Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unable to open Norton 360 [Closed]

Started by cindibrack , Jan 21 2013 10:48 AM

  • This topic is locked This topic is locked

#1
cindibrack
Posted 21 January 2013 - 10:48 AM

cindibrack

    New Member

  • Member
  • Pip
  • 3 posts
Unable to access internet, get firewall or security settings blocking. Windows firewall turned off. Can't open Norton 360 and also antivirus is turned off.

otl log pasted below:

OTL logfile created on: 1/21/2013 11:29:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.73 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 43.81% Memory free
7.46 Gb Paging File | 5.05 Gb Available in Paging File | 67.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 96.10 Gb Total Space | 30.54 Gb Free Space | 31.78% Space Free | Partition Type: NTFS
Drive D: | 7.53 Gb Total Space | 6.92 Gb Free Space | 91.91% Space Free | Partition Type: FAT32
Drive Q: | 13.67 Gb Total Space | 3.41 Gb Free Space | 24.98% Space Free | Partition Type: NTFS

Computer Name: CINDIBRACK1 | User Name: cindibrack | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - [2013/01/21 11:20:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2013/01/07 19:06:24 | 001,248,360 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/06 19:00:12 | 001,176,464 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2012/12/06 18:59:24 | 001,181,584 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
PRC - [2012/12/06 18:17:04 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/10/04 14:47:08 | 000,156,000 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
PRC - [2012/08/28 03:33:42 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2012/07/10 13:23:18 | 000,155,424 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
PRC - [2012/07/10 13:23:12 | 000,029,472 | ---- | M] (Macheen) -- C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
PRC - [2012/06/05 17:14:28 | 000,034,728 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2012/06/01 22:49:06 | 000,179,568 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
PRC - [2012/06/01 22:49:00 | 000,290,160 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2012/06/01 22:48:58 | 000,061,296 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2012/06/01 22:48:38 | 000,058,224 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2012/05/30 20:31:16 | 000,420,960 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
PRC - [2012/05/30 20:29:30 | 000,367,712 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
PRC - [2012/05/30 20:29:16 | 000,273,504 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
PRC - [2012/05/30 20:29:14 | 000,134,240 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
PRC - [2012/05/24 01:05:34 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2012/05/15 19:26:56 | 001,528,120 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe
PRC - [2012/05/15 18:45:22 | 000,065,336 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
PRC - [2012/05/15 16:32:00 | 000,128,608 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2012/04/19 02:15:40 | 002,542,184 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPUIManager.exe
PRC - [2012/04/19 02:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
PRC - [2012/04/10 06:37:52 | 000,275,320 | ---- | M] () -- C:\Program Files (x86)\Integrated Camera\Monitor.exe
PRC - [2012/02/28 03:20:58 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/02/28 03:20:56 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/02/28 03:20:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/26 13:01:56 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/03 12:30:06 | 000,655,400 | R--- | M] (Ericsson AB) -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
PRC - [2012/01/25 02:44:56 | 000,567,360 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011/12/29 05:20:42 | 000,144,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011/07/12 02:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2010/08/31 13:56:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2010/08/18 05:43:26 | 000,278,800 | ---- | M] (Data Perceptions / PowerProgrammer) -- C:\Windows\SysWOW64\WebUpdateSvc4.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/07 19:06:22 | 000,460,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll
MOD - [2013/01/07 19:06:19 | 004,012,648 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
MOD - [2013/01/07 19:05:29 | 000,598,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libglesv2.dll
MOD - [2013/01/07 19:05:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libegl.dll
MOD - [2013/01/07 19:05:25 | 001,553,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll
MOD - [2012/12/06 18:59:54 | 000,138,128 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\QBMAPILibrary.dll
MOD - [2012/12/06 18:59:50 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\QBCompressor.DLL
MOD - [2012/12/06 18:59:44 | 000,042,384 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\mbpopup.dll
MOD - [2012/12/06 18:59:30 | 000,268,688 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_regex-vc90-mt-p-1_33.dll
MOD - [2012/12/06 18:59:30 | 000,176,528 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_serialization-vc90-mt-p-1_33.dll
MOD - [2012/12/06 18:59:28 | 000,380,304 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\BackupLib.dll
MOD - [2012/11/17 03:34:47 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll
MOD - [2012/11/17 03:34:28 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c07aa49ffd41a39bffaf653289f44038\CustomMarshalers.ni.dll
MOD - [2012/11/17 03:33:57 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll
MOD - [2012/11/17 03:29:32 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll
MOD - [2012/11/17 03:29:27 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\cf840dca36a7b949696ce331d0532d3e\System.Web.Services.ni.dll
MOD - [2012/11/17 03:29:15 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
MOD - [2012/11/17 03:29:07 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/17 03:29:03 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/17 03:29:01 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
MOD - [2012/11/17 03:28:55 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/17 03:28:51 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/17 03:28:49 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/17 03:28:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/17 03:28:45 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/11/17 03:19:30 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\1352c3e5dd49f3bf8c2f8e106ceb79fb\WindowsFormsIntegration.ni.dll
MOD - [2012/11/17 03:18:57 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d0dc33658e23a6f960c46a5beab7ecf\System.Management.ni.dll
MOD - [2012/11/17 03:17:50 | 000,196,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\ae40aeae573219a0439def61b1d48b49\UIAutomationTypes.ni.dll
MOD - [2012/11/17 03:17:50 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\9fedec1f005f9e39f8dde611c4c27cab\UIAutomationProvider.ni.dll
MOD - [2012/11/17 03:17:39 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0d2c8da8749c683b47f01101c9ea26d5\System.Runtime.Serialization.ni.dll
MOD - [2012/11/17 03:17:37 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\d6dc54d6b4aadbc921d00c3b76647e61\System.Xml.Linq.ni.dll
MOD - [2012/11/17 03:17:16 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5e3ccfdf88ccd6a9ff4e6ddae7e3fec6\System.Xaml.ni.dll
MOD - [2012/11/17 03:17:13 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\5528d332c662a879514630cbee174ada\Accessibility.ni.dll
MOD - [2012/11/17 03:07:51 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c881e2d2ec912499834feb85c4c2e483\PresentationFramework.ni.dll
MOD - [2012/11/17 03:07:41 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll
MOD - [2012/11/17 03:07:34 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll
MOD - [2012/11/17 03:07:34 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cbb227c0a77a5b15a1255220984239f2\PresentationFramework.Aero.ni.dll
MOD - [2012/11/17 03:05:16 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll
MOD - [2012/11/17 03:05:08 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll
MOD - [2012/11/17 03:05:06 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll
MOD - [2012/11/17 03:05:04 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll
MOD - [2012/11/17 03:05:01 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll
MOD - [2012/11/17 03:05:00 | 009,093,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll
MOD - [2012/11/17 03:04:56 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
MOD - [2012/10/04 14:47:09 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
MOD - [2012/10/04 14:47:09 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
MOD - [2012/10/04 14:47:08 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
MOD - [2012/10/04 14:47:08 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
MOD - [2012/10/04 14:47:08 | 000,064,512 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ServiceManagerStarter.dll
MOD - [2012/10/04 14:47:08 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
MOD - [2012/10/04 14:47:08 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
MOD - [2012/10/04 14:47:08 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
MOD - [2012/10/04 14:47:06 | 000,446,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\DeviceProfile.dll
MOD - [2012/08/28 03:33:06 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\zlib1.dll
MOD - [2012/04/10 06:37:52 | 000,275,320 | ---- | M] () -- C:\Program Files (x86)\Integrated Camera\Monitor.exe
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/20 22:24:01 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/06/01 22:49:06 | 000,179,568 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe -- (LENOVO.TVTVCAM)
SRV:64bit: - [2012/06/01 22:48:58 | 000,061,296 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:64bit: - [2012/06/01 22:48:38 | 000,058,224 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:64bit: - [2012/05/29 17:27:14 | 000,144,992 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV:64bit: - [2012/05/24 01:05:28 | 000,216,072 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe -- (NitroDriverReadSpool2)
SRV:64bit: - [2012/04/01 14:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2012/02/29 01:15:08 | 000,048,704 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2012/02/26 07:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012/02/26 07:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012/02/26 07:07:32 | 000,626,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012/02/26 07:07:26 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012/02/03 00:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/12/29 05:20:42 | 000,144,960 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2011/07/12 02:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2011/07/12 02:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2011/07/12 02:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/16 13:36:56 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/06 18:17:04 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/10/10 21:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe -- (N360)
SRV - [2012/08/28 03:33:42 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2012/08/28 03:33:18 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2012/07/10 13:23:12 | 000,029,472 | ---- | M] (Macheen) [Auto | Running] -- C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe -- (MacheenService)
SRV - [2012/06/05 17:14:28 | 000,034,728 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2012/05/30 20:29:16 | 000,273,504 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2012/05/30 20:29:14 | 000,134,240 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2012/05/24 01:05:34 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/05/15 16:32:00 | 001,665,120 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2012/05/15 16:32:00 | 001,662,560 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2012/05/15 16:32:00 | 000,320,576 | ---- | M] (Lenovo.) [On_Demand | Running] -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc)
SRV - [2012/04/19 02:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
SRV - [2012/03/28 10:06:22 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/02/28 03:20:58 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/28 03:20:56 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/28 03:20:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/03 12:30:06 | 000,655,400 | R--- | M] (Ericsson AB) [Auto | Running] -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2010/08/31 13:56:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2010/08/18 05:43:26 | 000,278,800 | ---- | M] (Data Perceptions / PowerProgrammer) [Auto | Running] -- C:\Windows\SysWOW64\WebUpdateSvc4.exe -- (WebUpdate4)
SRV - [2010/05/28 02:14:56 | 001,044,840 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/11/02 10:24:35 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/10/08 20:00:02 | 000,776,864 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/10/03 20:40:35 | 001,133,216 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2012/10/03 20:40:20 | 000,493,216 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\SymDS64.sys -- (SymDS)
DRV:64bit: - [2012/10/03 20:19:14 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/09/07 19:52:17 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/09/06 21:05:14 | 000,432,800 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/09/06 20:48:08 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/09/06 20:40:51 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 08:43:24 | 000,443,192 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/07/05 08:43:24 | 000,027,960 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/05/30 12:42:10 | 000,569,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012/05/21 21:17:44 | 003,056,248 | ---- | M] (Sunplus Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys -- (SPUVCbv)
DRV:64bit: - [2012/05/15 16:32:00 | 000,029,512 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DZHDD64.SYS -- (DzHDD64)
DRV:64bit: - [2012/05/15 16:32:00 | 000,019,784 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2012/04/19 19:36:26 | 000,035,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012/04/19 19:36:26 | 000,025,528 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012/03/31 21:52:30 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012/03/31 21:52:26 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2012/03/31 21:52:24 | 000,163,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2012/03/26 18:07:06 | 000,033,344 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV:64bit: - [2012/03/19 02:32:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/05 06:29:42 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012/03/05 06:29:40 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2012/02/29 01:14:48 | 000,042,312 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2012/02/26 13:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/26 13:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/26 13:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/02/20 14:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012/02/09 02:24:16 | 000,044,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2012/01/13 12:08:42 | 000,102,440 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l36wgps64.sys -- (l36wgps)
DRV:64bit: - [2011/12/26 04:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2011/12/08 16:06:07 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/12/08 16:06:07 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/12/07 20:59:52 | 000,027,432 | ---- | M] (ThinkVantage Communications Utility) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvtvcamd.sys -- (tvtvcamd)
DRV:64bit: - [2011/12/07 12:54:20 | 000,282,152 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WwanUsbMp64.sys -- (WwanUsbServ)
DRV:64bit: - [2011/12/05 14:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/09 11:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/10/05 13:38:32 | 000,029,736 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wwussf64.sys -- (ecnssndisfltr)
DRV:64bit: - [2011/10/05 13:38:30 | 000,026,664 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wwuss64.sys -- (ecnssndis)
DRV:64bit: - [2011/09/16 19:38:52 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/08/22 17:47:50 | 000,483,400 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3Mdm.sys -- (Mbm3Mdm)
DRV:64bit: - [2011/08/22 17:47:50 | 000,430,664 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys -- (Mbm3DevMt)
DRV:64bit: - [2011/08/22 17:47:50 | 000,019,528 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3mdfl.sys -- (Mbm3mdfl)
DRV:64bit: - [2011/08/22 17:47:44 | 000,419,400 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3CBus.sys -- (Mbm3CBus)
DRV:64bit: - [2011/05/30 20:21:40 | 000,013,128 | ---- | M] (Authentec Inc.) [Kernel | Auto | Running] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp)
DRV:64bit: - [2011/05/29 05:48:04 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C)
DRV:64bit: - [2011/05/25 19:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 18:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/11/01 15:03:44 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20121129.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/11/01 00:00:00 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20121129.023\ex64.sys -- (NAVEX15)
DRV - [2012/11/01 00:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/11/01 00:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/11/01 00:00:00 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20121129.023\eng64.sys -- (NAVENG)
DRV - [2012/10/23 18:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20121106.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=LENP&bmod=LENP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/us/en/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...NP_enUS501US501
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...t=kwd&qsrc=2869
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUpx64: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\ [2012/11/02 10:25:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\ [2012/11/29 13:03:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012/09/07 20:07:34 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.co...=LENP&bmod=LENP
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.co...=LENP&bmod=LENP
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\cindibrack\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Norton Identity Protection = C:\Users\cindibrack\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\coIEPlg.dll File not found
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\IPS\IPSBHO.DLL File not found
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\coIEPlg.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\coIEPlg.dll File not found
O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [Integrated Camera_Monitor] C:\Program Files (x86)\Integrated Camera\Monitor.exe ()
O4 - HKLM..\Run: [Intel AppUp® center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [MobileAccess] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe (Lenovo)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://mobile.teamh...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F08C78BE-7BC2-4B55-88DD-2C0C940E7898}: DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
O18:64bit: - Protocol\Handler\intu-help-qb5 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/14 22:05:40 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{bb2014c7-f94f-11e1-8835-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bb2014c7-f94f-11e1-8835-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2011/12/14 22:05:40 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2013/01/04 03:00:35 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/01/04 03:00:35 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/01/04 03:00:35 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/01/04 03:00:35 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/01/03 09:59:59 | 000,000,000 | ---D | C] -- C:\Users\cindibrack\AppData\Local\Diagnostics
[2012/12/18 03:00:40 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/12/18 03:00:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/12/18 03:00:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/18 03:00:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/18 03:00:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/12/18 03:00:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/12/18 03:00:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/12/18 03:00:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/12/18 03:00:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/12/18 03:00:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/12/18 03:00:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/12/18 03:00:30 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/12/18 03:00:30 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/12/18 03:00:30 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/12/18 03:00:30 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/12/18 03:00:30 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/12/18 03:00:30 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/12/18 03:00:30 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/12/18 03:00:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/12/18 03:00:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/12/18 03:00:30 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/12/17 03:01:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/12/17 03:01:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/12/17 03:01:33 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/12/17 03:01:33 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/12/17 03:01:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/12/17 03:01:32 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/12/17 03:01:32 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/12/17 03:01:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/12/17 03:01:32 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/12/17 03:01:32 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/12/17 03:01:32 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/12/17 03:01:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/12/17 03:01:31 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/12/17 03:01:31 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/12/17 03:01:31 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/12/16 15:44:49 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012/12/16 15:44:49 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012/12/01 17:44:30 | 000,000,000 | ---D | C] -- C:\Users\cindibrack\AppData\Local\Downloaded Installations
[2012/11/29 15:30:26 | 000,000,000 | ---D | C] -- C:\Users\cindibrack\AppData\Local\{8738F495-1FA9-45B8-BDB5-224089C5D47F}
[2012/11/29 15:30:12 | 000,000,000 | ---D | C] -- C:\Users\cindibrack\AppData\Roaming\Windows Live Writer
[2012/11/29 15:30:12 | 000,000,000 | ---D | C] -- C:\Users\cindibrack\AppData\Local\Windows Live Writer
[4 C:\Users\cindibrack\Documents\*.tmp files -> C:\Users\cindibrack\Documents\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2013/01/21 11:25:05 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/21 11:25:05 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/21 11:25:05 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/21 11:24:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/21 11:08:25 | 000,034,432 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 11:08:25 | 000,034,432 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 11:02:19 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/21 11:00:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/21 11:00:52 | 3003,564,032 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/21 11:00:10 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\Lenovo Solution Center.lnk
[2013/01/21 10:27:59 | 000,001,313 | ---- | M] () -- C:\Users\cindibrack\Desktop\Norton Installation Files.lnk
[2013/01/21 10:01:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/21 09:42:19 | 000,002,294 | ---- | M] () -- C:\Users\cindibrack\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/21 09:40:40 | 000,000,372 | ---- | M] () -- C:\ProgramData\LastUpdate.xml
[2013/01/21 09:40:40 | 000,000,207 | ---- | M] () -- C:\Windows\WebUpdateSvc4.INI
[2013/01/21 09:40:40 | 000,000,090 | ---- | M] () -- C:\Windows\QBChanUtil_Trigger.ini
[2013/01/04 03:16:47 | 000,424,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/03 10:16:39 | 000,023,203 | ---- | M] () -- C:\Users\cindibrack\AppData\Roaming\AbsoluteReminder.xml
[2012/12/16 13:36:56 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/12/16 13:36:56 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/12/16 12:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/16 09:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/16 09:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/16 09:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[4 C:\Users\cindibrack\Documents\*.tmp files -> C:\Users\cindibrack\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/21 11:00:10 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\Lenovo Solution Center.lnk
[2012/10/27 20:43:18 | 000,327,680 | R--- | C] () -- C:\ProgramData\RCALD2012430.QBW.TLG
[2012/10/27 20:43:16 | 000,000,433 | ---- | C] () -- C:\ProgramData\RCALD2012430.ND
[2012/10/27 20:43:04 | 173,596,672 | R--- | C] () -- C:\ProgramData\RCALD2012430.QBW
[2012/10/27 20:36:40 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/10/27 20:36:26 | 000,772,930 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/16 23:13:48 | 000,000,372 | ---- | C] () -- C:\ProgramData\LastUpdate.xml
[2012/09/16 23:13:48 | 000,000,207 | ---- | C] () -- C:\Windows\WebUpdateSvc4.INI
[2012/09/16 11:29:17 | 000,145,841 | ---- | C] () -- C:\Windows\hpwins22.dat
[2012/09/16 11:29:17 | 000,001,075 | ---- | C] () -- C:\Windows\hpwmdl22.dat
[2012/09/15 23:09:04 | 000,023,203 | ---- | C] () -- C:\Users\cindibrack\AppData\Roaming\AbsoluteReminder.xml
[2012/09/15 23:09:02 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
[2012/09/07 20:01:23 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012/09/07 20:01:23 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/09/07 20:01:23 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/09/07 20:01:23 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/09/07 20:00:33 | 000,035,404 | R--- | C] () -- C:\Windows\ConnectionProfiles.dat
[2012/09/07 20:00:31 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012/08/28 03:27:20 | 000,667,280 | ---- | C] () -- C:\Windows\SysWow64\tx12.dll
[2012/08/28 03:27:20 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx12_ic.ini
[2012/08/28 03:27:20 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\Gsw32.exe.config
[2012/05/06 20:41:50 | 000,002,272 | ---- | C] () -- C:\Windows\remove.ini
[2012/03/09 02:52:30 | 000,291,704 | ---- | C] () -- C:\Windows\SysWow64\VCamPPage.dll
[2012/02/03 00:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012/01/13 01:31:48 | 000,002,882 | ---- | C] () -- C:\Windows\Dext_18.ini
[2012/01/13 01:22:52 | 000,003,672 | ---- | C] () -- C:\Windows\Dext_01.ini
[2012/01/13 01:12:44 | 000,004,116 | ---- | C] () -- C:\Windows\Dext_10.ini
[2012/01/13 01:03:38 | 000,004,022 | ---- | C] () -- C:\Windows\Dext_22.ini
[2012/01/12 23:32:10 | 000,004,006 | ---- | C] () -- C:\Windows\Dext_1046.ini
[2012/01/12 23:00:06 | 000,003,944 | ---- | C] () -- C:\Windows\Dext_19.ini
[2012/01/12 22:52:44 | 000,004,196 | ---- | C] () -- C:\Windows\Dext_11.ini
[2012/01/12 22:46:14 | 000,003,952 | ---- | C] () -- C:\Windows\Dext_16.ini
[2012/01/12 22:40:18 | 000,003,762 | ---- | C] () -- C:\Windows\Dext_29.ini
[2012/01/12 22:29:04 | 000,004,196 | ---- | C] () -- C:\Windows\Dext_21.ini
[2012/01/12 22:05:00 | 000,004,168 | ---- | C] () -- C:\Windows\Dext_12.ini
[2012/01/12 21:56:18 | 000,002,900 | ---- | C] () -- C:\Windows\Dext_17.ini
[2012/01/12 21:47:12 | 000,004,062 | ---- | C] () -- C:\Windows\Dext_36.ini
[2012/01/12 21:39:22 | 000,004,188 | ---- | C] () -- C:\Windows\Dext_27.ini
[2012/01/12 21:28:28 | 000,004,082 | ---- | C] () -- C:\Windows\Dext_05.ini
[2012/01/12 21:19:50 | 000,003,916 | ---- | C] () -- C:\Windows\Dext_20.ini
[2012/01/12 04:44:40 | 000,003,928 | ---- | C] () -- C:\Windows\Dext_07.ini
[2012/01/12 04:27:16 | 000,004,038 | ---- | C] () -- C:\Windows\Dext_08.ini
[2012/01/12 04:18:14 | 000,003,622 | ---- | C] () -- C:\Windows\Dext_13.ini
[2012/01/12 04:06:22 | 000,004,098 | ---- | C] () -- C:\Windows\Dext_31.ini
[2012/01/12 03:55:16 | 000,004,100 | ---- | C] () -- C:\Windows\Dext_14.ini
[2012/01/12 03:47:08 | 000,004,178 | ---- | C] () -- C:\Windows\Dext_25.ini
[2012/01/12 03:39:06 | 000,003,940 | ---- | C] () -- C:\Windows\Dext_06.ini
[2012/01/12 03:38:44 | 000,002,792 | ---- | C] () -- C:\Windows\Dext_2052.ini
[2012/01/12 03:38:36 | 000,003,006 | ---- | C] () -- C:\Windows\Dext_04.ini
[2012/01/12 03:37:54 | 000,003,640 | ---- | C] () -- C:\Windows\Dext_09.ini
[2012/01/03 05:01:30 | 000,014,482 | ---- | C] () -- C:\Windows\TWAIN2080.ini
[2012/01/03 04:25:36 | 000,097,192 | ---- | C] () -- C:\Windows\un_dext.exe
[2012/01/03 04:25:26 | 000,087,928 | ---- | C] () -- C:\Windows\SPRemove_x64.exe
[2011/06/03 11:25:53 | 000,072,080 | ---- | C] () -- C:\Users\cindibrack\g2mdlhlpx.exe
[2008/08/09 08:07:35 | 000,001,060 | ---- | C] () -- C:\Users\cindibrack\jinitiator13128.trace
[2006/12/06 09:33:42 | 000,020,931 | ---- | C] () -- C:\Users\cindibrack\gpc2k.php
[2006/12/06 09:33:42 | 000,006,778 | ---- | C] () -- C:\Users\cindibrack\webex.ini
[2006/12/06 09:33:41 | 000,028,672 | ---- | C] () -- C:\Users\cindibrack\atwbxdet.dll
[2006/11/07 15:12:55 | 000,032,768 | ---- | C] () -- C:\Users\cindibrack\WebVpnRegKey4-webvpn-sealy-com.dll

