  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

14:09:36.0610 6964  RpcEptMapper - ok

14:09:36.0633 6964  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

14:09:36.0637 6964  RpcLocator - ok

14:09:36.0699 6964  [ 3F1A199859B4F3F8357B2A0AF5666A54 ] RpcSs           C:\Windows\system32\rpcss.dll

14:09:36.0711 6964  RpcSs - ok

14:09:36.0746 6964  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

14:09:36.0751 6964  rspndr - ok

14:09:36.0863 6964  [ 7C44C9A974DE5508910BFDE4ABC2E16C ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys

14:09:36.0917 6964  RTL8192Ce - ok

14:09:36.0987 6964  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

14:09:36.0992 6964  s3cap - ok

14:09:37.0019 6964  [ 62056ADD38513A86C4866E912371B56B ] SamSs           C:\Windows\system32\lsass.exe

14:09:37.0021 6964  SamSs - ok

14:09:37.0031 6964  SAService - ok

14:09:37.0080 6964  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

14:09:37.0082 6964  sbp2port - ok

14:09:37.0113 6964  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

14:09:37.0119 6964  SCardSvr - ok

14:09:37.0149 6964  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

14:09:37.0153 6964  scfilter - ok

14:09:37.0237 6964  [ 40686B59C127F0C93B4234E4A1E3472A ] Schedule        C:\Windows\system32\schedsvc.dll

14:09:37.0272 6964  Schedule - ok

14:09:37.0307 6964  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

14:09:37.0310 6964  SCPolicySvc - ok

14:09:37.0349 6964  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

14:09:37.0357 6964  SDRSVC - ok

14:09:37.0397 6964  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

14:09:37.0401 6964  secdrv - ok

14:09:37.0453 6964  [ A19623BDD61E66A12AB53992002B4F3A ] seclogon        C:\Windows\system32\seclogon.dll

14:09:37.0460 6964  seclogon - ok

14:09:37.0492 6964  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll

14:09:37.0499 6964  SENS - ok

14:09:37.0537 6964  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

14:09:37.0571 6964  SensrSvc - ok

14:09:37.0766 6964  [ EF36F5528E33D651763E1524A16928BD ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys

14:09:37.0770 6964  Ser2pl - ok

14:09:37.0784 6964  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

14:09:37.0788 6964  Serenum - ok

14:09:37.0854 6964  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys

14:09:37.0857 6964  Serial - ok

14:09:37.0867 6964  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

14:09:37.0871 6964  sermouse - ok

14:09:37.0919 6964  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

14:09:37.0927 6964  SessionEnv - ok

14:09:37.0952 6964  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

14:09:37.0957 6964  sffdisk - ok

14:09:37.0973 6964  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

14:09:37.0977 6964  sffp_mmc - ok

14:09:37.0995 6964  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

14:09:37.0999 6964  sffp_sd - ok


14:09:38.0021 6964  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

14:09:38.0026 6964  sfloppy - ok

14:09:38.0085 6964  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

14:09:38.0108 6964  SharedAccess - ok

14:09:38.0143 6964  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

14:09:38.0166 6964  ShellHWDetection - ok

14:09:38.0208 6964  [ E2FC046D4EDABFE3B5EF7DA06406277D ] Shockprf        C:\Windows\system32\DRIVERS\Apsx64.sys

14:09:38.0214 6964  Shockprf - ok

14:09:38.0255 6964  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

14:09:38.0260 6964  SiSRaid2 - ok

14:09:38.0295 6964  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

14:09:38.0302 6964  SiSRaid4 - ok

14:09:38.0438 6964  [ 18614592402298F32EBE75B85AA98F6A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