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/09/29 19:31:25 | 000,000,000 | ---D | M] -- C:\Users\cindibrack\AppData\Roaming\FileOpen
[2012/11/02 10:42:09 | 000,000,000 | ---D | M] -- C:\Users\cindibrack\AppData\Roaming\Juniper Networks
[2012/09/15 23:12:43 | 000,000,000 | ---D | M] -- C:\Users\cindibrack\AppData\Roaming\Leadertech
[2012/09/16 22:57:16 | 000,000,000 | ---D | M] -- C:\Users\cindibrack\AppData\Roaming\Lenovo
[2012/09/16 02:15:31 | 000,000,000 | ---D | M] -- C:\Users\cindibrack\AppData\Roaming\LSC
[2013/01/21 11:03:01 | 000,000,000 | ---D | M] -- C:\Users\cindibrack\AppData\Roaming\Nitro PDF
[2012/09/16 23:40:29 | 000,000,000 | ---D | M] -- C:\Users\cindibrack\AppData\Roaming\PwrMgr
[2012/11/29 15:30:12 | 000,000,000 | ---D | M] -- C:\Users\cindibrack\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 21 January 2013 - 12:30 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi I have a feeling what may be the problem but I would like to confirm it first

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image


On completion of the scan click save log, save it to your desktop and post in your next reply

THEN

  • Download RogueKiller and save it on your desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Post the report

  • 0

#3
cindibrack
Posted 21 January 2013 - 02:51 PM

cindibrack

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Unable to do the first step - can't access the internet so it won't install from flash drive. Did the roguekiller and below is the report.

Attached Files


  • 0

#4
Essexboy
Posted 21 January 2013 - 03:46 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I believe that gave sufficient data. This should run from the flash drive

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#5
cindibrack
Posted 21 January 2013 - 04:24 PM