14:09:38.0443 6964  SkypeUpdate - ok

14:09:38.0485 6964  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

14:09:38.0488 6964  Smb - ok

14:09:38.0534 6964  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

14:09:38.0538 6964  SNMPTRAP - ok

14:09:38.0555 6964  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

14:09:38.0557 6964  spldr - ok

14:09:38.0630 6964  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

14:09:38.0658 6964  Spooler - ok

14:09:38.0741 6964  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

14:09:38.0759 6964  sppsvc - ok

14:09:38.0772 6964  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

14:09:38.0784 6964  sppuinotify - ok

14:09:38.0894 6964  [ 72E6A150A8C8530B201832D1C801CDE6 ] srv             C:\Windows\system32\DRIVERS\srv.sys

14:09:38.0901 6964  srv - ok

14:09:38.0972 6964  [ C4F67ABCC5033D334613F28F9E782809 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

14:09:39.0027 6964  srv2 - ok

14:09:39.0088 6964  [ C53CB62B0E57488AAE41FDA0FF8A0AB9 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

14:09:39.0097 6964  srvnet - ok

14:09:39.0137 6964  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

14:09:39.0144 6964  SSDPSRV - ok

14:09:39.0192 6964  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

14:09:39.0203 6964  SstpSvc - ok

14:09:39.0317 6964  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys

14:09:39.0326 6964  stexstor - ok

14:09:39.0447 6964  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

14:09:39.0486 6964  StillCam - ok

14:09:39.0584 6964  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

14:09:39.0603 6964  stisvc - ok

14:09:39.0649 6964  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

14:09:39.0660 6964  storflt - ok

14:09:39.0741 6964  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll

14:09:39.0748 6964  StorSvc - ok

14:09:39.0796 6964  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys

14:09:39.0805 6964  storvsc - ok

14:09:40.0084 6964  [ 266D6BE20B40B7DC0949F5108E838B5E ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe

14:09:40.0094 6964  SUService - ok

14:09:40.0174 6964  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

14:09:40.0183 6964  swenum - ok

14:09:40.0315 6964  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

14:09:40.0370 6964  swprv - ok

14:09:40.0721 6964  [ 06D602A637E171E151853F1D8ECD34F1 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

14:09:40.0789 6964  SynTP - ok

14:09:41.0397 6964  [ 2E730941CC5BF6200A4F56D1E9C24AAD ] SysMain         C:\Windows\system32\sysmain.dll

14:09:41.0477 6964  SysMain - ok

14:09:41.0545 6964  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

14:09:41.0552 6964  TabletInputService - ok

14:09:41.0695 6964  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

14:09:41.0750 6964  TapiSrv - ok

14:09:42.0041 6964  [ 7FB36A0A036ADDACE0A868E4A43C1C27 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

14:09:42.0197 6964  Tcpip - ok

14:09:42.0633 6964  [ 7FB36A0A036ADDACE0A868E4A43C1C27 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

14:09:42.0662 6964  TCPIP6 - ok

14:09:42.0762 6964  [ 7FE5586314EE7D6AA8483264A089E5AF ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

14:09:42.0767 6964  tcpipreg - ok

14:09:42.0880 6964  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

14:09:42.0888 6964  TDPIPE - ok

14:09:42.0970 6964  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

14:09:42.0979 6964  TDTCP - ok

14:09:43.0033 6964  [ 4DD986720F7CB7A8A5D1226793097B9A ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

14:09:43.0078 6964  tdx - ok

14:09:43.0584 6964  [ 0AA158C4ADDCA8882474AB91334F9C45 ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

14:09:43.0670 6964  TeamViewer7 - ok

14:09:43.0871 6964  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

14:09:43.0877 6964  TermDD - ok

14:09:44.0010 6964  [ 008CD4EBFABCF78D0F19B3778492648C ] TermService     C:\Windows\System32\termsrv.dll

14:09:44.0066 6964  TermService - ok

14:09:44.0152 6964  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

14:09:44.0163 6964  Themes - ok

14:09:44.0226 6964  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

14:09:44.0238 6964  THREADORDER - ok

14:09:44.0275 6964  [ 55B7FE3E1D3B616BDC4E9EA48D92D6E6 ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM64.sys