cindibrack

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
17:19:09.0713 12192 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:19:09.0941 12192 ============================================================
17:19:09.0941 12192 Current date / time: 2013/01/21 17:19:09.0941
17:19:09.0941 12192 SystemInfo:
17:19:09.0942 12192
17:19:09.0942 12192 OS Version: 6.1.7601 ServicePack: 1.0
17:19:09.0942 12192 Product type: Workstation
17:19:09.0942 12192 ComputerName: CINDIBRACK1
17:19:09.0942 12192 UserName: cindibrack
17:19:09.0942 12192 Windows directory: C:\Windows
17:19:09.0942 12192 System windows directory: C:\Windows
17:19:09.0942 12192 Running under WOW64
17:19:09.0942 12192 Processor architecture: Intel x64
17:19:09.0942 12192 Number of processors: 4
17:19:09.0942 12192 Page size: 0x1000
17:19:09.0942 12192 Boot type: Normal boot
17:19:09.0942 12192 ============================================================
17:19:10.0221 12192 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:19:10.0226 12192 Drive \Device\Harddisk1\DR3 - Size: 0x1E3000000 (7.55 Gb), SectorSize: 0x200, Cylinders: 0x3D9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:19:10.0229 12192 ============================================================
17:19:10.0229 12192 \Device\Harddisk0\DR0:
17:19:10.0230 12192 MBR partitions:
17:19:10.0230 12192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
17:19:10.0230 12192 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xC035000
17:19:10.0230 12192 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC323800, BlocksNum 0x1B58000
17:19:10.0230 12192 \Device\Harddisk1\DR3:
17:19:10.0230 12192 MBR partitions:
17:19:10.0230 12192 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0xF17FE0
17:19:10.0230 12192 ============================================================
17:19:10.0232 12192 C: <-> \Device\Harddisk0\DR0\Partition2
17:19:10.0233 12192 Q: <-> \Device\Harddisk0\DR0\Partition3
17:19:10.0233 12192 ============================================================
17:19:10.0233 12192 Initialize success
17:19:10.0233 12192 ============================================================
17:19:27.0443 8092 ============================================================
17:19:27.0443 8092 Scan started
17:19:27.0443 8092 Mode: Manual;
17:19:27.0443 8092 ============================================================
17:19:27.0600 8092 ================ Scan system memory ========================
17:19:27.0600 8092 System memory - ok
17:19:27.0601 8092 ================ Scan services =============================
17:19:27.0667 8092 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:19:27.0672 8092 1394ohci - ok
17:19:27.0683 8092 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:19:27.0689 8092 ACPI - ok
17:19:27.0695 8092 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:19:27.0697 8092 AcpiPmi - ok
17:19:27.0711 8092 [ 2540FC407E5CCBEEB981755A3B6AFF58 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
17:19:27.0714 8092 AcPrfMgrSvc - ok
17:19:27.0723 8092 [ 5463D786E083B8D50CF44FFF0926CECA ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
17:19:27.0727 8092 AcSvc - ok
17:19:27.0734 8092 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:19:27.0735 8092 AdobeARMservice - ok
17:19:27.0773 8092 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:19:27.0776 8092 AdobeFlashPlayerUpdateSvc - ok
17:19:27.0791 8092 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:19:27.0799 8092 adp94xx - ok
17:19:27.0812 8092 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:19:27.0819 8092 adpahci - ok
17:19:27.0829 8092 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:19:27.0833 8092 adpu320 - ok
17:19:27.0842 8092 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:19:27.0843 8092 AeLookupSvc - ok
17:19:27.0858 8092 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:19:27.0867 8092 AFD - ok
17:19:27.0873 8092 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:19:27.0876 8092 agp440 - ok
17:19:27.0883 8092 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:19:27.0886 8092 ALG - ok
17:19:27.0898 8092 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:19:27.0899 8092 aliide - ok
17:19:27.0904 8092 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:19:27.0905 8092 amdide - ok
17:19:27.0913 8092 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:19:27.0914 8092 AmdK8 - ok
17:19:27.0920 8092 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:19:27.0921 8092 AmdPPM - ok
17:19:27.0927 8092 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:19:27.0929 8092 amdsata - ok
17:19:27.0936 8092 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:19:27.0939 8092 amdsbs - ok
17:19:27.0945 8092 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:19:27.0947 8092 amdxata - ok
17:19:27.0951 8092 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:19:27.0952 8092 AppID - ok
17:19:27.0956 8092 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:19:27.0956 8092 AppIDSvc - ok
17:19:27.0960 8092 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:19:27.0962 8092 Appinfo - ok
17:19:27.0967 8092 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:19:27.0970 8092 AppMgmt - ok
17:19:27.0974 8092 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:19:27.0976 8092 arc - ok
17:19:27.0980 8092 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:19:27.0982 8092 arcsas - ok
17:19:27.0996 8092 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:19:27.0997 8092 aspnet_state - ok
17:19:28.0001 8092 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:19:28.0002 8092 AsyncMac - ok
17:19:28.0005 8092 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:19:28.0006 8092 atapi - ok
17:19:28.0018 8092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:19:28.0025 8092 AudioEndpointBuilder - ok
17:19:28.0036 8092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:19:28.0041 8092 AudioSrv - ok
17:19:28.0046 8092 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:19:28.0048 8092 AxInstSV - ok
17:19:28.0056 8092 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:19:28.0062 8092 b06bdrv - ok
17:19:28.0069 8092 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:19:28.0072 8092 b57nd60a - ok
17:19:28.0079 8092 [ F01759FA97126CC69DFA85CEDA0717A1 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
17:19:28.0081 8092 bcbtums - ok
17:19:28.0085 8092 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:19:28.0087 8092 BDESVC - ok
17:19:28.0091 8092 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:19:28.0091 8092 Beep - ok
17:19:28.0104 8092 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:19:28.0112 8092 BFE - ok
17:19:28.0136 8092 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20121106.001\BHDrvx64.sys
17:19:28.0145 8092 BHDrvx64 - ok
17:19:28.0160 8092 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:19:28.0170 8092 BITS - ok
17:19:28.0174 8092 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:19:28.0175 8092 blbdrive - ok
17:19:28.0179 8092 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:19:28.0181 8092 bowser - ok
17:19:28.0185 8092 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:19:28.0186 8092 BrFiltLo - ok
17:19:28.0190 8092 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:19:28.0191 8092 BrFiltUp - ok
17:19:28.0197 8092 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:19:28.0199 8092 Browser - ok
17:19:28.0207 8092 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:19:28.0210 8092 Brserid - ok
17:19:28.0214 8092 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:19:28.0216 8092 BrSerWdm - ok
17:19:28.0219 8092 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:19:28.0220 8092 BrUsbMdm - ok
17:19:28.0224 8092 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:19:28.0224 8092 BrUsbSer - ok
17:19:28.0229 8092 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:19:28.0230 8092 BthEnum - ok
17:19:28.0234 8092 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:19:28.0235 8092 BTHMODEM - ok
17:19:28.0240 8092 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:19:28.0242 8092 BthPan - ok
17:19:28.0252 8092 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:19:28.0258 8092 BTHPORT - ok
17:19:28.0263 8092 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:19:28.0265 8092 bthserv - ok
17:19:28.0269 8092 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:19:28.0270 8092 BTHUSB - ok
17:19:28.0281 8092 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
17:19:28.0288 8092 btwampfl - ok
17:19:28.0293 8092 [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:19:28.0296 8092 btwaudio - ok
17:19:28.0301 8092 [ 9FF58F76024D25784755B01F926B00BE ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
17:19:28.0304 8092 btwavdt - ok
17:19:28.0326 8092 [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
17:19:28.0333 8092 btwdins - ok
17:19:28.0336 8092 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
17:19:28.0338 8092 btwl2cap - ok
17:19:28.0341 8092 [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:19:28.0342 8092 btwrchid - ok
17:19:28.0349 8092 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys
17:19:28.0352 8092 ccSet_N360 - ok
17:19:28.0356 8092 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:19:28.0358 8092 cdfs - ok
17:19:28.0363 8092 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:19:28.0365 8092 cdrom - ok
17:19:28.0370 8092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:19:28.0372 8092 CertPropSvc - ok
17:19:28.0376 8092 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:19:28.0377 8092 circlass - ok
17:19:28.0385 8092 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:19:28.0390 8092 CLFS - ok
17:19:28.0398 8092 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:19:28.0399 8092 clr_optimization_v2.0.50727_32 - ok
17:19:28.0407 8092 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:19:28.0408 8092 clr_optimization_v2.0.50727_64 - ok
17:19:28.0419 8092 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:19:28.0420 8092 clr_optimization_v4.0.30319_32 - ok
17:19:28.0425 8092 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:19:28.0427 8092 clr_optimization_v4.0.30319_64 - ok
17:19:28.0430 8092 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:19:28.0431 8092 CmBatt - ok
17:19:28.0435 8092 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:19:28.0436 8092 cmdide - ok
17:19:28.0446 8092 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:19:28.0451 8092 CNG - ok
17:19:28.0455 8092 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:19:28.0456 8092 Compbatt - ok
17:19:28.0459 8092 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:19:28.0460 8092 CompositeBus - ok
17:19:28.0463 8092 COMSysApp - ok
17:19:28.0472 8092 [ 64704E2956CAFD465DDDD58EEB4ECE81 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:19:28.0474 8092 cphs - ok
17:19:28.0478 8092 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:19:28.0479 8092 crcdisk - ok
17:19:28.0486 8092 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:19:28.0489 8092 CryptSvc - ok
17:19:28.0498 8092 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:19:28.0504 8092 CSC - ok
17:19:28.0516 8092 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:19:28.0523 8092 CscService - ok
17:19:28.0534 8092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:19:28.0540 8092 DcomLaunch - ok
17:19:28.0547 8092 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:19:28.0550 8092 defragsvc - ok
17:19:28.0554 8092 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:19:28.0556 8092 DfsC - ok
17:19:28.0564 8092 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:19:28.0568 8092 Dhcp - ok
17:19:28.0572 8092 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:19:28.0573 8092 discache - ok
17:19:28.0576 8092 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:19:28.0578 8092 Disk - ok
17:19:28.0582 8092 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:19:28.0584 8092 dmvsc - ok
17:19:28.0590 8092 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:19:28.0593 8092 Dnscache - ok
17:19:28.0599 8092 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:19:28.0603 8092 dot3svc - ok
17:19:28.0612 8092 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
17:19:28.0614 8092 DozeSvc - ok
17:19:28.0619 8092 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:19:28.0622 8092 DPS - ok
17:19:28.0625 8092 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:19:28.0626 8092 drmkaud - ok
17:19:28.0644 8092 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:19:28.0656 8092 DXGKrnl - ok
17:19:28.0660 8092 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
17:19:28.0661 8092 DzHDD64 - ok
17:19:28.0665 8092 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:19:28.0667 8092 EapHost - ok
17:19:28.0705 8092 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:19:28.0740 8092 ebdrv - ok
17:19:28.0745 8092 [ B90BEFCCEB59C83AC65BFD39EF7404F4 ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
17:19:28.0745 8092 ecnssndis - ok
17:19:28.0749 8092 [ 1CF09C0555BE49EFE96B33BDA514A334 ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
17:19:28.0749 8092 ecnssndisfltr - ok
17:19:28.0763 8092 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:19:28.0766 8092 eeCtrl - ok
17:19:28.0770 8092 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:19:28.0772 8092 EFS - ok
17:19:28.0785 8092 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:19:28.0789 8092 ehRecvr - ok
17:19:28.0793 8092 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:19:28.0794 8092 ehSched - ok
17:19:28.0805 8092 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:19:28.0811 8092 elxstor - ok
17:19:28.0816 8092 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:19:28.0817 8092 EraserUtilRebootDrv - ok
17:19:28.0821 8092 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:19:28.0822 8092 ErrDev - ok
17:19:28.0834 8092 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:19:28.0838 8092 EventSystem - ok
17:19:28.0850 8092 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:19:28.0854 8092 EvtEng - ok
17:19:28.0860 8092 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:19:28.0863 8092 exfat - ok
17:19:28.0869 8092 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:19:28.0872 8092 fastfat - ok
17:19:28.0884 8092 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:19:28.0891 8092 Fax - ok
17:19:28.0895 8092 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:19:28.0896 8092 fdc - ok
17:19:28.0900 8092 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:19:28.0901 8092 fdPHost - ok
17:19:28.0904 8092 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:19:28.0906 8092 FDResPub - ok
17:19:28.0910 8092 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:19:28.0911 8092 FileInfo - ok
17:19:28.0915 8092 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:19:28.0916 8092 Filetrace - ok
17:19:28.0920 8092 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:19:28.0921 8092 flpydisk - ok
17:19:28.0928 8092 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:19:28.0931 8092 FltMgr - ok
17:19:28.0950 8092 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:19:28.0964 8092 FontCache - ok
17:19:28.0968 8092 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:19:28.0969 8092 FontCache3.0.0.0 - ok
17:19:28.0972 8092 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:19:28.0974 8092 FsDepends - ok
17:19:28.0977 8092 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:19:28.0978 8092 Fs_Rec - ok
17:19:28.0984 8092 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:19:28.0987 8092 fvevol - ok
17:19:28.0992 8092 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:19:28.0993 8092 gagp30kx - ok
17:19:29.0006 8092 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:19:29.0015 8092 gpsvc - ok
17:19:29.0020 8092 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:19:29.0022 8092 gupdate - ok
17:19:29.0026 8092 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:19:29.0027 8092 gupdatem - ok
17:19:29.0033 8092 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:19:29.0034 8092 gusvc - ok
17:19:29.0038 8092 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:19:29.0039 8092 hcw85cir - ok
17:19:29.0047 8092 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:19:29.0051 8092 HdAudAddService - ok
17:19:29.0056 8092 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:19:29.0058 8092 HDAudBus - ok
17:19:29.0061 8092 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:19:29.0063 8092 HidBatt - ok
17:19:29.0067 8092 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:19:29.0070 8092 HidBth - ok
17:19:29.0073 8092 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:19:29.0075 8092 HidIr - ok
17:19:29.0078 8092 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:19:29.0080 8092 hidserv - ok
17:19:29.0084 8092 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:19:29.0085 8092 HidUsb - ok
17:19:29.0090 8092 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:19:29.0092 8092 hkmsvc - ok
17:19:29.0098 8092 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:19:29.0102 8092 HomeGroupListener - ok
17:19:29.0107 8092 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:19:29.0111 8092 HomeGroupProvider - ok
17:19:29.0115 8092 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:19:29.0117 8092 HpSAMD - ok
17:19:29.0136 8092 [ 1BE48B0542C91487BB8A94BF2278F55D ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:19:29.0149 8092 HPSLPSVC - ok
17:19:29.0162 8092 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:19:29.0169 8092 HTTP - ok
17:19:29.0173 8092 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:19:29.0174 8092 hwpolicy - ok
17:19:29.0179 8092 [ 16A7CA284629A4D002F7B992C9A49EF9 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
17:19:29.0180 8092 HyperW7Svc - ok
17:19:29.0184 8092 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:19:29.0187 8092 i8042prt - ok
17:19:29.0199 8092 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\drivers\iaStor.sys
17:19:29.0203 8092 iaStor - ok
17:19:29.0212 8092 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:19:29.0217 8092 iaStorV - ok
17:19:29.0220 8092 [ 72B253CDBCAA10E88AAD0BA39CC83BCD ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
17:19:29.0222 8092 IBMPMDRV - ok
17:19:29.0225 8092 [ 4925FFB084C9AD02E8EEF01FB18BF5AC ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
17:19:29.0227 8092 IBMPMSVC - ok
17:19:29.0242 8092 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:19:29.0251 8092 idsvc - ok
17:19:29.0264 8092 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20121129.001\IDSvia64.sys
17:19:29.0268 8092 IDSVia64 - ok
17:19:29.0428 8092 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:19:29.0565 8092 igfx - ok
17:19:29.0573 8092 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:19:29.0575 8092 iirsp - ok
17:19:29.0588 8092 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:19:29.0597 8092 IKEEXT - ok
17:19:29.0602 8092 [ 314285071F7117263BD246E35C17FD82 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
17:19:29.0603 8092 intaud_WaveExtensible - ok
17:19:29.0647 8092 [ 4F92A60B04CB8EC7EDFA7717A2E5886A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:19:29.0692 8092 IntcAzAudAddService - ok
17:19:29.0701 8092 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:19:29.0706 8092 IntcDAud - ok
17:19:29.0718 8092 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:19:29.0722 8092 Intel® Capability Licensing Service Interface - ok
17:19:29.0725 8092 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:19:29.0727 8092 intelide - ok
17:19:29.0731 8092 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:19:29.0733 8092 intelppm - ok
17:19:29.0738 8092 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:19:29.0740 8092 IPBusEnum - ok
17:19:29.0744 8092 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:19:29.0746 8092 IpFilterDriver - ok
17:19:29.0757 8092 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:19:29.0764 8092 iphlpsvc - ok
17:19:29.0768 8092 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:19:29.0770 8092 IPMIDRV - ok
17:19:29.0775 8092 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:19:29.0777 8092 IPNAT - ok
17:19:29.0781 8092 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:19:29.0782 8092 IRENUM - ok
17:19:29.0785 8092 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:19:29.0786 8092 isapnp - ok
17:19:29.0794 8092 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:19:29.0797 8092 iScsiPrt - ok
17:19:29.0801 8092 [ 970995B7C36F4408ED31C3BF204FE1F5 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
17:19:29.0803 8092 ISCT - ok
17:19:29.0806 8092 [ 846354992EBB373F452EB9182D501B08 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
17:19:29.0807 8092 iusb3hcs - ok
17:19:29.0816 8092 [ 1D88A23853387D34D52CC8F9DDBFC56C ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
17:19:29.0820 8092 iusb3hub - ok
17:19:29.0834 8092 [ FC5EFD7C797DF19DFB999F0605A7924E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
17:19:29.0843 8092 iusb3xhc - ok
17:19:29.0846 8092 [ 4487AD9C070D3973FE28AB4406555FC6 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
17:19:29.0847 8092 iwdbus - ok
17:19:29.0854 8092 [ 0043D9FB61C35F90886B1E93DD556FAF ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
17:19:29.0856 8092 jhi_service - ok
17:19:29.0860 8092 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:19:29.0861 8092 kbdclass - ok
17:19:29.0865 8092 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:19:29.0866 8092 kbdhid - ok
17:19:29.0870 8092 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:19:29.0872 8092 KeyIso - ok
17:19:29.0876 8092 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:19:29.0878 8092 KSecDD - ok
17:19:29.0884 8092 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:19:29.0886 8092 KSecPkg - ok
17:19:29.0890 8092 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:19:29.0891 8092 ksthunk - ok
17:19:29.0899 8092 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:19:29.0902 8092 KtmRm - ok
17:19:29.0907 8092 [ 3BE0319D6F9D5A0C4DDD037E0E19FFD4 ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys
17:19:29.0908 8092 l36wgps - ok
17:19:29.0914 8092 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:19:29.0918 8092 LanmanServer - ok
17:19:29.0923 8092 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:19:29.0926 8092 LanmanWorkstation - ok
17:19:29.0932 8092 [ 4A0235E9822B220339E34D8C122BB6D1 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
17:19:29.0933 8092 LENOVO.CAMMUTE - ok
17:19:29.0937 8092 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
17:19:29.0938 8092 LENOVO.MICMUTE - ok
17:19:29.0941 8092 [ 93921A19D885755B9751C3744DBCB8FD ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
17:19:29.0942 8092 LENOVO.TPKNRSVC - ok
17:19:29.0948 8092 [ 79F99A4D59825839B7E563B4BCF52C5E ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
17:19:29.0949 8092 LENOVO.TVTVCAM - ok
17:19:29.0954 8092 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
17:19:29.0955 8092 Lenovo.VIRTSCRLSVC - ok
17:19:29.0959 8092 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:19:29.0960 8092 lltdio - ok
17:19:29.0967 8092 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:19:29.0972 8092 lltdsvc - ok
17:19:29.0975 8092 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:19:29.0977 8092 lmhosts - ok
17:19:29.0982 8092 [ 2FB262276D1C689C6886B1C0710342FA ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:19:29.0984 8092 LMS - ok
17:19:29.0992 8092 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:19:29.0994 8092 LSI_FC - ok
17:19:29.0999 8092 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:19:30.0001 8092 LSI_SAS - ok
17:19:30.0005 8092 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:19:30.0007 8092 LSI_SAS2 - ok
17:19:30.0012 8092 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:19:30.0014 8092 LSI_SCSI - ok
17:19:30.0018 8092 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:19:30.0020 8092 luafv - ok
17:19:30.0025 8092 [ 0CC0E238C431F699C13FD47202B7E265 ] MacheenService C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
17:19:30.0025 8092 MacheenService - ok
17:19:30.0034 8092 [ 62732AF9512B911C330ACBBDBCC2F284 ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
17:19:30.0037 8092 Mbm3CBus - ok
17:19:30.0046 8092 [ BDC2D259CA9CFCED092B3B0B8557322D ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
17:19:30.0049 8092 Mbm3DevMt - ok
17:19:30.0052 8092 [ E55689A5E9349182C24312EFC9DF09FB ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
17:19:30.0053 8092 Mbm3mdfl - ok
17:19:30.0062 8092 [ FC1059C857D7B1083086BE04DB5EE09C ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
17:19:30.0065 8092 Mbm3Mdm - ok
17:19:30.0070 8092 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:19:30.0071 8092 Mcx2Svc - ok
17:19:30.0075 8092 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:19:30.0076 8092 megasas - ok
17:19:30.0083 8092 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:19:30.0086 8092 MegaSR - ok
17:19:30.0091 8092 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:19:30.0092 8092 MEIx64 - ok
17:19:30.0099 8092 Microsoft SharePoint Workspace Audit Service - ok
17:19:30.0103 8092 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:19:30.0104 8092 MMCSS - ok
17:19:30.0108 8092 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:19:30.0110 8092 Modem - ok
17:19:30.0113 8092 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:19:30.0114 8092 monitor - ok
17:19:30.0118 8092 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:19:30.0119 8092 mouclass - ok
17:19:30.0123 8092 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
17:19:30.0124 8092 mouhid - ok
17:19:30.0128 8092 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:19:30.0130 8092 mountmgr - ok
17:19:30.0134 8092 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:19:30.0137 8092 mpio - ok
17:19:30.0141 8092 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:19:30.0143 8092 mpsdrv - ok
17:19:30.0156 8092 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:19:30.0165 8092 MpsSvc - ok
17:19:30.0170 8092 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:19:30.0173 8092 MRxDAV - ok
17:19:30.0177 8092 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:19:30.0180 8092 mrxsmb - ok
17:19:30.0187 8092 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:19:30.0190 8092 mrxsmb10 - ok
17:19:30.0195 8092 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:19:30.0197 8092 mrxsmb20 - ok
17:19:30.0200 8092 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:19:30.0201 8092 msahci - ok
17:19:30.0207 8092 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:19:30.0209 8092 msdsm - ok
17:19:30.0214 8092 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:19:30.0217 8092 MSDTC - ok
17:19:30.0227 8092 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:19:30.0230 8092 Msfs - ok
17:19:30.0237 8092 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:19:30.0237 8092 mshidkmdf - ok
17:19:30.0243 8092 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:19:30.0245 8092 msisadrv - ok
17:19:30.0251 8092 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:19:30.0253 8092 MSiSCSI - ok
17:19:30.0257 8092 msiserver - ok
17:19:30.0262 8092 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:19:30.0263 8092 MSKSSRV - ok
17:19:30.0267 8092 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:19:30.0268 8092 MSPCLOCK - ok
17:19:30.0273 8092 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:19:30.0274 8092 MSPQM - ok
17:19:30.0282 8092 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:19:30.0287 8092 MsRPC - ok
17:19:30.0292 8092 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:19:30.0293 8092 mssmbios - ok
17:19:30.0297 8092 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:19:30.0298 8092 MSTEE - ok
17:19:30.0301 8092 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:19:30.0302 8092 MTConfig - ok
17:19:30.0306 8092 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:19:30.0307 8092 Mup - ok
17:19:30.0313 8092 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:19:30.0315 8092 MyWiFiDHCPDNS - ok
17:19:30.0325 8092 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe
17:19:30.0326 8092 N360 - ok
17:19:30.0335 8092 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:19:30.0341 8092 napagent - ok
17:19:30.0348 8092 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:19:30.0352 8092 NativeWifiP - ok
17:19:30.0359 8092 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20121129.023\ENG64.SYS
17:19:30.0360 8092 NAVENG - ok
17:19:30.0387 8092 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20121129.023\EX64.SYS
17:19:30.0400 8092 NAVEX15 - ok
17:19:30.0417 8092 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:19:30.0426 8092 NDIS - ok
17:19:30.0430 8092 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:19:30.0431 8092 NdisCap - ok
17:19:30.0435 8092 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:19:30.0436 8092 NdisTapi - ok
17:19:30.0440 8092 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:19:30.0441 8092 Ndisuio - ok
17:19:30.0446 8092 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:19:30.0449 8092 NdisWan - ok
17:19:30.0453 8092 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:19:30.0454 8092 NDProxy - ok
17:19:30.0458 8092 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:19:30.0460 8092 Net Driver HPZ12 - ok
17:19:30.0464 8092 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:19:30.0465 8092 NetBIOS - ok
17:19:30.0471 8092 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:19:30.0474 8092 NetBT - ok
17:19:30.0478 8092 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:19:30.0479 8092 Netlogon - ok
17:19:30.0486 8092 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:19:30.0491 8092 Netman - ok
17:19:30.0502 8092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:19:30.0503 8092 NetMsmqActivator - ok
17:19:30.0507 8092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:19:30.0508 8092 NetPipeActivator - ok
17:19:30.0518 8092 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:19:30.0523 8092 netprofm - ok
17:19:30.0527 8092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:19:30.0529 8092 NetTcpActivator - ok
17:19:30.0533 8092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:19:30.0534 8092 NetTcpPortSharing - ok
17:19:30.0646 8092 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
17:19:30.0792 8092 NETwNs64 - ok
17:19:30.0800 8092 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:19:30.0801 8092 nfrd960 - ok
17:19:30.0807 8092 [ AA3C4C56AF06B096D5684909A65CE79E ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
17:19:30.0809 8092 NitroDriverReadSpool2 - ok
17:19:30.0816 8092 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:19:30.0821 8092 NlaSvc - ok
17:19:30.0843 8092 [ 7A9E829922444DBDF680DFCC5A45F8AF ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
17:19:30.0844 8092 nlsX86cc - ok
17:19:30.0848 8092 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:19:30.0849 8092 Npfs - ok
17:19:30.0855 8092 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:19:30.0857 8092 nsi - ok
17:19:30.0860 8092 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:19:30.0861 8092 nsiproxy - ok
17:19:30.0886 8092 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:19:30.0904 8092 Ntfs - ok
17:19:30.0908 8092 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:19:30.0909 8092 Null - ok
17:19:30.0915 8092 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:19:30.0918 8092 nvraid - ok
17:19:30.0923 8092 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:19:30.0926 8092 nvstor - ok
17:19:30.0930 8092 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:19:30.0933 8092 nv_agp - ok
17:19:30.0938 8092 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:19:30.0940 8092 ohci1394 - ok
17:19:30.0945 8092 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:19:30.0946 8092 ose - ok
17:19:30.0999 8092 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:19:31.0028 8092 osppsvc - ok
17:19:31.0039 8092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:19:31.0043 8092 p2pimsvc - ok
17:19:31.0052 8092 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:19:31.0058 8092 p2psvc - ok
17:19:31.0063 8092 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:19:31.0065 8092 Parport - ok
17:19:31.0069 8092 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:19:31.0070 8092 partmgr - ok
17:19:31.0076 8092 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:19:31.0079 8092 PcaSvc - ok
17:19:31.0085 8092 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:19:31.0087 8092 pci - ok
17:19:31.0090 8092 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:19:31.0092 8092 pciide - ok
17:19:31.0098 8092 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:19:31.0101 8092 pcmcia - ok
17:19:31.0105 8092 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:19:31.0107 8092 pcw - ok
17:19:31.0119 8092 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:19:31.0126 8092 PEAUTH - ok
17:19:31.0147 8092 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:19:31.0163 8092 PeerDistSvc - ok
17:19:31.0169 8092 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:19:31.0170 8092 PerfHost - ok
17:19:31.0178 8092 [ B4C1BF666DBD6899EC4A9A499DAA040B ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
17:19:31.0179 8092 PHCORE - ok
17:19:31.0200 8092 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:19:31.0218 8092 pla - ok
17:19:31.0226 8092 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:19:31.0232 8092 PlugPlay - ok
17:19:31.0237 8092 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:19:31.0239 8092 Pml Driver HPZ12 - ok
17:19:31.0242 8092 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:19:31.0244 8092 PNRPAutoReg - ok
17:19:31.0251 8092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:19:31.0254 8092 PNRPsvc - ok
17:19:31.0264 8092 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:19:31.0271 8092 PolicyAgent - ok
17:19:31.0279 8092 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
17:19:31.0283 8092 Power - ok
17:19:31.0307 8092 [ DEED60F99C5B8E386D507860F600D509 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
17:19:31.0317 8092 Power Manager DBC Service - ok
17:19:31.0322 8092 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:19:31.0324 8092 PptpMiniport - ok
17:19:31.0329 8092 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:19:31.0331 8092 Processor - ok
17:19:31.0337 8092 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:19:31.0340 8092 ProfSvc - ok
17:19:31.0344 8092 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:19:31.0345 8092 ProtectedStorage - ok
17:19:31.0349 8092 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
17:19:31.0350 8092 psadd - ok
17:19:31.0355 8092 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:19:31.0357 8092 Psched - ok
17:19:31.0380 8092 [ 68DCE950DCD2ABBB82362D383EC5836E ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
17:19:31.0391 8092 PwmEWSvc - ok
17:19:31.0396 8092 [ C8DA4746D1C87FE3E5DCC3CE86218B62 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
17:19:31.0397 8092 QBCFMonitorService - ok
17:19:31.0400 8092 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
17:19:31.0401 8092 QBFCService - ok
17:19:31.0420 8092 [ A0EC711150D3E41539FE0542F7954341 ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
17:19:31.0428 8092 QBVSS - ok
17:19:31.0452 8092 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:19:31.0469 8092 ql2300 - ok
17:19:31.0475 8092 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:19:31.0478 8092 ql40xx - ok
17:19:31.0484 8092 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:19:31.0488 8092 QWAVE - ok
17:19:31.0493 8092 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:19:31.0494 8092 QWAVEdrv - ok
17:19:31.0498 8092 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:19:31.0499 8092 RasAcd - ok
17:19:31.0503 8092 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:19:31.0504 8092 RasAgileVpn - ok
17:19:31.0509 8092 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:19:31.0511 8092 RasAuto - ok
17:19:31.0516 8092 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:19:31.0518 8092 Rasl2tp - ok
17:19:31.0526 8092 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:19:31.0531 8092 RasMan - ok
17:19:31.0535 8092 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:19:31.0537 8092 RasPppoe - ok
17:19:31.0541 8092 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:19:31.0543 8092 RasSstp - ok
17:19:31.0551 8092 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:19:31.0555 8092 rdbss - ok
17:19:31.0558 8092 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:19:31.0559 8092 rdpbus - ok
17:19:31.0563 8092 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:19:31.0563 8092 RDPCDD - ok
17:19:31.0571 8092 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:19:31.0573 8092 RDPDR - ok
17:19:31.0576 8092 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:19:31.0577 8092 RDPENCDD - ok
17:19:31.0582 8092 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:19:31.0582 8092 RDPREFMP - ok
17:19:31.0588 8092 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:19:31.0592 8092 RDPWD - ok
17:19:31.0598 8092 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:19:31.0601 8092 rdyboost - ok
17:19:31.0606 8092 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:19:31.0607 8092 RegSrvc - ok
17:19:31.0612 8092 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:19:31.0614 8092 RemoteAccess - ok
17:19:31.0619 8092 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:19:31.0622 8092 RemoteRegistry - ok
17:19:31.0627 8092 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:19:31.0630 8092 RFCOMM - ok
17:19:31.0635 8092 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
17:19:31.0637 8092 risdxc - ok