14:09:44.0277 6964  TPDIGIMN - ok

14:09:44.0385 6964  [ F0684C62ED8FD3061CD488ECFC851022 ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG64.exe

14:09:44.0393 6964  TPHDEXLGSVC - ok

14:09:44.0515 6964  [ 63626012E44CAAA162677B57B6DCB542 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

14:09:44.0519 6964  TPHKLOAD - ok

14:09:44.0625 6964  [ 9E6E4A9789F76593CC5A6A5AF8FC5929 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

14:09:44.0631 6964  TPHKSVC - ok

14:09:44.0702 6964  [ 48DDEF0B921DD331536CC82C1A8FF64F ] TPM             C:\Windows\system32\drivers\tpm.sys

14:09:44.0708 6964  TPM - ok

14:09:44.0751 6964  [ 7165B5A9B4867F64A6D6935F57D4196B ] TPPWRIF         C:\Windows\system32\drivers\Tppwr64v.sys

14:09:44.0757 6964  TPPWRIF - ok

14:09:44.0801 6964  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

14:09:44.0809 6964  TrkWks - ok

14:09:44.0926 6964  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

14:09:44.0930 6964  TrustedInstaller - ok

14:09:44.0976 6964  [ 2CF58216424757ED29605B4F18EC443C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

14:09:45.0017 6964  tssecsrv - ok

14:09:45.0122 6964  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

14:09:45.0126 6964  TsUsbFlt - ok

14:09:45.0170 6964  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

14:09:45.0178 6964  TsUsbGD - ok

14:09:45.0229 6964  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

14:09:45.0240 6964  tunnel - ok

14:09:45.0282 6964  [ 4DAAE0413CD4E816258838E2FAFB3147 ] TVTI2C          C:\Windows\system32\DRIVERS\Tvti2c.sys

14:09:45.0287 6964  TVTI2C - ok

14:09:45.0326 6964  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

14:09:45.0331 6964  uagp35 - ok

14:09:45.0427 6964  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

14:09:45.0438 6964  udfs - ok

14:09:45.0489 6964  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

14:09:45.0496 6964  UI0Detect - ok

14:09:45.0669 6964  [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

14:09:45.0679 6964  UleadBurningHelper - ok

14:09:45.0765 6964  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

14:09:45.0773 6964  uliagpkx - ok

14:09:45.0839 6964  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

14:09:46.0333 6964  umbus - ok

14:09:46.0411 6964  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

14:09:46.0421 6964  UmPass - ok

14:09:46.0485 6964  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll

14:09:46.0496 6964  UmRdpService - ok

14:09:46.0586 6964  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

14:09:46.0601 6964  upnphost - ok

14:09:46.0697 6964  [ F957092C63CD71D85903CA0D8370F473 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

14:09:46.0706 6964  USBAAPL64 - ok

14:09:46.0832 6964  [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

14:09:46.0838 6964  usbaudio - ok

14:09:46.0884 6964  [ 9E68E917FB4B5C983438969643F53BEF ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys

14:09:46.0959 6964  usbccgp - ok

14:09:47.0010 6964  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

14:09:47.0020 6964  usbcir - ok

14:09:47.0053 6964  [ 3F9D3902CE931E2A28DD8452AE915B67 ] usbehci         C:\Windows\system32\drivers\usbehci.sys

14:09:47.0088 6964  usbehci - ok

14:09:47.0216 6964  [ 86B65EEBC03B936DE8B26E5A18D98FA2 ] usbhub          C:\Windows\system32\drivers\usbhub.sys

14:09:47.0416 6964  usbhub - ok

14:09:47.0505 6964  [ 099C2931C6F73EB1B9E13C560F61B50D ] usbohci         C:\Windows\system32\drivers\usbohci.sys

14:09:47.0578 6964  usbohci - ok

14:09:47.0643 6964  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

14:09:47.0654 6964  usbprint - ok

14:09:47.0738 6964  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

14:09:47.0747 6964  usbscan - ok

14:09:47.0779 6964  [ D029DD09E22EB24318A8FC3D8138BA43 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:09:47.0787 6964  USBSTOR - ok

14:09:47.0837 6964  [ 5D7651347C7D702F4A5DE53603DC024F ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

14:09:47.0862 6964  usbuhci - ok

14:09:47.0962 6964  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

14:09:47.0968 6964  usbvideo - ok

14:09:48.0088 6964  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

14:09:48.0098 6964  UxSms - ok

14:09:48.0190 6964  [ 62056ADD38513A86C4866E912371B56B ] VaultSvc        C:\Windows\system32\lsass.exe

14:09:48.0195 6964  VaultSvc - ok

14:09:48.0241 6964  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

14:09:48.0246 6964  vdrvroot - ok

14:09:48.0325 6964  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

14:09:48.0385 6964  vds - ok

14:09:48.0466 6964  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

14:09:48.0471 6964  vga - ok

14:09:48.0512 6964  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

14:09:48.0520 6964  VgaSave - ok

14:09:48.0564 6964  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

14:09:48.0571 6964  vhdmp - ok

14:09:48.0635 6964  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

14:09:48.0643 6964  viaide - ok

14:09:48.0729 6964  [ 6AD85F32EA4AA65BB2EA652F2B9D4005 ] VIPAppService   C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe

14:09:48.0741 6964  VIPAppService - ok

14:09:48.0804 6964  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys

14:09:48.0815 6964  vmbus - ok

14:09:48.0852 6964  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

14:09:50.0279 6964  VMBusHID - ok

14:09:50.0296 6964  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

14:09:50.0306 6964  volmgr - ok

14:09:50.0445 6964  [ 85C5468BC395819AE2A0C747334BA14C ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

14:09:50.0500 6964  volmgrx - ok

14:09:50.0584 6964  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

14:09:50.0593 6964  volsnap - ok

14:09:50.0702 6964  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

14:09:50.0735 6964  vsmraid - ok

14:09:50.0981 6964  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

14:09:51.0047 6964  VSS - ok

14:09:51.0066 6964  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

14:09:51.0071 6964  vwifibus - ok

14:09:51.0162 6964  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

14:09:51.0168 6964  vwififlt - ok

14:09:51.0198 6964  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

14:09:51.0202 6964  vwifimp - ok

14:09:51.0306 6964  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

14:09:51.0315 6964  W32Time - ok

14:09:51.0362 6964  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

14:09:51.0368 6964  WacomPen - ok

14:09:51.0441 6964  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

14:09:51.0446 6964  WANARP - ok

14:09:51.0460 6964  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

14:09:51.0463 6964  Wanarpv6 - ok

14:09:51.0731 6964  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

14:09:51.0808 6964  WatAdminSvc - ok

14:09:52.0001 6964  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

14:09:52.0068 6964  wbengine - ok

14:09:52.0171 6964  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

14:09:52.0204 6964  WbioSrvc - ok

14:09:52.0317 6964  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

14:09:52.0350 6964  wcncsvc - ok

14:09:52.0392 6964  [ BC00873272B3771CCDA38336AF2B4D4B ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

14:09:52.0460 6964  WcsPlugInService - ok

14:09:52.0509 6964  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys

14:09:52.0521 6964  Wd - ok

14:09:52.0603 6964  [ D0335A55E5C3F812548E18300C2ACB62 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys

14:09:52.0612 6964  WDC_SAM - ok

14:09:52.0760 6964  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

14:09:52.0821 6964  Wdf01000 - ok

14:09:52.0874 6964  [ C6F7473B55510F0B93961DA03D8E3B38 ] WdiServiceHost  C:\Windows\system32\wdi.dll