17:19:31.0641 8092 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:19:31.0643 8092 RpcEptMapper - ok
17:19:31.0646 8092 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:19:31.0648 8092 RpcLocator - ok
17:19:31.0658 8092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:19:31.0663 8092 RpcSs - ok
17:19:31.0667 8092 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:19:31.0668 8092 rspndr - ok
17:19:31.0672 8092 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:19:31.0673 8092 s3cap - ok
17:19:31.0676 8092 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:19:31.0678 8092 SamSs - ok
17:19:31.0682 8092 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:19:31.0684 8092 sbp2port - ok
17:19:31.0690 8092 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:19:31.0693 8092 SCardSvr - ok
17:19:31.0697 8092 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:19:31.0698 8092 scfilter - ok
17:19:31.0715 8092 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:19:31.0729 8092 Schedule - ok
17:19:31.0733 8092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:19:31.0734 8092 SCPolicySvc - ok
17:19:31.0740 8092 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:19:31.0743 8092 SDRSVC - ok
17:19:31.0748 8092 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:19:31.0749 8092 secdrv - ok
17:19:31.0754 8092 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:19:31.0756 8092 seclogon - ok
17:19:31.0760 8092 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:19:31.0762 8092 SENS - ok
17:19:31.0766 8092 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:19:31.0768 8092 SensrSvc - ok
17:19:31.0771 8092 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:19:31.0773 8092 Serenum - ok
17:19:31.0777 8092 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:19:31.0779 8092 Serial - ok
17:19:31.0782 8092 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:19:31.0783 8092 sermouse - ok
17:19:31.0793 8092 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:19:31.0796 8092 SessionEnv - ok
17:19:31.0799 8092 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:19:31.0800 8092 sffdisk - ok
17:19:31.0803 8092 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:19:31.0804 8092 sffp_mmc - ok
17:19:31.0808 8092 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:19:31.0809 8092 sffp_sd - ok
17:19:31.0813 8092 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:19:31.0814 8092 sfloppy - ok
17:19:31.0821 8092 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:19:31.0826 8092 SharedAccess - ok
17:19:31.0833 8092 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:19:31.0838 8092 ShellHWDetection - ok
17:19:31.0842 8092 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:19:31.0844 8092 SiSRaid2 - ok
17:19:31.0848 8092 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:19:31.0850 8092 SiSRaid4 - ok
17:19:31.0855 8092 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:19:31.0857 8092 Smb - ok
17:19:31.0860 8092 [ 8B4B5E4C0382D7ECBB48DC989AE20FA6 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
17:19:31.0861 8092 SmbDrvI - ok
17:19:31.0865 8092 [ 3BC2844AF786CA422CC31D505ACFA9F2 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
17:19:31.0865 8092 smihlp - ok
17:19:31.0873 8092 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:19:31.0875 8092 SNMPTRAP - ok
17:19:31.0880 8092 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:19:31.0882 8092 spldr - ok
17:19:31.0892 8092 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:19:31.0898 8092 Spooler - ok
17:19:31.0935 8092 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:19:31.0971 8092 sppsvc - ok
17:19:31.0976 8092 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:19:31.0978 8092 sppuinotify - ok
17:19:32.0012 8092 [ 69287F362738E7AB9EEF98ECF34D7335 ] SPUVCbv C:\Windows\system32\Drivers\SPUVCbv_x64.sys
17:19:32.0045 8092 SPUVCbv - ok
17:19:32.0059 8092 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\system32\drivers\N360x64\1402000.013\SRTSP64.SYS
17:19:32.0066 8092 SRTSP - ok
17:19:32.0070 8092 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS
17:19:32.0071 8092 SRTSPX - ok
17:19:32.0080 8092 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:19:32.0085 8092 srv - ok
17:19:32.0094 8092 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:19:32.0099 8092 srv2 - ok
17:19:32.0103 8092 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:19:32.0106 8092 srvnet - ok
17:19:32.0112 8092 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:19:32.0115 8092 SSDPSRV - ok
17:19:32.0120 8092 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:19:32.0122 8092 SstpSvc - ok
17:19:32.0126 8092 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:19:32.0127 8092 stexstor - ok
17:19:32.0130 8092 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:19:32.0131 8092 StillCam - ok
17:19:32.0142 8092 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:19:32.0149 8092 stisvc - ok
17:19:32.0153 8092 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:19:32.0154 8092 storflt - ok
17:19:32.0157 8092 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:19:32.0160 8092 StorSvc - ok
17:19:32.0163 8092 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:19:32.0164 8092 storvsc - ok
17:19:32.0170 8092 [ C5AEDE68CEED66BC1A030E1E535B5B4C ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
17:19:32.0170 8092 SUService - ok
17:19:32.0174 8092 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:19:32.0175 8092 swenum - ok
17:19:32.0184 8092 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:19:32.0191 8092 swprv - ok
17:19:32.0201 8092 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS
17:19:32.0206 8092 SymDS - ok
17:19:32.0224 8092 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS
17:19:32.0240 8092 SymEFA - ok
17:19:32.0245 8092 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:19:32.0248 8092 SymEvent - ok
17:19:32.0254 8092 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS
17:19:32.0257 8092 SymIRON - ok
17:19:32.0266 8092 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\system32\drivers\N360x64\1402000.013\SYMNETS.SYS
17:19:32.0270 8092 SymNetS - ok
17:19:32.0280 8092 [ 9A17BF37F3B2FB9B686214780E4F8223 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:19:32.0285 8092 SynTP - ok
17:19:32.0309 8092 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:19:32.0329 8092 SysMain - ok
17:19:32.0334 8092 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:19:32.0337 8092 TabletInputService - ok
17:19:32.0344 8092 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:19:32.0349 8092 TapiSrv - ok
17:19:32.0353 8092 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:19:32.0355 8092 TBS - ok
17:19:32.0380 8092 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:19:32.0401 8092 Tcpip - ok
17:19:32.0426 8092 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:19:32.0438 8092 TCPIP6 - ok
17:19:32.0444 8092 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:19:32.0446 8092 tcpipreg - ok
17:19:32.0450 8092 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:19:32.0452 8092 TDPIPE - ok
17:19:32.0455 8092 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:19:32.0457 8092 TDTCP - ok
17:19:32.0463 8092 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:19:32.0465 8092 tdx - ok
17:19:32.0469 8092 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:19:32.0470 8092 TermDD - ok
17:19:32.0483 8092 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:19:32.0492 8092 TermService - ok
17:19:32.0496 8092 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:19:32.0498 8092 Themes - ok
17:19:32.0516 8092 [ F5C7A3BAA91A5305EBC46EA441CD52F7 ] ThinkVantage Registry Monitor Service C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
17:19:32.0523 8092 ThinkVantage Registry Monitor Service - ok
17:19:32.0527 8092 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:19:32.0529 8092 THREADORDER - ok
17:19:32.0535 8092 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
17:19:32.0536 8092 TPHKLOAD - ok
17:19:32.0541 8092 [ 046A7B412E4E6C4A7B426441E143F0F2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
17:19:32.0542 8092 TPHKSVC - ok
17:19:32.0546 8092 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
17:19:32.0548 8092 TPM - ok
17:19:32.0551 8092 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
17:19:32.0552 8092 TPPWRIF - ok
17:19:32.0557 8092 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:19:32.0561 8092 TrkWks - ok
17:19:32.0566 8092 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:19:32.0568 8092 TrustedInstaller - ok
17:19:32.0573 8092 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:19:32.0574 8092 tssecsrv - ok
17:19:32.0580 8092 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:19:32.0581 8092 TsUsbFlt - ok
17:19:32.0585 8092 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:19:32.0586 8092 TsUsbGD - ok
17:19:32.0591 8092 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:19:32.0593 8092 tunnel - ok
17:19:32.0616 8092 [ D3D473C0DD8BAC37FADD6419362907E2 ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
17:19:32.0625 8092 TVT Backup Service - ok
17:19:32.0630 8092 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
17:19:32.0631 8092 TVTI2C - ok
17:19:32.0636 8092 [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
17:19:32.0637 8092 tvtvcamd - ok
17:19:32.0641 8092 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:19:32.0643 8092 uagp35 - ok
17:19:32.0651 8092 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:19:32.0655 8092 udfs - ok
17:19:32.0662 8092 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:19:32.0665 8092 UI0Detect - ok
17:19:32.0669 8092 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:19:32.0671 8092 uliagpkx - ok
17:19:32.0675 8092 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:19:32.0677 8092 umbus - ok
17:19:32.0680 8092 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:19:32.0681 8092 UmPass - ok
17:19:32.0687 8092 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:19:32.0692 8092 UmRdpService - ok
17:19:32.0701 8092 [ CABEC311CEA77EAEA3DC04A1ADFC0459 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:19:32.0704 8092 UNS - ok
17:19:32.0712 8092 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:19:32.0717 8092 upnphost - ok
17:19:32.0722 8092 [ 6CC0985C3BB5931F73FF0846E06A9483 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:19:32.0724 8092 usbccgp - ok
17:19:32.0728 8092 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:19:32.0730 8092 usbcir - ok
17:19:32.0735 8092 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:19:32.0736 8092 usbehci - ok
17:19:32.0744 8092 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:19:32.0748 8092 usbhub - ok
17:19:32.0752 8092 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:19:32.0753 8092 usbohci - ok
17:19:32.0757 8092 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:19:32.0758 8092 usbprint - ok
17:19:32.0763 8092 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:19:32.0765 8092 USBSTOR - ok
17:19:32.0769 8092 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:19:32.0770 8092 usbuhci - ok
17:19:32.0776 8092 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:19:32.0779 8092 usbvideo - ok
17:19:32.0783 8092 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:19:32.0785 8092 UxSms - ok
17:19:32.0789 8092 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:19:32.0790 8092 VaultSvc - ok
17:19:32.0794 8092 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:19:32.0795 8092 vdrvroot - ok
17:19:32.0805 8092 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:19:32.0812 8092 vds - ok
17:19:32.0816 8092 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:19:32.0818 8092 vga - ok
17:19:32.0821 8092 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:19:32.0822 8092 VgaSave - ok
17:19:32.0828 8092 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:19:32.0831 8092 vhdmp - ok
17:19:32.0835 8092 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:19:32.0836 8092 viaide - ok
17:19:32.0841 8092 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
17:19:32.0842 8092 VIPAppService - ok
17:19:32.0848 8092 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:19:32.0851 8092 vmbus - ok
17:19:32.0855 8092 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:19:32.0856 8092 VMBusHID - ok
17:19:32.0860 8092 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:19:32.0862 8092 volmgr - ok
17:19:32.0870 8092 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:19:32.0874 8092 volmgrx - ok
17:19:32.0881 8092 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:19:32.0885 8092 volsnap - ok
17:19:32.0890 8092 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:19:32.0893 8092 vsmraid - ok
17:19:32.0915 8092 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:19:32.0934 8092 VSS - ok
17:19:32.0938 8092 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:19:32.0939 8092 vwifibus - ok
17:19:32.0943 8092 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:19:32.0945 8092 vwififlt - ok
17:19:32.0948 8092 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:19:32.0949 8092 vwifimp - ok
17:19:32.0957 8092 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:19:32.0962 8092 W32Time - ok
17:19:32.0968 8092 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:19:32.0969 8092 WacomPen - ok
17:19:32.0973 8092 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:19:32.0975 8092 WANARP - ok
17:19:32.0979 8092 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:19:32.0980 8092 Wanarpv6 - ok
17:19:33.0001 8092 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:19:33.0015 8092 WatAdminSvc - ok
17:19:33.0037 8092 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:19:33.0055 8092 wbengine - ok
17:19:33.0061 8092 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:19:33.0065 8092 WbioSrvc - ok
17:19:33.0073 8092 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:19:33.0079 8092 wcncsvc - ok
17:19:33.0082 8092 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:19:33.0085 8092 WcsPlugInService - ok
17:19:33.0088 8092 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:19:33.0090 8092 Wd - ok
17:19:33.0103 8092 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:19:33.0111 8092 Wdf01000 - ok
17:19:33.0115 8092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:19:33.0118 8092 WdiServiceHost - ok
17:19:33.0121 8092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:19:33.0124 8092 WdiSystemHost - ok
17:19:33.0130 8092 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:19:33.0135 8092 WebClient - ok
17:19:33.0158 8092 [ 507D80C0ACCC3B4FC123BD99D0AF3F97 ] WebUpdate4 C:\Windows\SysWOW64\WebUpdateSvc4.exe
17:19:33.0161 8092 WebUpdate4 - ok
17:19:33.0167 8092 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:19:33.0171 8092 Wecsvc - ok
17:19:33.0176 8092 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:19:33.0179 8092 wercplsupport - ok
17:19:33.0184 8092 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:19:33.0186 8092 WerSvc - ok
17:19:33.0190 8092 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:19:33.0191 8092 WfpLwf - ok
17:19:33.0196 8092 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:19:33.0197 8092 WIMMount - ok
17:19:33.0199 8092 WinDefend - ok
17:19:33.0206 8092 WinHttpAutoProxySvc - ok
17:19:33.0218 8092 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:19:33.0222 8092 Winmgmt - ok
17:19:33.0247 8092 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:19:33.0270 8092 WinRM - ok
17:19:33.0278 8092 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
17:19:33.0279 8092 WinUsb - ok
17:19:33.0293 8092 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:19:33.0303 8092 Wlansvc - ok
17:19:33.0308 8092 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:19:33.0308 8092 wlcrasvc - ok
17:19:33.0337 8092 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:19:33.0351 8092 wlidsvc - ok
17:19:33.0355 8092 WMCoreService - ok
17:19:33.0359 8092 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:19:33.0360 8092 WmiAcpi - ok
17:19:33.0367 8092 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:19:33.0370 8092 wmiApSrv - ok
17:19:33.0373 8092 WMPNetworkSvc - ok
17:19:33.0377 8092 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:19:33.0380 8092 WPCSvc - ok
17:19:33.0384 8092 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:19:33.0387 8092 WPDBusEnum - ok
17:19:33.0390 8092 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:19:33.0391 8092 ws2ifsl - ok
17:19:33.0396 8092 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:19:33.0399 8092 wscsvc - ok
17:19:33.0402 8092 WSearch - ok
17:19:33.0434 8092 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:19:33.0461 8092 wuauserv - ok
17:19:33.0466 8092 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:19:33.0468 8092 WudfPf - ok
17:19:33.0474 8092 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:19:33.0477 8092 WUDFRd - ok
17:19:33.0481 8092 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:19:33.0484 8092 wudfsvc - ok
17:19:33.0490 8092 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:19:33.0495 8092 WwanSvc - ok
17:19:33.0501 8092 [ 747DA6EE261B3760201D7738E0FD59B8 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
17:19:33.0504 8092 WwanUsbServ - ok
17:19:33.0537 8092 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
17:19:33.0553 8092 ZeroConfigService - ok
17:19:33.0562 8092 ================ Scan global ===============================
17:19:33.0565 8092 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:19:33.0572 8092 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:19:33.0580 8092 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:19:33.0585 8092 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:19:33.0593 8092 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:19:33.0596 8092 [Global] - ok
17:19:33.0597 8092 ================ Scan MBR ==================================
17:19:33.0599 8092 [ 5265B2FB322D339F69B451E926A569F1 ] \Device\Harddisk0\DR0
17:19:33.0705 8092 \Device\Harddisk0\DR0 - ok
17:19:33.0709 8092 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
17:19:36.0103 8092 \Device\Harddisk1\DR3 - ok
17:19:36.0103 8092 ================ Scan VBR ==================================
17:19:36.0112 8092 [ 99F00E601D25F991A360116855C3631C ] \Device\Harddisk0\DR0\Partition1
17:19:36.0114 8092 \Device\Harddisk0\DR0\Partition1 - ok
17:19:36.0117 8092 [ B9B0C3E23FACFEE17B8A06E4EF3A5B62 ] \Device\Harddisk0\DR0\Partition2
17:19:36.0119 8092 \Device\Harddisk0\DR0\Partition2 - ok
17:19:36.0121 8092 [ A3E9E76F75C2C54AB55696E41E35F35E ] \Device\Harddisk0\DR0\Partition3
17:19:36.0123 8092 \Device\Harddisk0\DR0\Partition3 - ok
17:19:36.0126 8092 [ 5CEA9834DD940368DFDD2CB7E72A29A1 ] \Device\Harddisk1\DR3\Partition1
17:19:36.0127 8092 \Device\Harddisk1\DR3\Partition1 - ok
17:19:36.0128 8092 ============================================================
17:19:36.0128 8092 Scan finished
17:19:36.0128 8092 ============================================================