14:09:52.0882 6964  WdiServiceHost - ok

14:09:52.0893 6964  [ C6F7473B55510F0B93961DA03D8E3B38 ] WdiSystemHost   C:\Windows\system32\wdi.dll

14:09:52.0899 6964  WdiSystemHost - ok

14:09:52.0982 6964  [ EE841B6D1F2B9508D3ABAE52AC05A94F ] WebClient       C:\Windows\System32\webclnt.dll

14:09:53.0167 6964  WebClient - ok

14:09:53.0209 6964  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

14:09:53.0220 6964  Wecsvc - ok

14:09:53.0295 6964  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

14:09:53.0306 6964  wercplsupport - ok

14:09:53.0364 6964  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

14:09:53.0375 6964  WerSvc - ok

14:09:53.0469 6964  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

14:09:53.0474 6964  WfpLwf - ok

14:09:53.0508 6964  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

14:09:53.0515 6964  WIMMount - ok

14:09:53.0556 6964  WinDefend - ok

14:09:53.0608 6964  WinHttpAutoProxySvc - ok

14:09:53.0778 6964  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

14:09:53.0787 6964  Winmgmt - ok

14:09:54.0048 6964  [ EBDA1B0F15CB9B2CBCC6C94824E4E054 ] WinRM           C:\Windows\system32\WsmSvc.dll

14:09:54.0249 6964  WinRM - ok

14:09:54.0408 6964  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

14:09:54.0414 6964  WinUsb - ok

14:09:54.0567 6964  [ 4B7912EB80820EAC543EE54806EFCAF0 ] Wlansvc         C:\Windows\System32\wlansvc.dll

14:09:54.0621 6964  Wlansvc - ok

14:09:54.0762 6964  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

14:09:54.0767 6964  wlcrasvc - ok

14:09:55.0067 6964  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

14:09:55.0144 6964  wlidsvc - ok

14:09:55.0204 6964  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

14:09:55.0215 6964  WmiAcpi - ok

14:09:55.0271 6964  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

14:09:55.0278 6964  wmiApSrv - ok

14:09:55.0361 6964  WMPNetworkSvc - ok

14:09:55.0439 6964  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

14:09:55.0451 6964  WPCSvc - ok

14:09:55.0511 6964  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

14:09:55.0515 6964  WPDBusEnum - ok

14:09:56.0141 6964  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

14:09:56.0151 6964  ws2ifsl - ok

14:09:56.0212 6964  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll

14:09:56.0221 6964  wscsvc - ok

14:09:56.0292 6964  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys

14:09:56.0325 6964  WSDPrintDevice - ok

14:09:56.0399 6964  [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys

14:09:56.0435 6964  WSDScan - ok

14:09:56.0441 6964  WSearch - ok

14:09:56.0841 6964  [ 88009DB9E1166B6B6713A858C176FECD ] wuauserv        C:\Windows\system32\wuaueng.dll

14:09:56.0944 6964  wuauserv - ok

14:09:57.0026 6964  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

14:09:57.0032 6964  WudfPf - ok

14:09:57.0075 6964  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

14:09:57.0081 6964  WUDFRd - ok

14:09:57.0123 6964  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

14:09:57.0132 6964  wudfsvc - ok

14:09:57.0240 6964  [ 04F82965C09CBDF646B487E145060301 ] WwanSvc         C:\Windows\System32\wwansvc.dll

14:09:57.0268 6964  WwanSvc - ok

14:09:57.0354 6964  ================ Scan global ===============================

14:09:57.0420 6964  [ 168EA9CD9BD6056BB6F60B57D5304BBE ] C:\Windows\system32\basesrv.dll

14:09:57.0498 6964  [ 66A8A9412337B08E1735204B8ADEE58C ] C:\Windows\system32\winsrv.dll

14:09:57.0551 6964  [ 66A8A9412337B08E1735204B8ADEE58C ] C:\Windows\system32\winsrv.dll

14:09:57.0610 6964  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

14:09:57.0687 6964  [ 71C85477DF9347FE8E7BC55768473FCA ] C:\Windows\system32\services.exe

14:09:57.0698 6964  [Global] - ok

14:09:57.0699 6964  ================ Scan MBR ==================================

14:09:57.0734 6964  [ A2450DD9D8D17A95525A9FDA501F6487 ] \Device\Harddisk0\DR0

14:10:02.0408 6964  \Device\Harddisk0\DR0 - ok

14:10:02.0409 6964  ================ Scan VBR ==================================

14:10:02.0435 6964  [ B7F797E7921BD06BA28D1C50FE45E7CA ] \Device\Harddisk0\DR0\Partition1

14:10:02.0445 6964  \Device\Harddisk0\DR0\Partition1 - ok

14:10:02.0474 6964  [ F730586D9369065B93EC8589AEA10AB0 ] \Device\Harddisk0\DR0\Partition2

14:10:02.0484 6964  \Device\Harddisk0\DR0\Partition2 - ok

14:10:02.0520 6964  [ DE01231D448C02B91641844E4C4491F9 ] \Device\Harddisk0\DR0\Partition3

14:10:02.0528 6964  \Device\Harddisk0\DR0\Partition3 - ok

14:10:02.0530 6964  ============================================================

14:10:02.0530 6964  Scan finished

14:10:02.0530 6964  ============================================================

14:10:02.0548 4276  Detected object count: 0

14:10:02.0548 4276  Actual detected object count: 0



#3 hamluis

hamluis

    Moderator


  • Moderator
  • 55,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:03 AM

Posted 05 December 2017 - 05:32 PM

OK, thanks :) .  For your information...TDSS logs are not used in this forum, they are used for malware situations...that's why I moved it to Am I Infected.  Now that a check has been done there....

 

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy taking care to post the link of the snapshot in your next post.

   Go to Piriform's website, and download the free version on the left.  Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version. You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.

    After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
 
     Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
 
post-33068-0-86653600-1480692866_thumb.j

     Now, at the top, click File > Publish Snapshot.

     Click Yes > then Copy to Clipboard

Now, once you are back in the forum topic you are posting in, click the ADD REPLY or REPLY TO THIS TOPIC button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Louis



#4 ranchhand_

ranchhand_

  • Members
  • 1,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest
  • Local time:04:03 AM

Posted 05 December 2017 - 05:46 PM

 

ran a tdss rootkit.  here it is in 2 replies: still pops up

Just to clarify for those of us who are not acquainted with the history of this...are you saying that you are still detecting a rootkit on your drive, even after going through an inspection by the Malware forum?


Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.


#5 doughboy123

doughboy123
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:03 AM

Posted 05 December 2017 - 05:53 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Dave Dorehty (administrator) on 05-12-2017 at 14:45:56
Running from "C:\Users\Dave Dorehty\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: 4170CTO Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/05/2017 01:24:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/05/2017 08:50:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5522186
 
Error: (12/05/2017 08:50:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5522186
 
Error: (12/05/2017 08:50:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/05/2017 08:50:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5520813
 
Error: (12/05/2017 08:50:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5520813
 
Error: (12/05/2017 08:50:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/05/2017 08:50:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5519799
 
Error: (12/05/2017 08:50:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5519799
 
Error: (12/05/2017 08:50:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (12/05/2017 01:23:12 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:03:42 AM on ‎12/‎5/‎2017 was unexpected.
 
Error: (12/04/2017 03:24:36 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.257.1349.0
Update Source: %NT AUTHORITY59
Update Stage: 4.10.209.00
Source Path: 4.10.209.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
 
Error: (12/04/2017 05:12:38 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.257.1307.0
Update Source: %NT AUTHORITY59
Update Stage: 4.10.209.00
Source Path: 4.10.209.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
 
Error: (12/03/2017 03:28:14 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Lenovo.VIRTSCRLSVC service.
 