17:19:36.0137 4836 Detected object count: 0
17:19:36.0137 4836 Actual detected object count: 0
17:20:24.0446 9316 ============================================================
17:20:24.0446 9316 Scan started
17:20:24.0446 9316 Mode: Manual; SigCheck; TDLFS;
17:20:24.0446 9316 ============================================================
17:20:24.0530 9316 ================ Scan system memory ========================
17:20:24.0530 9316 System memory - ok
17:20:24.0530 9316 ================ Scan services =============================
17:20:24.0577 9316 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:20:24.0646 9316 1394ohci - ok
17:20:24.0655 9316 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:20:24.0674 9316 ACPI - ok
17:20:24.0679 9316 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:20:24.0698 9316 AcpiPmi - ok
17:20:24.0711 9316 [ 2540FC407E5CCBEEB981755A3B6AFF58 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
17:20:24.0727 9316 AcPrfMgrSvc - ok
17:20:24.0735 9316 [ 5463D786E083B8D50CF44FFF0926CECA ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
17:20:24.0751 9316 AcSvc - ok
17:20:24.0756 9316 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:20:24.0769 9316 AdobeARMservice - ok
17:20:24.0798 9316 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:20:24.0813 9316 AdobeFlashPlayerUpdateSvc - ok
17:20:24.0824 9316 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:20:24.0846 9316 adp94xx - ok
17:20:24.0855 9316 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:20:24.0873 9316 adpahci - ok
17:20:24.0881 9316 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:20:24.0897 9316 adpu320 - ok
17:20:24.0903 9316 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:20:24.0971 9316 AeLookupSvc - ok
17:20:24.0983 9316 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:20:25.0006 9316 AFD - ok
17:20:25.0010 9316 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:20:25.0024 9316 agp440 - ok
17:20:25.0029 9316 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:20:25.0049 9316 ALG - ok
17:20:25.0053 9316 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:20:25.0067 9316 aliide - ok
17:20:25.0070 9316 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:20:25.0083 9316 amdide - ok
17:20:25.0088 9316 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:20:25.0105 9316 AmdK8 - ok
17:20:25.0109 9316 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:20:25.0125 9316 AmdPPM - ok
17:20:25.0130 9316 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:20:25.0145 9316 amdsata - ok
17:20:25.0151 9316 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:20:25.0167 9316 amdsbs - ok
17:20:25.0172 9316 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:20:25.0185 9316 amdxata - ok
17:20:25.0189 9316 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:20:25.0302 9316 AppID - ok
17:20:25.0307 9316 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:20:25.0365 9316 AppIDSvc - ok
17:20:25.0371 9316 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:20:25.0421 9316 Appinfo - ok
17:20:25.0427 9316 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:20:25.0442 9316 AppMgmt - ok
17:20:25.0447 9316 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:20:25.0459 9316 arc - ok
17:20:25.0463 9316 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:20:25.0475 9316 arcsas - ok
17:20:25.0490 9316 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:20:25.0501 9316 aspnet_state - ok
17:20:25.0505 9316 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:20:25.0542 9316 AsyncMac - ok
17:20:25.0546 9316 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:20:25.0557 9316 atapi - ok
17:20:25.0569 9316 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:20:25.0612 9316 AudioEndpointBuilder - ok
17:20:25.0623 9316 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:20:25.0664 9316 AudioSrv - ok
17:20:25.0669 9316 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:20:25.0689 9316 AxInstSV - ok
17:20:25.0698 9316 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:20:25.0716 9316 b06bdrv - ok
17:20:25.0723 9316 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:20:25.0741 9316 b57nd60a - ok
17:20:25.0748 9316 [ F01759FA97126CC69DFA85CEDA0717A1 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
17:20:25.0766 9316 bcbtums - ok
17:20:25.0770 9316 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:20:25.0785 9316 BDESVC - ok
17:20:25.0788 9316 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:20:25.0826 9316 Beep - ok
17:20:25.0839 9316 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:20:25.0881 9316 BFE - ok
17:20:25.0905 9316 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20121106.001\BHDrvx64.sys
17:20:25.0935 9316 BHDrvx64 - ok
17:20:25.0950 9316 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:20:25.0995 9316 BITS - ok
17:20:25.0999 9316 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:20:26.0013 9316 blbdrive - ok
17:20:26.0017 9316 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:20:26.0032 9316 bowser - ok
17:20:26.0035 9316 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:20:26.0051 9316 BrFiltLo - ok
17:20:26.0055 9316 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:20:26.0071 9316 BrFiltUp - ok
17:20:26.0076 9316 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:20:26.0091 9316 Browser - ok
17:20:26.0098 9316 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:20:26.0118 9316 Brserid - ok
17:20:26.0122 9316 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:20:26.0138 9316 BrSerWdm - ok
17:20:26.0142 9316 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:20:26.0159 9316 BrUsbMdm - ok
17:20:26.0162 9316 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:20:26.0176 9316 BrUsbSer - ok
17:20:26.0180 9316 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:20:26.0194 9316 BthEnum - ok
17:20:26.0199 9316 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:20:26.0215 9316 BTHMODEM - ok
17:20:26.0220 9316 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:20:26.0239 9316 BthPan - ok
17:20:26.0249 9316 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:20:26.0268 9316 BTHPORT - ok
17:20:26.0272 9316 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:20:26.0310 9316 bthserv - ok
17:20:26.0315 9316 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:20:26.0329 9316 BTHUSB - ok
17:20:26.0340 9316 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
17:20:26.0358 9316 btwampfl - ok
17:20:26.0363 9316 [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:20:26.0375 9316 btwaudio - ok
17:20:26.0381 9316 [ 9FF58F76024D25784755B01F926B00BE ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
17:20:26.0393 9316 btwavdt - ok
17:20:26.0416 9316 [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
17:20:26.0439 9316 btwdins - ok
17:20:26.0443 9316 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
17:20:26.0453 9316 btwl2cap - ok
17:20:26.0457 9316 [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:20:26.0467 9316 btwrchid - ok
17:20:26.0474 9316 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys
17:20:26.0485 9316 ccSet_N360 - ok
17:20:26.0490 9316 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:20:26.0527 9316 cdfs - ok
17:20:26.0532 9316 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:20:26.0549 9316 cdrom - ok
17:20:26.0553 9316 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:20:26.0590 9316 CertPropSvc - ok
17:20:26.0594 9316 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:20:26.0610 9316 circlass - ok
17:20:26.0618 9316 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:20:26.0634 9316 CLFS - ok
17:20:26.0645 9316 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:20:26.0657 9316 clr_optimization_v2.0.50727_32 - ok
17:20:26.0665 9316 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:20:26.0676 9316 clr_optimization_v2.0.50727_64 - ok
17:20:26.0689 9316 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:20:26.0700 9316 clr_optimization_v4.0.30319_32 - ok
17:20:26.0704 9316 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:20:26.0716 9316 clr_optimization_v4.0.30319_64 - ok
17:20:26.0719 9316 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:20:26.0733 9316 CmBatt - ok
17:20:26.0738 9316 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:20:26.0749 9316 cmdide - ok
17:20:26.0759 9316 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:20:26.0784 9316 CNG - ok
17:20:26.0788 9316 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:20:26.0800 9316 Compbatt - ok
17:20:26.0803 9316 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:20:26.0820 9316 CompositeBus - ok
17:20:26.0823 9316 COMSysApp - ok
17:20:26.0831 9316 [ 64704E2956CAFD465DDDD58EEB4ECE81 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:20:26.0845 9316 cphs - ok
17:20:26.0849 9316 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:20:26.0861 9316 crcdisk - ok
17:20:26.0868 9316 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:20:26.0891 9316 CryptSvc - ok
17:20:26.0901 9316 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:20:26.0923 9316 CSC - ok
17:20:26.0935 9316 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:20:26.0961 9316 CscService - ok
17:20:26.0971 9316 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:20:27.0016 9316 DcomLaunch - ok
17:20:27.0023 9316 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:20:27.0063 9316 defragsvc - ok
17:20:27.0069 9316 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:20:27.0105 9316 DfsC - ok
17:20:27.0113 9316 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:20:27.0131 9316 Dhcp - ok
17:20:27.0135 9316 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:20:27.0173 9316 discache - ok
17:20:27.0177 9316 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:20:27.0189 9316 Disk - ok
17:20:27.0193 9316 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:20:27.0208 9316 dmvsc - ok
17:20:27.0213 9316 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:20:27.0229 9316 Dnscache - ok
17:20:27.0235 9316 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:20:27.0273 9316 dot3svc - ok
17:20:27.0283 9316 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
17:20:27.0298 9316 DozeSvc - ok
17:20:27.0304 9316 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:20:27.0342 9316 DPS - ok
17:20:27.0345 9316 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:20:27.0362 9316 drmkaud - ok
17:20:27.0379 9316 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:20:27.0404 9316 DXGKrnl - ok
17:20:27.0408 9316 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
17:20:27.0419 9316 DzHDD64 - ok
17:20:27.0423 9316 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:20:27.0462 9316 EapHost - ok
17:20:27.0500 9316 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:20:27.0548 9316 ebdrv - ok
17:20:27.0552 9316 [ B90BEFCCEB59C83AC65BFD39EF7404F4 ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
17:20:27.0562 9316 ecnssndis - ok
17:20:27.0566 9316 [ 1CF09C0555BE49EFE96B33BDA514A334 ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
17:20:27.0576 9316 ecnssndisfltr - ok
17:20:27.0586 9316 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:20:27.0603 9316 eeCtrl - ok
17:20:27.0607 9316 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:20:27.0621 9316 EFS - ok
17:20:27.0635 9316 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:20:27.0660 9316 ehRecvr - ok
17:20:27.0664 9316 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:20:27.0679 9316 ehSched - ok
17:20:27.0689 9316 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:20:27.0708 9316 elxstor - ok
17:20:27.0713 9316 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:20:27.0724 9316 EraserUtilRebootDrv - ok
17:20:27.0728 9316 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:20:27.0742 9316 ErrDev - ok
17:20:27.0753 9316 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:20:27.0795 9316 EventSystem - ok
17:20:27.0807 9316 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:20:27.0826 9316 EvtEng - ok
17:20:27.0831 9316 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:20:27.0869 9316 exfat - ok
17:20:27.0874 9316 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:20:27.0913 9316 fastfat - ok
17:20:27.0925 9316 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:20:27.0947 9316 Fax - ok
17:20:27.0951 9316 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:20:27.0964 9316 fdc - ok
17:20:27.0968 9316 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:20:28.0005 9316 fdPHost - ok
17:20:28.0009 9316 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:20:28.0046 9316 FDResPub - ok
17:20:28.0050 9316 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:20:28.0062 9316 FileInfo - ok
17:20:28.0066 9316 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:20:28.0103 9316 Filetrace - ok
17:20:28.0108 9316 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:20:28.0121 9316 flpydisk - ok
17:20:28.0129 9316 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:20:28.0144 9316 FltMgr - ok
17:20:28.0163 9316 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:20:28.0189 9316 FontCache - ok
17:20:28.0193 9316 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:20:28.0203 9316 FontCache3.0.0.0 - ok
17:20:28.0207 9316 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:20:28.0219 9316 FsDepends - ok
17:20:28.0225 9316 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:20:28.0235 9316 Fs_Rec - ok
17:20:28.0245 9316 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:20:28.0262 9316 fvevol - ok
17:20:28.0267 9316 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:20:28.0279 9316 gagp30kx - ok
17:20:28.0292 9316 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:20:28.0335 9316 gpsvc - ok
17:20:28.0341 9316 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:20:28.0351 9316 gupdate - ok
17:20:28.0356 9316 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:20:28.0367 9316 gupdatem - ok
17:20:28.0373 9316 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:20:28.0385 9316 gusvc - ok
17:20:28.0396 9316 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:20:28.0417 9316 hcw85cir - ok
17:20:28.0426 9316 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:20:28.0447 9316 HdAudAddService - ok
17:20:28.0453 9316 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:20:28.0469 9316 HDAudBus - ok
17:20:28.0473 9316 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:20:28.0486 9316 HidBatt - ok
17:20:28.0490 9316 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:20:28.0506 9316 HidBth - ok
17:20:28.0510 9316 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:20:28.0525 9316 HidIr - ok
17:20:28.0529 9316 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:20:28.0567 9316 hidserv - ok
17:20:28.0571 9316 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:20:28.0585 9316 HidUsb - ok
17:20:28.0590 9316 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:20:28.0626 9316 hkmsvc - ok
17:20:28.0633 9316 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:20:28.0648 9316 HomeGroupListener - ok
17:20:28.0654 9316 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:20:28.0671 9316 HomeGroupProvider - ok
17:20:28.0675 9316 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:20:28.0687 9316 HpSAMD - ok
17:20:28.0706 9316 [ 1BE48B0542C91487BB8A94BF2278F55D ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:20:28.0731 9316 HPSLPSVC - ok
17:20:28.0744 9316 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:20:28.0786 9316 HTTP - ok
17:20:28.0791 9316 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:20:28.0802 9316 hwpolicy - ok
17:20:28.0807 9316 [ 16A7CA284629A4D002F7B992C9A49EF9 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
17:20:28.0818 9316 HyperW7Svc - ok
17:20:28.0824 9316 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:20:28.0836 9316 i8042prt - ok
17:20:28.0849 9316 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\drivers\iaStor.sys
17:20:28.0868 9316 iaStor - ok
17:20:28.0877 9316 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:20:28.0893 9316 iaStorV - ok
17:20:28.0898 9316 [ 72B253CDBCAA10E88AAD0BA39CC83BCD ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
17:20:28.0909 9316 IBMPMDRV - ok
17:20:28.0913 9316 [ 4925FFB084C9AD02E8EEF01FB18BF5AC ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
17:20:28.0924 9316 IBMPMSVC - ok
17:20:28.0938 9316 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:20:28.0961 9316 idsvc - ok
17:20:28.0974 9316 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20121129.001\IDSvia64.sys
17:20:28.0994 9316 IDSVia64 - ok
17:20:29.0118 9316 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:20:29.0305 9316 igfx - ok
17:20:29.0313 9316 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:20:29.0324 9316 iirsp - ok
17:20:29.0337 9316 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:20:29.0381 9316 IKEEXT - ok
17:20:29.0386 9316 [ 314285071F7117263BD246E35C17FD82 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
17:20:29.0396 9316 intaud_WaveExtensible - ok
17:20:29.0440 9316 [ 4F92A60B04CB8EC7EDFA7717A2E5886A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:20:29.0510 9316 IntcAzAudAddService - ok
17:20:29.0518 9316 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:20:29.0533 9316 IntcDAud - ok
17:20:29.0544 9316 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:20:29.0563 9316 Intel® Capability Licensing Service Interface - ok
17:20:29.0567 9316 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:20:29.0578 9316 intelide - ok
17:20:29.0582 9316 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:20:29.0597 9316 intelppm - ok
17:20:29.0601 9316 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:20:29.0640 9316 IPBusEnum - ok
17:20:29.0644 9316 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:20:29.0679 9316 IpFilterDriver - ok
17:20:29.0689 9316 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:20:29.0708 9316 iphlpsvc - ok
17:20:29.0712 9316 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:20:29.0726 9316 IPMIDRV - ok
17:20:29.0730 9316 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:20:29.0767 9316 IPNAT - ok
17:20:29.0771 9316 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:20:29.0788 9316 IRENUM - ok
17:20:29.0792 9316 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:20:29.0803 9316 isapnp - ok
17:20:29.0809 9316 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:20:29.0824 9316 iScsiPrt - ok
17:20:29.0828 9316 [ 970995B7C36F4408ED31C3BF204FE1F5 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
17:20:29.0839 9316 ISCT - ok
17:20:29.0843 9316 [ 846354992EBB373F452EB9182D501B08 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
17:20:29.0853 9316 iusb3hcs - ok
17:20:29.0861 9316 [ 1D88A23853387D34D52CC8F9DDBFC56C ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
17:20:29.0875 9316 iusb3hub - ok