Error: (12/03/2017 08:29:00 AM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: %%1053 = The service did not respond to the start or control request in a timely fashion.
 
Error: (12/03/2017 08:28:05 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.
 
Error: (11/30/2017 02:34:40 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
 
Error: (11/30/2017 02:34:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
 
Error: (11/30/2017 02:33:40 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
 
Error: (11/30/2017 02:33:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
 
 
Microsoft Office Sessions:
=========================
Error: (12/05/2017 01:24:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/05/2017 08:50:09 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5522186
 
Error: (12/05/2017 08:50:09 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5522186
 
Error: (12/05/2017 08:50:09 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/05/2017 08:50:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5520813
 
Error: (12/05/2017 08:50:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5520813
 
Error: (12/05/2017 08:50:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/05/2017 08:50:06 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5519799
 
Error: (12/05/2017 08:50:06 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5519799
 
Error: (12/05/2017 08:50:06 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}) (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Burn.Now 4.5 (HKLM-x32\...\{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12334.0 - Cisco Consumer Products LLC)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (HKLM-x32\...\{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Direct DiscRecorder (HKLM-x32\...\{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}) (Version: 1.00.0000 - Corel Corporation) Hidden
Direct DiscRecorder (HKLM-x32\...\InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}) (Version: 1.00.0000 - Corel Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON NX420 Series Printer Uninstall (HKLM\...\EPSON NX420 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ENVY 7640 series Basic Device Software (HKLM\...\{B81E425D-39FF-4846-B4BB-7AD61909A0EF}) (Version: 40.11.1135.17143 - HP Inc.)
HP ENVY 7640 series Help (HKLM-x32\...\{5845A5C9-AA03-4D91-9793-1A2563CE0129}) (Version: 34.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP OfficeJet 4650 series Help (HKLM-x32\...\{20CA428A-0827-4441-BC64-5C577EA970AD}) (Version: 36.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.3.34.7 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.5.32.37 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{C60E2D8F-0FC0-497D-A149-90F3B361937C}) (Version: 12.3.6.9 - HP)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{67775370-C449-46FA-80A5-A3357D691348}) (Version: 2.0.019.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
Product Improvement Study for HP ENVY 7640 series (HKLM\...\{C15C2D78-89D2-4EC1-850D-4D9BFADA758A}) (Version: 40.11.1135.17143 - HP Inc.)
RapidBoot (HKLM-x32\...\{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo) Hidden
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
SanDiskSecureAccess_Manager.exe (HKCU\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
TeamViewer 7 Host (HKLM-x32\...\TeamViewer 7 Host) (Version: 7.0.43148 - TeamViewer)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.61.00.11 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.19.0 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0029.5 - REALTEK Semiconductor Corp.)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
TouchCopy 12 (HKLM-x32\...\{6B7B33E9-C2DE-4016-AD54-70E843D4F7D6}) (Version: 12.44 - Wide Angle Software)
USB Storage Driver (HKLM-x32\...\GENEUIDE) (Version:  - )
VIPAccess (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.1.91 - VeriSign)
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Windows Driver Package - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows Driver Package - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows Driver Package - Intel USB  (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows Driver Package - Synaptics (SynTP) Mouse  (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zoom (HKCU\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
 
========================= Memory info: ===================================
Percentage of memory in use: 62%
Total physical RAM: 3982.23 MB
Available physical RAM: 1507.79 MB
Total Virtual: 7962.65 MB
Available Virtual: 5265.9 MB
 
========================= Partitions: =====================================
1 Drive c: (Windows7_OS) (Fixed) (Total:216.09 GB) (Free:87.9 GB) NTFS
2 Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:7.5 GB) NTFS
 
========================= Users: ========================================
User accounts for \\DAVEDOHERTY
 
Administrator            Dave Dorehty             Guest                    
 
 
**** End of log ****


http://speccy.piriform.com/results/pqTKoRLZmJ6Yr6NvMIPJDrt
 


Edited by hamluis, 05 December 2017 - 06:03 PM.
Merged posts - Hamluis.


#6 hamluis

hamluis

    Moderator


  • Moderator
  • 55,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:03 AM

Posted 05 December 2017 - 06:11 PM

Hard drive status listed as "bad" by Speccy, not a good sign.

 

If you haven't already backed up/moved valued data files to another storage media...I suggest you attempt such immediately.

 

Then...download/install SeaTools For Windows (Maxtor, Seagate, Samsung only) Download - http://www.seagate.com/files/www-content/support-content/downloads/seatools/en-us/seatools-for-windows-en-us.pdf and read the guide.  Follow the instruction for running the long generic test and let us know if the results are pass or fail.

 

Louis



#7 doughboy123

doughboy123
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:03 AM

Posted 05 December 2017 - 08:23 PM

--------------- SeaTools for Windows v1.4.0.6 ---------------
12/5/2017 4:32:31 PM
Model Number: ST92503010AS
Serial Number: 5YH0BSMH
Firmware Revision: 0005LVM1
Fix All Fast - Started 12/5/2017 4:32:31 PM
Fix All Fast - Pass 12/5/2017 4:45:45 PM
SMART - Started 12/5/2017 5:00:36 PM
SMART - FAIL 12/5/2017 5:00:42 PM
SeaTools Test Code: 9DE6DB43
Short DST - Started 12/5/2017 5:00:50 PM
Short DST - FAIL 12/5/2017 5:00:57 PM
SeaTools Test Code: 9DE6DBE3
Identify - Started 12/5/2017 5:01:45 PM
Short Generic - Started 12/5/2017 5:02:20 PM
Short Generic - Pass 12/5/2017 5:04:17 PM


#8 hamluis

hamluis

    Moderator


  • Moderator
  • 55,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:03 AM

Posted 06 December 2017 - 06:44 AM

That doesn't look like you ran the long, generic test...as suggested.

 

Louis



#9 doughboy123

doughboy123
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:03 AM

Posted 10 December 2017 - 04:29 PM

--------------- SeaTools for Windows v1.4.0.6 ---------------
12/5/2017 4:32:31 PM
Model Number: ST92503010AS
Serial Number: 5YH0BSMH
Firmware Revision: 0005LVM1
Fix All Fast - Started 12/5/2017 4:32:31 PM
Fix All Fast - Pass 12/5/2017 4:45:45 PM
SMART - Started 12/5/2017 5:00:36 PM
SMART - FAIL 12/5/2017 5:00:42 PM
SeaTools Test Code: 9DE6DB43
Short DST - Started 12/5/2017 5:00:50 PM
Short DST - FAIL 12/5/2017 5:00:57 PM
SeaTools Test Code: 9DE6DBE3
Identify - Started 12/5/2017 5:01:45 PM
Short Generic - Started 12/5/2017 5:02:20 PM
Short Generic - Pass 12/5/2017 5:04:17 PM
Long Generic - Started 12/10/2017 10:44:32 AM
Long Generic - Pass 12/10/2017 11:59:30 AM


#10 hamluis

hamluis

    Moderator


  • Moderator
  • 55,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:03 AM

Posted 10 December 2017 - 04:48 PM

I don't know what to tell you.

 

There are no error messages reflected which indicate a hard drive problem...yet Speccy reflects drive as "bad"...and the reported results of running SeaTools for Windows...are not consistent.

 

Windows install dates  back 6 years...no apparent problems with updates.

 

Your title indicates a Windows message re your hard drive...yet there are no such reflected in Event Viewer data.  Reflected power-on time for drive is about 2 years...which hardly equates with a 6-year Windows install.

 

Nothing more that I can suggest...your puzzle does not make sense to me.

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users