17:20:29.0889 9316 [ FC5EFD7C797DF19DFB999F0605A7924E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
17:20:29.0910 9316 iusb3xhc - ok
17:20:29.0914 9316 [ 4487AD9C070D3973FE28AB4406555FC6 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
17:20:29.0925 9316 iwdbus - ok
17:20:29.0931 9316 [ 0043D9FB61C35F90886B1E93DD556FAF ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
17:20:29.0943 9316 jhi_service - ok
17:20:29.0947 9316 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:20:29.0958 9316 kbdclass - ok
17:20:29.0964 9316 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:20:29.0977 9316 kbdhid - ok
17:20:29.0981 9316 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:20:29.0994 9316 KeyIso - ok
17:20:29.0998 9316 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:20:30.0010 9316 KSecDD - ok
17:20:30.0015 9316 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:20:30.0029 9316 KSecPkg - ok
17:20:30.0032 9316 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:20:30.0069 9316 ksthunk - ok
17:20:30.0077 9316 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:20:30.0118 9316 KtmRm - ok
17:20:30.0123 9316 [ 3BE0319D6F9D5A0C4DDD037E0E19FFD4 ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys
17:20:30.0133 9316 l36wgps - ok
17:20:30.0139 9316 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:20:30.0178 9316 LanmanServer - ok
17:20:30.0183 9316 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:20:30.0221 9316 LanmanWorkstation - ok
17:20:30.0231 9316 [ 4A0235E9822B220339E34D8C122BB6D1 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
17:20:30.0241 9316 LENOVO.CAMMUTE - ok
17:20:30.0246 9316 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
17:20:30.0255 9316 LENOVO.MICMUTE - ok
17:20:30.0259 9316 [ 93921A19D885755B9751C3744DBCB8FD ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
17:20:30.0269 9316 LENOVO.TPKNRSVC - ok
17:20:30.0273 9316 [ 79F99A4D59825839B7E563B4BCF52C5E ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
17:20:30.0285 9316 LENOVO.TVTVCAM - ok
17:20:30.0289 9316 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
17:20:30.0299 9316 Lenovo.VIRTSCRLSVC - ok
17:20:30.0303 9316 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:20:30.0340 9316 lltdio - ok
17:20:30.0348 9316 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:20:30.0387 9316 lltdsvc - ok
17:20:30.0390 9316 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:20:30.0426 9316 lmhosts - ok
17:20:30.0432 9316 [ 2FB262276D1C689C6886B1C0710342FA ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:20:30.0445 9316 LMS - ok
17:20:30.0452 9316 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:20:30.0464 9316 LSI_FC - ok
17:20:30.0468 9316 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:20:30.0480 9316 LSI_SAS - ok
17:20:30.0485 9316 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:20:30.0497 9316 LSI_SAS2 - ok
17:20:30.0501 9316 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:20:30.0514 9316 LSI_SCSI - ok
17:20:30.0518 9316 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:20:30.0556 9316 luafv - ok
17:20:30.0561 9316 [ 0CC0E238C431F699C13FD47202B7E265 ] MacheenService C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
17:20:30.0571 9316 MacheenService - ok
17:20:30.0580 9316 [ 62732AF9512B911C330ACBBDBCC2F284 ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
17:20:30.0596 9316 Mbm3CBus - ok
17:20:30.0605 9316 [ BDC2D259CA9CFCED092B3B0B8557322D ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
17:20:30.0621 9316 Mbm3DevMt - ok
17:20:30.0625 9316 [ E55689A5E9349182C24312EFC9DF09FB ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
17:20:30.0634 9316 Mbm3mdfl - ok
17:20:30.0644 9316 [ FC1059C857D7B1083086BE04DB5EE09C ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
17:20:30.0660 9316 Mbm3Mdm - ok
17:20:30.0665 9316 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:20:30.0681 9316 Mcx2Svc - ok
17:20:30.0685 9316 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:20:30.0696 9316 megasas - ok
17:20:30.0703 9316 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:20:30.0718 9316 MegaSR - ok
17:20:30.0722 9316 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:20:30.0732 9316 MEIx64 - ok
17:20:30.0742 9316 Microsoft SharePoint Workspace Audit Service - ok
17:20:30.0746 9316 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:20:30.0783 9316 MMCSS - ok
17:20:30.0787 9316 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:20:30.0823 9316 Modem - ok
17:20:30.0827 9316 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:20:30.0842 9316 monitor - ok
17:20:30.0846 9316 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:20:30.0858 9316 mouclass - ok
17:20:30.0861 9316 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
17:20:30.0874 9316 mouhid - ok
17:20:30.0878 9316 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:20:30.0890 9316 mountmgr - ok
17:20:30.0895 9316 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:20:30.0908 9316 mpio - ok
17:20:30.0912 9316 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:20:30.0948 9316 mpsdrv - ok
17:20:30.0962 9316 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:20:31.0007 9316 MpsSvc - ok
17:20:31.0011 9316 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:20:31.0031 9316 MRxDAV - ok
17:20:31.0036 9316 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:20:31.0051 9316 mrxsmb - ok
17:20:31.0058 9316 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:20:31.0073 9316 mrxsmb10 - ok
17:20:31.0078 9316 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:20:31.0091 9316 mrxsmb20 - ok
17:20:31.0094 9316 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:20:31.0106 9316 msahci - ok
17:20:31.0111 9316 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:20:31.0124 9316 msdsm - ok
17:20:31.0128 9316 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:20:31.0145 9316 MSDTC - ok
17:20:31.0152 9316 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:20:31.0188 9316 Msfs - ok
17:20:31.0191 9316 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:20:31.0228 9316 mshidkmdf - ok
17:20:31.0231 9316 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:20:31.0243 9316 msisadrv - ok
17:20:31.0248 9316 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:20:31.0287 9316 MSiSCSI - ok
17:20:31.0290 9316 msiserver - ok
17:20:31.0293 9316 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:20:31.0331 9316 MSKSSRV - ok
17:20:31.0334 9316 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:20:31.0371 9316 MSPCLOCK - ok
17:20:31.0374 9316 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:20:31.0411 9316 MSPQM - ok
17:20:31.0419 9316 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:20:31.0435 9316 MsRPC - ok
17:20:31.0441 9316 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:20:31.0452 9316 mssmbios - ok
17:20:31.0455 9316 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:20:31.0491 9316 MSTEE - ok
17:20:31.0494 9316 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:20:31.0507 9316 MTConfig - ok
17:20:31.0511 9316 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:20:31.0522 9316 Mup - ok
17:20:31.0529 9316 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:20:31.0541 9316 MyWiFiDHCPDNS - ok
17:20:31.0550 9316 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe
17:20:31.0562 9316 N360 - ok
17:20:31.0571 9316 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:20:31.0612 9316 napagent - ok
17:20:31.0619 9316 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:20:31.0640 9316 NativeWifiP - ok
17:20:31.0646 9316 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20121129.023\ENG64.SYS
17:20:31.0657 9316 NAVENG - ok
17:20:31.0684 9316 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20121129.023\EX64.SYS
17:20:31.0731 9316 NAVEX15 - ok
17:20:31.0748 9316 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:20:31.0772 9316 NDIS - ok
17:20:31.0776 9316 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:20:31.0813 9316 NdisCap - ok
17:20:31.0817 9316 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:20:31.0853 9316 NdisTapi - ok
17:20:31.0856 9316 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:20:31.0892 9316 Ndisuio - ok
17:20:31.0897 9316 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:20:31.0933 9316 NdisWan - ok
17:20:31.0937 9316 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:20:31.0973 9316 NDProxy - ok
17:20:31.0977 9316 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:20:31.0983 9316 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:20:31.0983 9316 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:20:31.0988 9316 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:20:32.0025 9316 NetBIOS - ok
17:20:32.0030 9316 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:20:32.0067 9316 NetBT - ok
17:20:32.0071 9316 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:20:32.0083 9316 Netlogon - ok
17:20:32.0091 9316 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:20:32.0131 9316 Netman - ok
17:20:32.0141 9316 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:20:32.0152 9316 NetMsmqActivator - ok
17:20:32.0156 9316 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:20:32.0167 9316 NetPipeActivator - ok
17:20:32.0175 9316 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:20:32.0216 9316 netprofm - ok
17:20:32.0220 9316 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:20:32.0231 9316 NetTcpActivator - ok
17:20:32.0235 9316 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:20:32.0245 9316 NetTcpPortSharing - ok
17:20:32.0352 9316 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
17:20:32.0484 9316 NETwNs64 - ok
17:20:32.0492 9316 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:20:32.0503 9316 nfrd960 - ok
17:20:32.0510 9316 [ AA3C4C56AF06B096D5684909A65CE79E ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
17:20:32.0522 9316 NitroDriverReadSpool2 - ok
17:20:32.0530 9316 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:20:32.0545 9316 NlaSvc - ok
17:20:32.0566 9316 [ 7A9E829922444DBDF680DFCC5A45F8AF ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
17:20:32.0575 9316 nlsX86cc - ok
17:20:32.0579 9316 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:20:32.0615 9316 Npfs - ok
17:20:32.0618 9316 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:20:32.0655 9316 nsi - ok
17:20:32.0658 9316 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:20:32.0695 9316 nsiproxy - ok
17:20:32.0720 9316 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:20:32.0756 9316 Ntfs - ok
17:20:32.0760 9316 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:20:32.0796 9316 Null - ok
17:20:32.0801 9316 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:20:32.0815 9316 nvraid - ok
17:20:32.0820 9316 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:20:32.0833 9316 nvstor - ok
17:20:32.0837 9316 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:20:32.0850 9316 nv_agp - ok
17:20:32.0855 9316 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:20:32.0868 9316 ohci1394 - ok
17:20:32.0874 9316 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:20:32.0885 9316 ose - ok
17:20:32.0938 9316 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:20:33.0023 9316 osppsvc - ok
17:20:33.0033 9316 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:20:33.0051 9316 p2pimsvc - ok
17:20:33.0060 9316 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:20:33.0078 9316 p2psvc - ok
17:20:33.0083 9316 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:20:33.0097 9316 Parport - ok
17:20:33.0101 9316 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:20:33.0114 9316 partmgr - ok
17:20:33.0119 9316 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:20:33.0140 9316 PcaSvc - ok
17:20:33.0146 9316 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:20:33.0159 9316 pci - ok
17:20:33.0162 9316 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:20:33.0174 9316 pciide - ok
17:20:33.0180 9316 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:20:33.0194 9316 pcmcia - ok
17:20:33.0198 9316 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:20:33.0210 9316 pcw - ok
17:20:33.0220 9316 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:20:33.0265 9316 PEAUTH - ok
17:20:33.0285 9316 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:20:33.0315 9316 PeerDistSvc - ok
17:20:33.0320 9316 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:20:33.0335 9316 PerfHost - ok
17:20:33.0343 9316 [ B4C1BF666DBD6899EC4A9A499DAA040B ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
17:20:33.0353 9316 PHCORE - ok
17:20:33.0374 9316 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:20:33.0426 9316 pla - ok
17:20:33.0435 9316 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:20:33.0454 9316 PlugPlay - ok
17:20:33.0458 9316 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:20:33.0465 9316 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:20:33.0465 9316 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:20:33.0470 9316 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:20:33.0484 9316 PNRPAutoReg - ok
17:20:33.0491 9316 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:20:33.0508 9316 PNRPsvc - ok
17:20:33.0517 9316 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:20:33.0559 9316 PolicyAgent - ok
17:20:33.0566 9316 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
17:20:33.0583 9316 Power - ok
17:20:33.0609 9316 [ DEED60F99C5B8E386D507860F600D509 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
17:20:33.0644 9316 Power Manager DBC Service - ok
17:20:33.0648 9316 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:20:33.0685 9316 PptpMiniport - ok
17:20:33.0690 9316 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:20:33.0704 9316 Processor - ok
17:20:33.0710 9316 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:20:33.0726 9316 ProfSvc - ok
17:20:33.0730 9316 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:20:33.0743 9316 ProtectedStorage - ok
17:20:33.0747 9316 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
17:20:33.0756 9316 psadd - ok
17:20:33.0761 9316 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:20:33.0797 9316 Psched - ok
17:20:33.0820 9316 [ 68DCE950DCD2ABBB82362D383EC5836E ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
17:20:33.0854 9316 PwmEWSvc - ok
17:20:33.0860 9316 [ C8DA4746D1C87FE3E5DCC3CE86218B62 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
17:20:33.0866 9316 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
17:20:33.0866 9316 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
17:20:33.0870 9316 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
17:20:33.0875 9316 QBFCService ( UnsignedFile.Multi.Generic ) - warning
17:20:33.0875 9316 QBFCService - detected UnsignedFile.Multi.Generic (1)
17:20:33.0896 9316 [ A0EC711150D3E41539FE0542F7954341 ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
17:20:33.0917 9316 QBVSS ( UnsignedFile.Multi.Generic ) - warning
17:20:33.0917 9316 QBVSS - detected UnsignedFile.Multi.Generic (1)
17:20:33.0940 9316 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:20:33.0974 9316 ql2300 - ok
17:20:33.0979 9316 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:20:33.0991 9316 ql40xx - ok
17:20:33.0997 9316 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:20:34.0018 9316 QWAVE - ok
17:20:34.0021 9316 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:20:34.0039 9316 QWAVEdrv - ok
17:20:34.0097 9316 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:20:34.0156 9316 RasAcd - ok
17:20:34.0160 9316 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:20:34.0200 9316 RasAgileVpn - ok
17:20:34.0205 9316 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:20:34.0249 9316 RasAuto - ok
17:20:34.0253 9316 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:20:34.0293 9316 Rasl2tp - ok
17:20:34.0302 9316 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:20:34.0341 9316 RasMan - ok
17:20:34.0346 9316 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:20:34.0383 9316 RasPppoe - ok
17:20:34.0387 9316 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:20:34.0424 9316 RasSstp - ok
17:20:34.0431 9316 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:20:34.0469 9316 rdbss - ok
17:20:34.0472 9316 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:20:34.0487 9316 rdpbus - ok
17:20:34.0492 9316 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:20:34.0528 9316 RDPCDD - ok
17:20:34.0535 9316 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:20:34.0549 9316 RDPDR - ok
17:20:34.0552 9316 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:20:34.0588 9316 RDPENCDD - ok
17:20:34.0593 9316 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:20:34.0629 9316 RDPREFMP - ok
17:20:34.0634 9316 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:20:34.0648 9316 RDPWD - ok
17:20:34.0654 9316 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:20:34.0669 9316 rdyboost - ok
17:20:34.0674 9316 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:20:34.0684 9316 RegSrvc - ok
17:20:34.0689 9316 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:20:34.0727 9316 RemoteAccess - ok
17:20:34.0733 9316 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:20:34.0771 9316 RemoteRegistry - ok
17:20:34.0776 9316 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:20:34.0794 9316 RFCOMM - ok
17:20:34.0798 9316 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
17:20:34.0811 9316 risdxc - ok
17:20:34.0815 9316 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:20:34.0854 9316 RpcEptMapper - ok
17:20:34.0857 9316 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:20:34.0872 9316 RpcLocator - ok
17:20:34.0881 9316 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:20:34.0923 9316 RpcSs - ok
17:20:34.0927 9316 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:20:34.0964 9316 rspndr - ok
17:20:34.0968 9316 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:20:34.0981 9316 s3cap - ok
17:20:34.0984 9316 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:20:34.0998 9316 SamSs - ok
17:20:35.0002 9316 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:20:35.0014 9316 sbp2port - ok
17:20:35.0020 9316 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:20:35.0059 9316 SCardSvr - ok
17:20:35.0063 9316 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:20:35.0099 9316 scfilter - ok
17:20:35.0116 9316 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:20:35.0165 9316 Schedule - ok
17:20:35.0169 9316 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:20:35.0204 9316 SCPolicySvc - ok
17:20:35.0209 9316 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:20:35.0225 9316 SDRSVC - ok
17:20:35.0229 9316 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:20:35.0265 9316 secdrv - ok
17:20:35.0269 9316 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:20:35.0304 9316 seclogon - ok
17:20:35.0308 9316 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:20:35.0346 9316 SENS - ok
17:20:35.0350 9316 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:20:35.0366 9316 SensrSvc - ok
17:20:35.0369 9316 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:20:35.0384 9316 Serenum - ok
17:20:35.0388 9316 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:20:35.0402 9316 Serial - ok
17:20:35.0407 9316 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:20:35.0421 9316 sermouse - ok
17:20:35.0431 9316 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:20:35.0469 9316 SessionEnv - ok
17:20:35.0472 9316 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:20:35.0489 9316 sffdisk - ok
17:20:35.0492 9316 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:20:35.0508 9316 sffp_mmc - ok
17:20:35.0512 9316 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:20:35.0529 9316 sffp_sd - ok
17:20:35.0532 9316 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:20:35.0545 9316 sfloppy - ok
17:20:35.0553 9316 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:20:35.0593 9316 SharedAccess - ok
17:20:35.0601 9316 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:20:35.0642 9316 ShellHWDetection - ok
17:20:35.0649 9316 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:20:35.0661 9316 SiSRaid2 - ok
17:20:35.0665 9316 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:20:35.0677 9316 SiSRaid4 - ok
17:20:35.0682 9316 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:20:35.0720 9316 Smb - ok
17:20:35.0724 9316 [ 8B4B5E4C0382D7ECBB48DC989AE20FA6 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
17:20:35.0734 9316 SmbDrvI - ok
17:20:35.0738 9316 [ 3BC2844AF786CA422CC31D505ACFA9F2 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
17:20:35.0748 9316 smihlp - ok
17:20:35.0755 9316 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:20:35.0771 9316 SNMPTRAP - ok
17:20:35.0774 9316 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:20:35.0786 9316 spldr - ok
17:20:35.0797 9316 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:20:35.0817 9316 Spooler - ok
17:20:35.0857 9316 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:20:35.0930 9316 sppsvc - ok
17:20:35.0935 9316 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:20:35.0972 9316 sppuinotify - ok
17:20:36.0006 9316 [ 69287F362738E7AB9EEF98ECF34D7335 ] SPUVCbv C:\Windows\system32\Drivers\SPUVCbv_x64.sys
17:20:36.0060 9316 SPUVCbv - ok
17:20:36.0074 9316 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\system32\drivers\N360x64\1402000.013\SRTSP64.SYS
17:20:36.0095 9316 SRTSP - ok
17:20:36.0099 9316 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS
17:20:36.0108 9316 SRTSPX - ok
17:20:36.0119 9316 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:20:36.0137 9316 srv - ok
17:20:36.0146 9316 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:20:36.0163 9316 srv2 - ok
17:20:36.0168 9316 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:20:36.0182 9316 srvnet - ok
17:20:36.0188 9316 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:20:36.0229 9316 SSDPSRV - ok
17:20:36.0234 9316 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:20:36.0272 9316 SstpSvc - ok
17:20:36.0275 9316 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:20:36.0286 9316 stexstor - ok
17:20:36.0289 9316 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:20:36.0306 9316 StillCam - ok
17:20:36.0316 9316 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:20:36.0341 9316 stisvc - ok
17:20:36.0345 9316 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:20:36.0356 9316 storflt - ok
17:20:36.0360 9316 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:20:36.0374 9316 StorSvc - ok
17:20:36.0378 9316 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:20:36.0389 9316 storvsc - ok
17:20:36.0395 9316 [ C5AEDE68CEED66BC1A030E1E535B5B4C ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
17:20:36.0405 9316 SUService - ok
17:20:36.0411 9316 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:20:36.0424 9316 swenum - ok
17:20:36.0434 9316 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:20:36.0477 9316 swprv - ok
17:20:36.0487 9316 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS
17:20:36.0504 9316 SymDS - ok
17:20:36.0522 9316 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS
17:20:36.0548 9316 SymEFA - ok
17:20:36.0554 9316 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:20:36.0566 9316 SymEvent - ok
17:20:36.0572 9316 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS
17:20:36.0584 9316 SymIRON - ok
17:20:36.0593 9316 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\system32\drivers\N360x64\1402000.013\SYMNETS.SYS
17:20:36.0609 9316 SymNetS - ok
17:20:36.0619 9316 [ 9A17BF37F3B2FB9B686214780E4F8223 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:20:36.0635 9316 SynTP - ok
17:20:36.0660 9316 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:20:36.0699 9316 SysMain - ok
17:20:36.0703 9316 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:20:36.0723 9316 TabletInputService - ok
17:20:36.0731 9316 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:20:36.0771 9316 TapiSrv - ok
17:20:36.0775 9316 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:20:36.0813 9316 TBS - ok
17:20:36.0982 9316 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:20:37.0043 9316 Tcpip - ok
17:20:37.0075 9316 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:20:37.0132 9316 TCPIP6 - ok
17:20:37.0140 9316 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:20:37.0159 9316 tcpipreg - ok
17:20:37.0166 9316 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:20:37.0185 9316 TDPIPE - ok
17:20:37.0189 9316 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:20:37.0208 9316 TDTCP - ok
17:20:37.0215 9316 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:20:37.0265 9316 tdx - ok
17:20:37.0268 9316 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:20:37.0280 9316 TermDD - ok
17:20:37.0293 9316 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:20:37.0337 9316 TermService - ok
17:20:37.0341 9316 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:20:37.0360 9316 Themes - ok
17:20:37.0378 9316 [ F5C7A3BAA91A5305EBC46EA441CD52F7 ] ThinkVantage Registry Monitor Service C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
17:20:37.0395 9316 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - warning
17:20:37.0395 9316 ThinkVantage Registry Monitor Service - detected UnsignedFile.Multi.Generic (1)
17:20:37.0400 9316 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:20:37.0437 9316 THREADORDER - ok
17:20:37.0442 9316 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
17:20:37.0453 9316 TPHKLOAD - ok
17:20:37.0457 9316 [ 046A7B412E4E6C4A7B426441E143F0F2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
17:20:37.0469 9316 TPHKSVC - ok
17:20:37.0473 9316 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
17:20:37.0487 9316 TPM - ok
17:20:37.0490 9316 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
17:20:37.0501 9316 TPPWRIF - ok
17:20:37.0506 9316 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:20:37.0545 9316 TrkWks - ok
17:20:37.0550 9316 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:20:37.0586 9316 TrustedInstaller - ok
17:20:37.0591 9316 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:20:37.0627 9316 tssecsrv - ok
17:20:37.0631 9316 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:20:37.0643 9316 TsUsbFlt - ok
17:20:37.0647 9316 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:20:37.0660 9316 TsUsbGD - ok
17:20:37.0665 9316 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:20:37.0702 9316 tunnel - ok
17:20:37.0725 9316 [ D3D473C0DD8BAC37FADD6419362907E2 ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
17:20:37.0755 9316 TVT Backup Service - ok
17:20:37.0760 9316 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
17:20:37.0769 9316 TVTI2C - ok
17:20:37.0774 9316 [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
17:20:37.0784 9316 tvtvcamd - ok
17:20:37.0788 9316 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:20:37.0800 9316 uagp35 - ok
17:20:37.0807 9316 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:20:37.0847 9316 udfs - ok
17:20:37.0854 9316 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:20:37.0869 9316 UI0Detect - ok
17:20:37.0874 9316 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:20:37.0885 9316 uliagpkx - ok
17:20:37.0889 9316 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:20:37.0903 9316 umbus - ok
17:20:37.0907 9316 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:20:37.0921 9316 UmPass - ok
17:20:37.0927 9316 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:20:37.0943 9316 UmRdpService - ok
17:20:37.0952 9316 [ CABEC311CEA77EAEA3DC04A1ADFC0459 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:20:37.0967 9316 UNS - ok
17:20:37.0975 9316 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:20:38.0016 9316 upnphost - ok
17:20:38.0021 9316 [ 6CC0985C3BB5931F73FF0846E06A9483 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:20:38.0034 9316 usbccgp - ok
17:20:38.0038 9316 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:20:38.0054 9316 usbcir - ok
17:20:38.0058 9316 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:20:38.0071 9316 usbehci - ok
17:20:38.0078 9316 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:20:38.0093 9316 usbhub - ok
17:20:38.0097 9316 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:20:38.0109 9316 usbohci - ok
17:20:38.0112 9316 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:20:38.0128 9316 usbprint - ok
17:20:38.0132 9316 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:20:38.0145 9316 USBSTOR - ok
17:20:38.0148 9316 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:20:38.0159 9316 usbuhci - ok
17:20:38.0165 9316 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:20:38.0181 9316 usbvideo - ok
17:20:38.0184 9316 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:20:38.0222 9316 UxSms - ok
17:20:38.0226 9316 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:20:38.0239 9316 VaultSvc - ok
17:20:38.0242 9316 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:20:38.0253 9316 vdrvroot - ok
17:20:38.0263 9316 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:20:38.0303 9316 vds - ok
17:20:38.0307 9316 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:20:38.0321 9316 vga - ok
17:20:38.0325 9316 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:20:38.0361 9316 VgaSave - ok
17:20:38.0366 9316 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:20:38.0380 9316 vhdmp - ok
17:20:38.0384 9316 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:20:38.0394 9316 viaide - ok
17:20:38.0399 9316 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
17:20:38.0409 9316 VIPAppService - ok
17:20:38.0416 9316 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:20:38.0429 9316 vmbus - ok
17:20:38.0433 9316 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:20:38.0445 9316 VMBusHID - ok
17:20:38.0452 9316 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:20:38.0468 9316 volmgr - ok
17:20:38.0477 9316 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:20:38.0496 9316 volmgrx - ok
17:20:38.0503 9316 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:20:38.0518 9316 volsnap - ok
17:20:38.0523 9316 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:20:38.0536 9316 vsmraid - ok
17:20:38.0557 9316 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:20:38.0610 9316 VSS - ok
17:20:38.0614 9316 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:20:38.0629 9316 vwifibus - ok
17:20:38.0633 9316 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:20:38.0651 9316 vwififlt - ok
17:20:38.0654 9316 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:20:38.0670 9316 vwifimp - ok
17:20:38.0678 9316 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:20:38.0718 9316 W32Time - ok
17:20:38.0723 9316 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:20:38.0736 9316 WacomPen - ok
17:20:38.0740 9316 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:20:38.0775 9316 WANARP - ok
17:20:38.0779 9316 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:20:38.0813 9316 Wanarpv6 - ok
17:20:38.0834 9316 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:20:38.0863 9316 WatAdminSvc - ok
17:20:38.0885 9316 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:20:38.0915 9316 wbengine - ok
17:20:38.0921 9316 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:20:38.0942 9316 WbioSrvc - ok
17:20:38.0950 9316 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:20:38.0973 9316 wcncsvc - ok
17:20:38.0978 9316 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:20:38.0992 9316 WcsPlugInService - ok
17:20:38.0996 9316 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:20:39.0007 9316 Wd - ok
17:20:39.0020 9316 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:20:39.0044 9316 Wdf01000 - ok
17:20:39.0048 9316 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:20:39.0084 9316 WdiServiceHost - ok
17:20:39.0087 9316 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:20:39.0106 9316 WdiSystemHost - ok
17:20:39.0113 9316 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:20:39.0135 9316 WebClient - ok
17:20:39.0162 9316 [ 507D80C0ACCC3B4FC123BD99D0AF3F97 ] WebUpdate4 C:\Windows\SysWOW64\WebUpdateSvc4.exe
17:20:39.0175 9316 WebUpdate4 - ok
17:20:39.0265 9316 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:20:39.0330 9316 Wecsvc - ok
17:20:39.0336 9316 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:20:39.0395 9316 wercplsupport - ok
17:20:39.0402 9316 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:20:39.0455 9316 WerSvc - ok
17:20:39.0459 9316 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:20:39.0495 9316 WfpLwf - ok
17:20:39.0498 9316 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:20:39.0510 9316 WIMMount - ok
17:20:39.0512 9316 WinDefend - ok
17:20:39.0520 9316 WinHttpAutoProxySvc - ok
17:20:39.0533 9316 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:20:39.0573 9316 Winmgmt - ok
17:20:39.0602 9316 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:20:39.0660 9316 WinRM - ok
17:20:39.0667 9316 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
17:20:39.0682 9316 WinUsb - ok
17:20:39.0697 9316 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:20:39.0725 9316 Wlansvc - ok
17:20:39.0729 9316 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:20:39.0739 9316 wlcrasvc - ok
17:20:39.0768 9316 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:20:39.0812 9316 wlidsvc - ok
17:20:39.0816 9316 WMCoreService - ok
17:20:39.0820 9316 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:20:39.0834 9316 WmiAcpi - ok
17:20:39.0842 9316 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:20:39.0858 9316 wmiApSrv - ok
17:20:39.0861 9316 WMPNetworkSvc - ok
17:20:39.0865 9316 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:20:39.0880 9316 WPCSvc - ok
17:20:39.0884 9316 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:20:39.0901 9316 WPDBusEnum - ok
17:20:39.0905 9316 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:20:39.0941 9316 ws2ifsl - ok
17:20:39.0945 9316 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:20:39.0966 9316 wscsvc - ok
17:20:39.0969 9316 WSearch - ok
17:20:40.0002 9316 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:20:40.0050 9316 wuauserv - ok
17:20:40.0055 9316 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:20:40.0068 9316 WudfPf - ok
17:20:40.0074 9316 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:20:40.0088 9316 WUDFRd - ok
17:20:40.0092 9316 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:20:40.0107 9316 wudfsvc - ok
17:20:40.0113 9316 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:20:40.0134 9316 WwanSvc - ok
17:20:40.0141 9316 [ 747DA6EE261B3760201D7738E0FD59B8 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
17:20:40.0155 9316 WwanUsbServ - ok
17:20:40.0190 9316 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
17:20:40.0242 9316 ZeroConfigService - ok
17:20:40.0251 9316 ================ Scan global ===============================
17:20:40.0254 9316 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:20:40.0260 9316 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:20:40.0268 9316 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:20:40.0273 9316 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:20:40.0280 9316 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:20:40.0284 9316 [Global] - ok
17:20:40.0284 9316 ================ Scan MBR ==================================
17:20:40.0286 9316 [ 5265B2FB322D339F69B451E926A569F1 ] \Device\Harddisk0\DR0
17:20:40.0425 9316 \Device\Harddisk0\DR0 - ok
17:20:40.0430 9316 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
17:20:42.0960 9316 \Device\Harddisk1\DR3 - ok
17:20:42.0961 9316 ================ Scan VBR ==================================
17:20:42.0964 9316 [ 99F00E601D25F991A360116855C3631C ] \Device\Harddisk0\DR0\Partition1
17:20:42.0966 9316 \Device\Harddisk0\DR0\Partition1 - ok
17:20:42.0970 9316 [ B9B0C3E23FACFEE17B8A06E4EF3A5B62 ] \Device\Harddisk0\DR0\Partition2
17:20:42.0972 9316 \Device\Harddisk0\DR0\Partition2 - ok
17:20:42.0975 9316 [ A3E9E76F75C2C54AB55696E41E35F35E ] \Device\Harddisk0\DR0\Partition3
17:20:42.0977 9316 \Device\Harddisk0\DR0\Partition3 - ok
17:20:42.0982 9316 [ 5CEA9834DD940368DFDD2CB7E72A29A1 ] \Device\Harddisk1\DR3\Partition1
17:20:42.0984 9316 \Device\Harddisk1\DR3\Partition1 - ok
17:20:42.0984 9316 ============================================================
17:20:42.0984 9316 Scan finished
17:20:42.0984 9316 ============================================================
17:20:42.0992 11804 Detected object count: 6
17:20:42.0992 11804 Actual detected object count: 6
17:21:44.0160 11804 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:21:44.0160 11804 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:21:44.0161 11804 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:21:44.0161 11804 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:21:44.0162 11804 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
17:21:44.0162 11804 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:21:44.0164 11804 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
17:21:44.0164 11804 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:21:44.0165 11804 QBVSS ( UnsignedFile.Multi.Generic ) - skipped by user
17:21:44.0165 11804 QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:21:44.0167 11804 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:21:44.0167 11804 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#6
Essexboy
Posted 22 January 2013 - 08:26 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK looks as though I was wrong on that one

Download the following to a USB drive and then copy to the desktop of the affected system

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#7
Essexboy
Posted 27 January 2013 - 04:22 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP