Jump to content

Please help remove redirect virus...pc novice


Recommended Posts

I have two issues which could stem from the same virus?

1. Each website I try to visit is redirected to another website.

2. Non-solicated Ads/ Commericals play in the background. Don't see any odd processes running.

Please help!

Link to post
Share on other sites

  • Staff

Please run the following:

Please download TDSSKiller.zip

  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • As we are only looking for a log of what is on the machine right now > choose to skip whatever is found
    • Then click Continue > Reboot now

    [*]Copy and paste the log in your next reply

    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

Link to post
Share on other sites

  • Staff

Please do the following:

download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to the disclaimer.

[*]Place a check next to List Drivers MD5 as well as the default check marks that are already there

[*]Press Scan button.

[*]FRST will let you know when the scan is complete and has written the FRST.txt to file, close out this message, then type the following into the search box:

services.exe

[*]now press the search button

[*]when the search is complete, search.txt will also be written to your USB

[*]type exit and reboot the computer normally

[*]please copy and paste both logs in your reply.(FRST.txt and Search.txt)

Link to post
Share on other sites

  • Staff

Please post to the topic rather than a PM, thanks

Please run the following:

  • Download RogueKiller and save it to your desktop.
  • Quit all other programs
  • Start RogueKiller.exe
  • Wait until the Prescan has finished ...
  • Click on Scan
    RGKRScan.png
  • Wait for the end of the scan
  • A report will be created on your desktop.
  • Click on the Delete button
    RGKRDelete.png
  • Next click on the ShortcutsFix
    RGKRShortcutsFix.png
  • another report will be created on your desktop.

Please post: All RKreport.txt text files located on your desktop.

Link to post
Share on other sites

There were (3) reports. They are as folloows:

RogueKiller V8.0.2 [08/31/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : chris [Admin rights]

Mode : Scan -- Date : 09/13/2012 08:52:08

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] AutoLogon.exe -- C:\Users\chris\AppData\Roaming\AutoLogon for Microsoft Outlook\AutoLogon.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 8 ¤¤¤

[sTARTUP][sUSP PATH] AutoLogon for Microsoft Outlook.lnk @chris : C:\Users\chris\AppData\Roaming\AutoLogon for Microsoft Outlook\AutoLogon.exe -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowVideos (0) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: System +++++

--- User ---

[MBR] 536dab117664754d13616c5fed007a4e

[bSP] 4d83e757dcf681bc811b8d21753e93b7 : Windows 7 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953751 Mo

User != LL1 ... KO!

--- LL1 ---

[MBR] fb74d40a3fcd0f3d02e6f18c4e6d2cec

[bSP] 4d83e757dcf681bc811b8d21753e93b7 : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953751 Mo

2 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 1953488896 | Size: 10 Mo

Error reading LL2 MBR!

Finished : << RKreport[1].txt >>

RKreport[1].txt

RogueKiller V8.0.2 [08/31/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : chris [Admin rights]

Mode : Remove -- Date : 09/13/2012 08:53:09

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] AutoLogon.exe -- C:\Users\chris\AppData\Roaming\AutoLogon for Microsoft Outlook\AutoLogon.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 8 ¤¤¤

[sTARTUP][sUSP PATH] AutoLogon for Microsoft Outlook.lnk @chris : C:\Users\chris\AppData\Roaming\AutoLogon for Microsoft Outlook\AutoLogon.exe -> DELETED

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowVideos (0) -> REPLACED (1)

[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: System +++++

--- User ---

[MBR] 536dab117664754d13616c5fed007a4e

[bSP] 4d83e757dcf681bc811b8d21753e93b7 : Windows 7 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953751 Mo

User != LL1 ... KO!

--- LL1 ---

[MBR] fb74d40a3fcd0f3d02e6f18c4e6d2cec

[bSP] 4d83e757dcf681bc811b8d21753e93b7 : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953751 Mo

2 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 1953488896 | Size: 10 Mo

Error reading LL2 MBR!

Finished : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

RogueKiller V8.0.2 [08/31/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : chris [Admin rights]

Mode : Shortcuts HJfix -- Date : 09/13/2012 08:54:47

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] AutoLogon.exe -- C:\Users\chris\AppData\Roaming\AutoLogon for Microsoft Outlook\AutoLogon.exe -> KILLED [TermProc]

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤

Desktop: Success 2 / Fail 0

Quick launch: Success 15 / Fail 0

Programs: Success 6 / Fail 0

Start menu: Success 1 / Fail 0

User folder: Success 12297 / Fail 0

My documents: Success 0 / Fail 0

My favorites: Success 3 / Fail 0

My pictures: Success 0 / Fail 0

My music: Success 696 / Fail 0

My videos: Success 0 / Fail 0

Local drives: Success 13921 / Fail 0

Backup: [FOUND] Success 29 / Fail 0 / Exists 147

Drives:

[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored

[D:] \Device\CdRom0 -- 0x5 --> Skipped

¤¤¤ Infection : Root.MBR ¤¤¤

Finished : << RKreport[3].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

Link to post
Share on other sites

  • Staff

you have a hidden malware partition that we need to deactivate, then remove

please run the following:

Please download: gparted-live.iso (115.1 MB)

Create a bootable CD, for Gparted from the ISO image.

You can use ImgBurn do this.

Now boot off of the newly created Gparted CD.

You should be here... Press ENTER

Gpart-Start.GIF

By default, "do not touch keymap" is highlighted.

Gpart-keyselect.GIF

Leave this setting alone and just press ENTER.

Gpart-continue.GIF

Choose your language and press ENTER. English is default [33]

At the mode prompt enter 0, press ENTER

You will now be taken to the main GUI screen below

Gpart-partitions.GIF

According to your logs, the partition that you want to delete is 10 MB

Right click this partition and select delete .

GPart-delete.GIF

The Partition has gone

Now select Apply

Now you should be here:

Areyousure.GIF

Select Apply after double checking that the right partition was deleted

Is "boot" next to your 100Mb system drive?

If "boot" is not next to your 100Mb System drive under "Flags", right-mouse click the OS drive while in Gparted and select Manage Flags

GPart-flags.GIF

In the menu that pops up, place a checkmark in boot like the picture below, then close :

GPart-bootflag.GIF

Under File select Quit

Gpart-quit.GIF

You will see this small Popup

Gpart-reboot.GIF

Choose reboot and then press OK.

Let me know if you have any difficulties with these instructions

Link to post
Share on other sites

Ok. I beleive I was able to complete all of that those steps correctly. A pop-up box remained on the screen that stated:

" Libparted Bug Found!

Could not stat device /dev/md/system

-No such file directory."

However, I was still able to completely perform all of the tasks.

Link to post
Share on other sites

The report is below. Also, I hit "skip" after the scan. I did not delete the "virus" yet.

09:43:16.0528 0936 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

09:43:17.0011 0936 ============================================================

09:43:17.0011 0936 Current date / time: 2012/09/14 09:43:17.0011

09:43:17.0011 0936 SystemInfo:

09:43:17.0011 0936

09:43:17.0011 0936 OS Version: 6.1.7601 ServicePack: 1.0

09:43:17.0011 0936 Product type: Workstation

09:43:17.0011 0936 ComputerName: CHRIS

09:43:17.0011 0936 UserName: chris

09:43:17.0011 0936 Windows directory: C:\Windows

09:43:17.0011 0936 System windows directory: C:\Windows

09:43:17.0011 0936 Running under WOW64

09:43:17.0011 0936 Processor architecture: Intel x64

09:43:17.0011 0936 Number of processors: 8

09:43:17.0011 0936 Page size: 0x1000

09:43:17.0011 0936 Boot type: Normal boot

09:43:17.0011 0936 ============================================================

09:43:18.0150 0936 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:43:18.0150 0936 ============================================================

09:43:18.0150 0936 \Device\Harddisk0\DR0:

09:43:18.0150 0936 MBR partitions:

09:43:18.0150 0936 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

09:43:18.0150 0936 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746CB800

09:43:18.0150 0936 ============================================================

09:43:18.0166 0936 C: <-> \Device\Harddisk0\DR0\Partition2

09:43:18.0166 0936 ============================================================

09:43:18.0166 0936 Initialize success

09:43:18.0166 0936 ============================================================

09:43:27.0980 1052 ============================================================

09:43:27.0980 1052 Scan started

09:43:27.0980 1052 Mode: Manual;

09:43:27.0980 1052 ============================================================

09:43:28.0073 1052 ================ Scan system memory ========================

09:43:28.0073 1052 System memory - ok

09:43:28.0073 1052 ================ Scan services =============================

09:43:28.0198 1052 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

09:43:28.0214 1052 1394ohci - ok

09:43:28.0229 1052 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

09:43:28.0245 1052 ACPI - ok

09:43:28.0276 1052 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

09:43:28.0276 1052 AcpiPmi - ok

09:43:28.0370 1052 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

09:43:28.0370 1052 AdobeARMservice - ok

09:43:28.0448 1052 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

09:43:28.0448 1052 AdobeFlashPlayerUpdateSvc - ok

09:43:28.0479 1052 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

09:43:28.0494 1052 adp94xx - ok

09:43:28.0526 1052 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

09:43:28.0526 1052 adpahci - ok

09:43:28.0572 1052 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

09:43:28.0572 1052 adpu320 - ok

09:43:28.0588 1052 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

09:43:28.0588 1052 AeLookupSvc - ok

09:43:28.0619 1052 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

09:43:28.0635 1052 AFD - ok

09:43:28.0666 1052 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

09:43:28.0666 1052 agp440 - ok

09:43:28.0791 1052 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll

09:43:28.0791 1052 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76

09:43:28.0791 1052 Akamai ( HiddenFile.Multi.Generic ) - warning

09:43:28.0791 1052 Akamai - detected HiddenFile.Multi.Generic (1)

09:43:28.0806 1052 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

09:43:28.0806 1052 ALG - ok

09:43:28.0806 1052 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

09:43:28.0806 1052 aliide - ok

09:43:28.0853 1052 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

09:43:28.0853 1052 AMD External Events Utility - ok

09:43:28.0869 1052 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

09:43:28.0869 1052 amdide - ok

09:43:28.0884 1052 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

09:43:28.0884 1052 AmdK8 - ok

09:43:29.0040 1052 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

09:43:29.0181 1052 amdkmdag - ok

09:43:29.0196 1052 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

09:43:29.0196 1052 amdkmdap - ok

09:43:29.0212 1052 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

09:43:29.0212 1052 AmdPPM - ok

09:43:29.0243 1052 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

09:43:29.0243 1052 amdsata - ok

09:43:29.0259 1052 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

09:43:29.0275 1052 amdsbs - ok

09:43:29.0290 1052 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

09:43:29.0290 1052 amdxata - ok

09:43:29.0321 1052 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

09:43:29.0321 1052 AppID - ok

09:43:29.0337 1052 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

09:43:29.0337 1052 AppIDSvc - ok

09:43:29.0384 1052 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

09:43:29.0384 1052 Appinfo - ok

09:43:29.0462 1052 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

09:43:29.0462 1052 Apple Mobile Device - ok

09:43:29.0493 1052 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

09:43:29.0509 1052 AppMgmt - ok

09:43:29.0509 1052 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

09:43:29.0509 1052 arc - ok

09:43:29.0540 1052 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

09:43:29.0555 1052 arcsas - ok

09:43:29.0633 1052 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

09:43:29.0633 1052 aspnet_state - ok

09:43:29.0649 1052 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

09:43:29.0649 1052 AsyncMac - ok

09:43:29.0649 1052 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

09:43:29.0649 1052 atapi - ok

09:43:29.0680 1052 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

09:43:29.0711 1052 AudioEndpointBuilder - ok

09:43:29.0727 1052 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

09:43:29.0727 1052 AudioSrv - ok

09:43:29.0789 1052 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

09:43:29.0789 1052 Autodesk Content Service - ok

09:43:29.0805 1052 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

09:43:29.0821 1052 AxInstSV - ok

09:43:29.0836 1052 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

09:43:29.0836 1052 b06bdrv - ok

09:43:29.0867 1052 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

09:43:29.0883 1052 b57nd60a - ok

09:43:29.0899 1052 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

09:43:29.0899 1052 BDESVC - ok

09:43:29.0914 1052 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

09:43:29.0914 1052 Beep - ok

09:43:29.0945 1052 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

09:43:29.0961 1052 BFE - ok

09:43:29.0992 1052 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

09:43:30.0023 1052 BITS - ok

09:43:30.0039 1052 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

09:43:30.0039 1052 blbdrive - ok

09:43:30.0101 1052 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

09:43:30.0101 1052 Bonjour Service - ok

09:43:30.0133 1052 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

09:43:30.0133 1052 bowser - ok

09:43:30.0133 1052 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:43:30.0148 1052 BrFiltLo - ok

09:43:30.0148 1052 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:43:30.0148 1052 BrFiltUp - ok

09:43:30.0179 1052 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

09:43:30.0179 1052 Browser - ok

09:43:30.0195 1052 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

09:43:30.0195 1052 Brserid - ok

09:43:30.0211 1052 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

09:43:30.0211 1052 BrSerWdm - ok

09:43:30.0226 1052 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

09:43:30.0226 1052 BrUsbMdm - ok

09:43:30.0242 1052 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

09:43:30.0242 1052 BrUsbSer - ok

09:43:30.0242 1052 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

09:43:30.0257 1052 BTHMODEM - ok

09:43:30.0257 1052 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

09:43:30.0257 1052 bthserv - ok

09:43:30.0273 1052 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

09:43:30.0273 1052 cdfs - ok

09:43:30.0304 1052 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

09:43:30.0320 1052 cdrom - ok

09:43:30.0335 1052 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

09:43:30.0335 1052 CertPropSvc - ok

09:43:30.0351 1052 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

09:43:30.0351 1052 circlass - ok

09:43:30.0367 1052 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

09:43:30.0367 1052 CLFS - ok

09:43:30.0398 1052 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:43:30.0413 1052 clr_optimization_v2.0.50727_32 - ok

09:43:30.0429 1052 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:43:30.0429 1052 clr_optimization_v2.0.50727_64 - ok

09:43:30.0460 1052 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:43:30.0460 1052 clr_optimization_v4.0.30319_32 - ok

09:43:30.0491 1052 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:43:30.0507 1052 clr_optimization_v4.0.30319_64 - ok

09:43:30.0507 1052 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

09:43:30.0523 1052 CmBatt - ok

09:43:30.0523 1052 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

09:43:30.0538 1052 cmdide - ok

09:43:30.0554 1052 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

09:43:30.0569 1052 CNG - ok

09:43:30.0569 1052 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

09:43:30.0569 1052 Compbatt - ok

09:43:30.0601 1052 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

09:43:30.0601 1052 CompositeBus - ok

09:43:30.0601 1052 COMSysApp - ok

09:43:30.0616 1052 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

09:43:30.0616 1052 crcdisk - ok

09:43:30.0647 1052 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

09:43:30.0663 1052 CryptSvc - ok

09:43:30.0679 1052 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

09:43:30.0694 1052 CSC - ok

09:43:30.0725 1052 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

09:43:30.0741 1052 CscService - ok

09:43:30.0757 1052 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

09:43:30.0772 1052 DcomLaunch - ok

09:43:30.0788 1052 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

09:43:30.0788 1052 defragsvc - ok

09:43:30.0803 1052 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

09:43:30.0803 1052 DfsC - ok

09:43:30.0819 1052 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

09:43:30.0835 1052 Dhcp - ok

09:43:30.0835 1052 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

09:43:30.0835 1052 discache - ok

09:43:30.0850 1052 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

09:43:30.0850 1052 Disk - ok

09:43:30.0881 1052 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

09:43:30.0881 1052 Dnscache - ok

09:43:30.0913 1052 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

09:43:30.0928 1052 dot3svc - ok

09:43:30.0944 1052 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

09:43:30.0960 1052 DPS - ok

09:43:30.0975 1052 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

09:43:30.0991 1052 drmkaud - ok

09:43:31.0006 1052 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

09:43:31.0022 1052 DXGKrnl - ok

09:43:31.0038 1052 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

09:43:31.0038 1052 EapHost - ok

09:43:31.0084 1052 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

09:43:31.0162 1052 ebdrv - ok

09:43:31.0178 1052 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

09:43:31.0194 1052 EFS - ok

09:43:31.0209 1052 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

09:43:31.0225 1052 ehRecvr - ok

09:43:31.0240 1052 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

09:43:31.0256 1052 ehSched - ok

09:43:31.0272 1052 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

09:43:31.0287 1052 elxstor - ok

09:43:31.0303 1052 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

09:43:31.0303 1052 ErrDev - ok

09:43:31.0334 1052 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

09:43:31.0350 1052 EventSystem - ok

09:43:31.0365 1052 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

09:43:31.0381 1052 exfat - ok

09:43:31.0381 1052 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

09:43:31.0396 1052 fastfat - ok

09:43:31.0412 1052 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

09:43:31.0412 1052 Fax - ok

09:43:31.0428 1052 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

09:43:31.0428 1052 fdc - ok

09:43:31.0459 1052 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

09:43:31.0459 1052 fdPHost - ok

09:43:31.0459 1052 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

09:43:31.0459 1052 FDResPub - ok

09:43:31.0474 1052 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

09:43:31.0474 1052 FileInfo - ok

09:43:31.0490 1052 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

09:43:31.0490 1052 Filetrace - ok

09:43:31.0537 1052 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

09:43:31.0677 1052 FLEXnet Licensing Service 64 - ok

09:43:31.0693 1052 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

09:43:31.0693 1052 flpydisk - ok

09:43:31.0708 1052 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

09:43:31.0724 1052 FltMgr - ok

09:43:31.0755 1052 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

09:43:31.0786 1052 FontCache - ok

09:43:31.0818 1052 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:43:31.0818 1052 FontCache3.0.0.0 - ok

09:43:31.0833 1052 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

09:43:31.0833 1052 FsDepends - ok

09:43:31.0864 1052 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

09:43:31.0864 1052 Fs_Rec - ok

09:43:31.0880 1052 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

09:43:31.0880 1052 fvevol - ok

09:43:31.0896 1052 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

09:43:31.0911 1052 gagp30kx - ok

09:43:31.0942 1052 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

09:43:31.0958 1052 gpsvc - ok

09:43:31.0958 1052 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

09:43:31.0974 1052 hcw85cir - ok

09:43:31.0989 1052 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

09:43:32.0020 1052 HdAudAddService - ok

09:43:32.0052 1052 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

09:43:32.0052 1052 HDAudBus - ok

09:43:32.0067 1052 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

09:43:32.0067 1052 HidBatt - ok

09:43:32.0083 1052 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

09:43:32.0083 1052 HidBth - ok

09:43:32.0098 1052 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

09:43:32.0114 1052 HidIr - ok

09:43:32.0130 1052 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

09:43:32.0130 1052 hidserv - ok

09:43:32.0145 1052 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

09:43:32.0145 1052 HidUsb - ok

09:43:32.0161 1052 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

09:43:32.0161 1052 hkmsvc - ok

09:43:32.0176 1052 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

09:43:32.0192 1052 HomeGroupListener - ok

09:43:32.0208 1052 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

09:43:32.0223 1052 HomeGroupProvider - ok

09:43:32.0223 1052 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

09:43:32.0223 1052 HpSAMD - ok

09:43:32.0254 1052 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

09:43:32.0286 1052 HTTP - ok

09:43:32.0286 1052 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

09:43:32.0286 1052 hwpolicy - ok

09:43:32.0317 1052 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

09:43:32.0317 1052 i8042prt - ok

09:43:32.0364 1052 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

09:43:32.0364 1052 IAANTMON - ok

09:43:32.0379 1052 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

09:43:32.0395 1052 iaStor - ok

09:43:32.0426 1052 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

09:43:32.0442 1052 iaStorV - ok

09:43:32.0457 1052 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:43:32.0488 1052 idsvc - ok

09:43:32.0488 1052 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

09:43:32.0488 1052 iirsp - ok

09:43:32.0520 1052 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

09:43:32.0535 1052 IKEEXT - ok

09:43:32.0613 1052 [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

09:43:32.0629 1052 IntcAzAudAddService - ok

09:43:32.0629 1052 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

09:43:32.0629 1052 intelide - ok

09:43:32.0645 1052 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

09:43:32.0645 1052 intelppm - ok

09:43:32.0676 1052 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

09:43:32.0676 1052 IPBusEnum - ok

09:43:32.0676 1052 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:43:32.0691 1052 IpFilterDriver - ok

09:43:32.0691 1052 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

09:43:32.0707 1052 iphlpsvc - ok

09:43:32.0723 1052 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

09:43:32.0723 1052 IPMIDRV - ok

09:43:32.0723 1052 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

09:43:32.0738 1052 IPNAT - ok

09:43:32.0754 1052 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

09:43:32.0754 1052 IRENUM - ok

09:43:32.0769 1052 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

09:43:32.0769 1052 isapnp - ok

09:43:32.0785 1052 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

09:43:32.0801 1052 iScsiPrt - ok

09:43:32.0801 1052 [ A7D927151F9EC136863FC71B08C68B84 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys

09:43:32.0816 1052 JRAID - ok

09:43:32.0816 1052 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

09:43:32.0816 1052 kbdclass - ok

09:43:32.0832 1052 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

09:43:32.0832 1052 kbdhid - ok

09:43:32.0832 1052 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

09:43:32.0832 1052 KeyIso - ok

09:43:32.0847 1052 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

09:43:32.0847 1052 KSecDD - ok

09:43:32.0879 1052 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

09:43:32.0879 1052 KSecPkg - ok

09:43:32.0910 1052 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

09:43:32.0910 1052 ksthunk - ok

09:43:32.0925 1052 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

09:43:32.0941 1052 KtmRm - ok

09:43:32.0957 1052 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

09:43:32.0972 1052 LanmanServer - ok

09:43:32.0988 1052 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

09:43:32.0988 1052 LanmanWorkstation - ok

09:43:33.0050 1052 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

09:43:33.0050 1052 lltdio - ok

09:43:33.0081 1052 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

09:43:33.0097 1052 lltdsvc - ok

09:43:33.0097 1052 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

09:43:33.0097 1052 lmhosts - ok

09:43:33.0113 1052 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

09:43:33.0128 1052 LSI_FC - ok

09:43:33.0128 1052 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

09:43:33.0128 1052 LSI_SAS - ok

09:43:33.0144 1052 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:43:33.0144 1052 LSI_SAS2 - ok

09:43:33.0144 1052 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:43:33.0159 1052 LSI_SCSI - ok

09:43:33.0175 1052 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

09:43:33.0175 1052 luafv - ok

09:43:33.0191 1052 MBAMProtector - ok

09:43:33.0237 1052 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

09:43:33.0253 1052 MBAMService - ok

09:43:33.0269 1052 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

09:43:33.0269 1052 Mcx2Svc - ok

09:43:33.0284 1052 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

09:43:33.0284 1052 megasas - ok

09:43:33.0300 1052 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

09:43:33.0300 1052 MegaSR - ok

09:43:33.0393 1052 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2012_64 C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe

09:43:33.0393 1052 mi-raysat_3dsmax2012_64 - ok

09:43:33.0393 1052 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

09:43:33.0409 1052 MMCSS - ok

09:43:33.0425 1052 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

09:43:33.0425 1052 Modem - ok

09:43:33.0440 1052 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

09:43:33.0440 1052 monitor - ok

09:43:33.0456 1052 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

09:43:33.0456 1052 mouclass - ok

09:43:33.0456 1052 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

09:43:33.0456 1052 mouhid - ok

09:43:33.0487 1052 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

09:43:33.0487 1052 mountmgr - ok

09:43:33.0518 1052 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

09:43:33.0518 1052 MpFilter - ok

09:43:33.0549 1052 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

09:43:33.0565 1052 mpio - ok

09:43:33.0565 1052 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

09:43:33.0565 1052 mpsdrv - ok

09:43:33.0612 1052 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

09:43:33.0643 1052 MpsSvc - ok

09:43:33.0659 1052 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

09:43:33.0659 1052 MRxDAV - ok

09:43:33.0674 1052 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

09:43:33.0690 1052 mrxsmb - ok

09:43:33.0705 1052 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:43:33.0721 1052 mrxsmb10 - ok

09:43:33.0737 1052 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:43:33.0737 1052 mrxsmb20 - ok

09:43:33.0752 1052 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

09:43:33.0752 1052 msahci - ok

09:43:33.0768 1052 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

09:43:33.0768 1052 msdsm - ok

09:43:33.0783 1052 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

09:43:33.0799 1052 MSDTC - ok

09:43:33.0815 1052 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

09:43:33.0815 1052 Msfs - ok

09:43:33.0846 1052 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

09:43:33.0846 1052 mshidkmdf - ok

09:43:33.0861 1052 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

09:43:33.0861 1052 msisadrv - ok

09:43:33.0877 1052 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

09:43:33.0877 1052 MSiSCSI - ok

09:43:33.0893 1052 msiserver - ok

09:43:33.0908 1052 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

09:43:33.0908 1052 MSKSSRV - ok

09:43:33.0955 1052 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

09:43:33.0955 1052 MsMpSvc - ok

09:43:33.0955 1052 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

09:43:33.0955 1052 MSPCLOCK - ok

09:43:33.0986 1052 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

09:43:33.0986 1052 MSPQM - ok

09:43:34.0002 1052 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

09:43:34.0017 1052 MsRPC - ok

09:43:34.0033 1052 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

09:43:34.0033 1052 mssmbios - ok

09:43:34.0049 1052 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

09:43:34.0049 1052 MSTEE - ok

09:43:34.0173 1052 [ CB4A082AF58D1A0969F931816D5CFB05 ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe

09:43:34.0267 1052 msvsmon90 - ok

09:43:34.0283 1052 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

09:43:34.0283 1052 MTConfig - ok

09:43:34.0298 1052 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys

09:43:34.0298 1052 MTsensor - ok

09:43:34.0330 1052 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

09:43:34.0330 1052 Mup - ok

09:43:34.0345 1052 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

09:43:34.0361 1052 napagent - ok

09:43:34.0392 1052 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

09:43:34.0408 1052 NativeWifiP - ok

09:43:34.0439 1052 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

09:43:34.0470 1052 NDIS - ok

09:43:34.0486 1052 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

09:43:34.0486 1052 NdisCap - ok

09:43:34.0501 1052 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

09:43:34.0501 1052 NdisTapi - ok

09:43:34.0532 1052 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

09:43:34.0532 1052 Ndisuio - ok

09:43:34.0548 1052 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

09:43:34.0564 1052 NdisWan - ok

09:43:34.0564 1052 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

09:43:34.0579 1052 NDProxy - ok

09:43:34.0595 1052 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

09:43:34.0595 1052 Net Driver HPZ12 - ok

09:43:34.0610 1052 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

09:43:34.0610 1052 NetBIOS - ok

09:43:34.0626 1052 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

09:43:34.0626 1052 NetBT - ok

09:43:34.0642 1052 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

09:43:34.0642 1052 Netlogon - ok

09:43:34.0673 1052 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

09:43:34.0688 1052 Netman - ok

09:43:34.0720 1052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:43:34.0720 1052 NetMsmqActivator - ok

09:43:34.0735 1052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:43:34.0735 1052 NetPipeActivator - ok

09:43:34.0751 1052 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

09:43:34.0766 1052 netprofm - ok

09:43:34.0766 1052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:43:34.0782 1052 NetTcpActivator - ok

09:43:34.0782 1052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:43:34.0782 1052 NetTcpPortSharing - ok

09:43:34.0798 1052 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

09:43:34.0813 1052 nfrd960 - ok

09:43:34.0844 1052 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

09:43:34.0844 1052 NisDrv - ok

09:43:34.0860 1052 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

09:43:34.0876 1052 NisSrv - ok

09:43:34.0891 1052 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

09:43:34.0907 1052 NlaSvc - ok

09:43:34.0907 1052 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

09:43:34.0907 1052 Npfs - ok

09:43:34.0922 1052 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

09:43:34.0922 1052 nsi - ok

09:43:34.0938 1052 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

09:43:34.0938 1052 nsiproxy - ok

09:43:34.0985 1052 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

09:43:35.0016 1052 Ntfs - ok

09:43:35.0032 1052 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

09:43:35.0032 1052 Null - ok

09:43:35.0047 1052 [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys

09:43:35.0047 1052 nusb3hub - ok

09:43:35.0063 1052 [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys

09:43:35.0063 1052 nusb3xhc - ok

09:43:35.0094 1052 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

09:43:35.0094 1052 nvraid - ok

09:43:35.0125 1052 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

09:43:35.0125 1052 nvstor - ok

09:43:35.0156 1052 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

09:43:35.0156 1052 nv_agp - ok

09:43:35.0203 1052 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

09:43:35.0219 1052 odserv - ok

09:43:35.0250 1052 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

09:43:35.0250 1052 ohci1394 - ok

09:43:35.0297 1052 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:43:35.0297 1052 ose - ok

09:43:35.0390 1052 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

09:43:35.0484 1052 osppsvc - ok

09:43:35.0515 1052 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

09:43:35.0531 1052 p2pimsvc - ok

09:43:35.0546 1052 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

09:43:35.0562 1052 p2psvc - ok

09:43:35.0578 1052 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

09:43:35.0593 1052 Parport - ok

09:43:35.0609 1052 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

09:43:35.0609 1052 partmgr - ok

09:43:35.0609 1052 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

09:43:35.0624 1052 PcaSvc - ok

09:43:35.0656 1052 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

09:43:35.0656 1052 pci - ok

09:43:35.0671 1052 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

09:43:35.0671 1052 pciide - ok

09:43:35.0671 1052 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

09:43:35.0687 1052 pcmcia - ok

09:43:35.0687 1052 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

09:43:35.0687 1052 pcw - ok

09:43:35.0702 1052 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

09:43:35.0734 1052 PEAUTH - ok

09:43:35.0765 1052 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

09:43:35.0780 1052 PeerDistSvc - ok

09:43:35.0843 1052 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

09:43:35.0843 1052 PerfHost - ok

09:43:35.0890 1052 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

09:43:35.0921 1052 pla - ok

09:43:35.0937 1052 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

09:43:35.0952 1052 PlugPlay - ok

09:43:35.0983 1052 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

09:43:35.0983 1052 Pml Driver HPZ12 - ok

09:43:35.0999 1052 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

09:43:35.0999 1052 PNRPAutoReg - ok

09:43:35.0999 1052 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

09:43:36.0015 1052 PNRPsvc - ok

09:43:36.0030 1052 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

09:43:36.0046 1052 PolicyAgent - ok

09:43:36.0061 1052 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

09:43:36.0077 1052 Power - ok

09:43:36.0093 1052 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

09:43:36.0093 1052 PptpMiniport - ok

09:43:36.0108 1052 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

09:43:36.0108 1052 Processor - ok

09:43:36.0124 1052 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

09:43:36.0139 1052 ProfSvc - ok

09:43:36.0155 1052 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

09:43:36.0155 1052 ProtectedStorage - ok

09:43:36.0171 1052 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

09:43:36.0186 1052 Psched - ok

09:43:36.0202 1052 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

09:43:36.0249 1052 ql2300 - ok

09:43:36.0249 1052 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

09:43:36.0249 1052 ql40xx - ok

09:43:36.0280 1052 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

09:43:36.0280 1052 QWAVE - ok

09:43:36.0295 1052 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

09:43:36.0295 1052 QWAVEdrv - ok

09:43:36.0311 1052 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

09:43:36.0311 1052 RasAcd - ok

09:43:36.0342 1052 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

09:43:36.0342 1052 RasAgileVpn - ok

09:43:36.0342 1052 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

09:43:36.0342 1052 RasAuto - ok

09:43:36.0342 1052 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

09:43:36.0358 1052 Rasl2tp - ok

09:43:36.0373 1052 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

09:43:36.0389 1052 RasMan - ok

09:43:36.0405 1052 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

09:43:36.0405 1052 RasPppoe - ok

09:43:36.0420 1052 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

09:43:36.0420 1052 RasSstp - ok

09:43:36.0436 1052 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

09:43:36.0451 1052 rdbss - ok

09:43:36.0451 1052 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

09:43:36.0467 1052 rdpbus - ok

09:43:36.0483 1052 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

09:43:36.0483 1052 RDPCDD - ok

09:43:36.0514 1052 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

09:43:36.0514 1052 RDPDR - ok

09:43:36.0514 1052 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

09:43:36.0514 1052 RDPENCDD - ok

09:43:36.0529 1052 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

09:43:36.0529 1052 RDPREFMP - ok

09:43:36.0545 1052 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

09:43:36.0561 1052 RDPWD - ok

09:43:36.0576 1052 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

09:43:36.0592 1052 rdyboost - ok

09:43:36.0607 1052 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

09:43:36.0607 1052 RemoteAccess - ok

09:43:36.0623 1052 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

09:43:36.0623 1052 RemoteRegistry - ok

09:43:36.0654 1052 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys

09:43:36.0654 1052 RimUsb - ok

09:43:36.0670 1052 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

09:43:36.0670 1052 RpcEptMapper - ok

09:43:36.0685 1052 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

09:43:36.0685 1052 RpcLocator - ok

09:43:36.0717 1052 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

09:43:36.0717 1052 RpcSs - ok

09:43:36.0717 1052 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

09:43:36.0717 1052 rspndr - ok

09:43:36.0748 1052 [ 16D4E350420BAA7E63E16E3FC033E1F5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

09:43:36.0763 1052 RTL8167 - ok

09:43:36.0779 1052 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

09:43:36.0779 1052 s3cap - ok

09:43:36.0795 1052 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

09:43:36.0795 1052 SamSs - ok

09:43:36.0810 1052 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

09:43:36.0810 1052 sbp2port - ok

09:43:36.0841 1052 SBRE - ok

09:43:36.0857 1052 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

09:43:36.0873 1052 SCardSvr - ok

09:43:36.0904 1052 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

09:43:36.0904 1052 scfilter - ok

09:43:36.0935 1052 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

09:43:36.0966 1052 Schedule - ok

09:43:36.0966 1052 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

09:43:36.0966 1052 SCPolicySvc - ok

09:43:36.0966 1052 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

09:43:36.0982 1052 SDRSVC - ok

09:43:36.0982 1052 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

09:43:36.0982 1052 secdrv - ok

09:43:36.0997 1052 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

09:43:36.0997 1052 seclogon - ok

09:43:36.0997 1052 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

09:43:36.0997 1052 SENS - ok

09:43:37.0013 1052 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

09:43:37.0013 1052 SensrSvc - ok

09:43:37.0013 1052 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

09:43:37.0013 1052 Serenum - ok

09:43:37.0029 1052 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

09:43:37.0029 1052 Serial - ok

09:43:37.0044 1052 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

09:43:37.0044 1052 sermouse - ok

09:43:37.0075 1052 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

09:43:37.0075 1052 SessionEnv - ok

09:43:37.0107 1052 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

09:43:37.0107 1052 sffdisk - ok

09:43:37.0107 1052 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

09:43:37.0107 1052 sffp_mmc - ok

09:43:37.0122 1052 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

09:43:37.0122 1052 sffp_sd - ok

09:43:37.0138 1052 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

09:43:37.0138 1052 sfloppy - ok

09:43:37.0153 1052 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

09:43:37.0153 1052 SharedAccess - ok

09:43:37.0169 1052 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

09:43:37.0185 1052 ShellHWDetection - ok

09:43:37.0200 1052 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:43:37.0200 1052 SiSRaid2 - ok

09:43:37.0216 1052 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

09:43:37.0216 1052 SiSRaid4 - ok

09:43:37.0231 1052 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

09:43:37.0247 1052 Smb - ok

09:43:37.0263 1052 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

09:43:37.0263 1052 SNMPTRAP - ok

09:43:37.0263 1052 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

09:43:37.0263 1052 spldr - ok

09:43:37.0294 1052 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

09:43:37.0309 1052 Spooler - ok

09:43:37.0356 1052 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

09:43:37.0434 1052 sppsvc - ok

09:43:37.0434 1052 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

09:43:37.0434 1052 sppuinotify - ok

09:43:37.0450 1052 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

09:43:37.0465 1052 srv - ok

09:43:37.0481 1052 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

09:43:37.0497 1052 srv2 - ok

09:43:37.0512 1052 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

09:43:37.0512 1052 srvnet - ok

09:43:37.0528 1052 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

09:43:37.0559 1052 SSDPSRV - ok

09:43:37.0559 1052 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

09:43:37.0575 1052 SstpSvc - ok

09:43:37.0575 1052 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

09:43:37.0590 1052 stexstor - ok

09:43:37.0622 1052 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

09:43:37.0637 1052 stisvc - ok

09:43:37.0637 1052 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

09:43:37.0637 1052 storflt - ok

09:43:37.0668 1052 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll

09:43:37.0668 1052 StorSvc - ok

09:43:37.0684 1052 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

09:43:37.0684 1052 storvsc - ok

09:43:37.0715 1052 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

09:43:37.0715 1052 swenum - ok

09:43:37.0731 1052 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

09:43:37.0746 1052 swprv - ok

09:43:37.0793 1052 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

09:43:37.0840 1052 SysMain - ok

09:43:37.0856 1052 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

09:43:37.0856 1052 TabletInputService - ok

09:43:37.0871 1052 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

09:43:37.0887 1052 TapiSrv - ok

09:43:37.0902 1052 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

09:43:37.0902 1052 TBS - ok

09:43:37.0946 1052 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

09:43:37.0969 1052 Tcpip - ok

09:43:38.0070 1052 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

09:43:38.0085 1052 TCPIP6 - ok

09:43:38.0116 1052 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

09:43:38.0116 1052 tcpipreg - ok

09:43:38.0132 1052 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

09:43:38.0132 1052 TDPIPE - ok

09:43:38.0148 1052 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

09:43:38.0148 1052 TDTCP - ok

09:43:38.0166 1052 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

09:43:38.0181 1052 tdx - ok

09:43:38.0197 1052 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

09:43:38.0197 1052 TermDD - ok

09:43:38.0228 1052 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

09:43:38.0259 1052 TermService - ok

09:43:38.0291 1052 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

09:43:38.0291 1052 Themes - ok

09:43:38.0306 1052 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

09:43:38.0306 1052 THREADORDER - ok

09:43:38.0322 1052 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

09:43:38.0322 1052 TrkWks - ok

09:43:38.0353 1052 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

09:43:38.0353 1052 TrustedInstaller - ok

09:43:38.0369 1052 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

09:43:38.0384 1052 tssecsrv - ok

09:43:38.0400 1052 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

09:43:38.0400 1052 TsUsbFlt - ok

09:43:38.0431 1052 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

09:43:38.0431 1052 tunnel - ok

09:43:38.0447 1052 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

09:43:38.0447 1052 uagp35 - ok

09:43:38.0478 1052 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

09:43:38.0493 1052 udfs - ok

09:43:38.0509 1052 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

09:43:38.0509 1052 UI0Detect - ok

09:43:38.0525 1052 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

09:43:38.0540 1052 uliagpkx - ok

09:43:38.0556 1052 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

09:43:38.0556 1052 umbus - ok

09:43:38.0571 1052 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

09:43:38.0571 1052 UmPass - ok

09:43:38.0587 1052 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

09:43:38.0603 1052 UmRdpService - ok

09:43:38.0634 1052 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

09:43:38.0634 1052 upnphost - ok

09:43:38.0649 1052 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

09:43:38.0649 1052 USBAAPL64 - ok

09:43:38.0681 1052 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

09:43:38.0681 1052 usbccgp - ok

09:43:38.0696 1052 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

09:43:38.0712 1052 usbcir - ok

09:43:38.0727 1052 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

09:43:38.0743 1052 usbehci - ok

09:43:38.0759 1052 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

09:43:38.0790 1052 usbhub - ok

09:43:38.0790 1052 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

09:43:38.0790 1052 usbohci - ok

09:43:38.0805 1052 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

09:43:38.0805 1052 usbprint - ok

09:43:38.0821 1052 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:43:38.0837 1052 USBSTOR - ok

09:43:38.0852 1052 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

09:43:38.0852 1052 usbuhci - ok

09:43:38.0868 1052 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

09:43:38.0868 1052 UxSms - ok

09:43:38.0883 1052 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

09:43:38.0883 1052 VaultSvc - ok

09:43:38.0915 1052 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

09:43:38.0915 1052 vdrvroot - ok

09:43:38.0946 1052 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

09:43:38.0946 1052 vds - ok

09:43:38.0961 1052 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

09:43:38.0961 1052 vga - ok

09:43:38.0977 1052 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

09:43:38.0977 1052 VgaSave - ok

09:43:38.0993 1052 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

09:43:38.0993 1052 vhdmp - ok

09:43:38.0995 1052 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

09:43:38.0995 1052 viaide - ok

09:43:39.0029 1052 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

09:43:39.0029 1052 vmbus - ok

09:43:39.0044 1052 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

09:43:39.0044 1052 VMBusHID - ok

09:43:39.0060 1052 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

09:43:39.0076 1052 volmgr - ok

09:43:39.0078 1052 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

09:43:39.0094 1052 volmgrx - ok

09:43:39.0109 1052 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

09:43:39.0125 1052 volsnap - ok

09:43:39.0141 1052 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

09:43:39.0156 1052 vsmraid - ok

09:43:39.0187 1052 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

09:43:39.0219 1052 VSS - ok

09:43:39.0234 1052 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

09:43:39.0234 1052 vwifibus - ok

09:43:39.0250 1052 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

09:43:39.0250 1052 W32Time - ok

09:43:39.0265 1052 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

09:43:39.0281 1052 WacomPen - ok

09:43:39.0299 1052 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

09:43:39.0299 1052 WANARP - ok

09:43:39.0299 1052 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

09:43:39.0299 1052 Wanarpv6 - ok

09:43:39.0346 1052 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

09:43:39.0377 1052 WatAdminSvc - ok

09:43:39.0424 1052 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

09:43:39.0460 1052 wbengine - ok

09:43:39.0460 1052 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

09:43:39.0476 1052 WbioSrvc - ok

09:43:39.0476 1052 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

09:43:39.0491 1052 wcncsvc - ok

09:43:39.0507 1052 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

09:43:39.0507 1052 WcsPlugInService - ok

09:43:39.0538 1052 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

09:43:39.0554 1052 Wd - ok

09:43:39.0569 1052 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

09:43:39.0585 1052 Wdf01000 - ok

09:43:39.0585 1052 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

09:43:39.0601 1052 WdiServiceHost - ok

09:43:39.0601 1052 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

09:43:39.0601 1052 WdiSystemHost - ok

09:43:39.0616 1052 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

09:43:39.0632 1052 WebClient - ok

09:43:39.0647 1052 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

09:43:39.0647 1052 Wecsvc - ok

09:43:39.0663 1052 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

09:43:39.0663 1052 wercplsupport - ok

09:43:39.0679 1052 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

09:43:39.0679 1052 WerSvc - ok

09:43:39.0694 1052 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

09:43:39.0694 1052 WfpLwf - ok

09:43:39.0710 1052 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

09:43:39.0710 1052 WIMMount - ok

09:43:39.0725 1052 WinDefend - ok

09:43:39.0725 1052 WinHttpAutoProxySvc - ok

09:43:39.0759 1052 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

09:43:39.0759 1052 Winmgmt - ok

09:43:39.0821 1052 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

09:43:39.0868 1052 WinRM - ok

09:43:39.0915 1052 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

09:43:39.0915 1052 WinUsb - ok

09:43:39.0931 1052 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

09:43:39.0962 1052 Wlansvc - ok

09:43:39.0978 1052 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

09:43:39.0978 1052 WmiAcpi - ok

09:43:40.0014 1052 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

09:43:40.0014 1052 wmiApSrv - ok

09:43:40.0029 1052 WMPNetworkSvc - ok

09:43:40.0045 1052 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

09:43:40.0045 1052 WPCSvc - ok

09:43:40.0061 1052 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

09:43:40.0076 1052 WPDBusEnum - ok

09:43:40.0076 1052 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

09:43:40.0076 1052 ws2ifsl - ok

09:43:40.0092 1052 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

09:43:40.0092 1052 wscsvc - ok

09:43:40.0092 1052 WSearch - ok

09:43:40.0170 1052 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

09:43:40.0217 1052 wuauserv - ok

09:43:40.0217 1052 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

09:43:40.0219 1052 WudfPf - ok

09:43:40.0266 1052 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

09:43:40.0268 1052 WUDFRd - ok

09:43:40.0300 1052 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

09:43:40.0300 1052 wudfsvc - ok

09:43:40.0315 1052 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

09:43:40.0315 1052 WwanSvc - ok

09:43:40.0331 1052 ================ Scan global ===============================

09:43:40.0346 1052 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

09:43:40.0378 1052 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

09:43:40.0393 1052 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

09:43:40.0409 1052 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

09:43:40.0424 1052 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

09:43:40.0440 1052 [Global] - ok

09:43:40.0440 1052 ================ Scan MBR ==================================

09:43:40.0456 1052 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

09:43:40.0617 1052 \Device\Harddisk0\DR0 - ok

09:43:40.0617 1052 ================ Scan VBR ==================================

09:43:40.0617 1052 [ C4F032AD0F41BF7C74110BEE4234A5E1 ] \Device\Harddisk0\DR0\Partition1

09:43:40.0617 1052 \Device\Harddisk0\DR0\Partition1 - ok

09:43:40.0632 1052 [ 607740DBBC0C60161F5196B5782F26DB ] \Device\Harddisk0\DR0\Partition2

09:43:40.0632 1052 \Device\Harddisk0\DR0\Partition2 - ok

09:43:40.0632 1052 ============================================================

09:43:40.0632 1052 Scan finished

09:43:40.0632 1052 ============================================================

09:43:40.0648 1220 Detected object count: 1

09:43:40.0648 1220 Actual detected object count: 1

09:58:28.0457 1220 Akamai ( HiddenFile.Multi.Generic ) - skipped by user

09:58:28.0457 1220 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

  • Staff

Tha Akamai files are legitimate, we don't need to do anything with them

we just need to check for any leftovers, please run the following:

  • Please open your MalwareBytes AntiMalware Program
  • Click the Update Tab and search for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

NEXT

Go here to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Link to post
Share on other sites

Malwarebytes did not find any malicious items. The log is below:

Malwarebytes Anti-Malware (PRO) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.09.14.04

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

chris :: CHRIS [administrator]

Protection: Disabled

9/14/2012 10:23:42 AM

mbam-log-2012-09-14 (10-23-42).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 270363

Time elapsed: 6 minute(s), 39 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Sorry it took so long for the ESET Scanner. it took over five hours and we were leaving to go out of town. The log is below:

C:\Users\chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAFX8VI5\SetupImgBurn_2.5.6.0.exe Win32/Bundled.Toolbar.Ask application

C:\Users\chris\AppData\Local\Temp\jar_cache7382780966413571152.tmp a variant of Java/Exploit.CVE-2012-1723.AM trojan

C:\Users\chris\Downloads\PCMAX_AF_ErrorsFix_Setup.exe a variant of Win32/RegistryNuke application

Link to post
Share on other sites

  • Staff

ok we are getting there

we just need to delete your browsing history and delete Java cache to remove those detections (the last one is just alerting to the type of program it is, those programs aren't recommended)

Please use TFC

Download TFC to your desktop

  • Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't, manually reboot to ensure a complete clean

NEXT

  • Please download MiniToolBox and save it to your desktop and run it.
    Checkmark following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Report FF Proxy Settings
    • List content of Hosts
    • List installed programs.

    Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.

NEXT

Please download Farbar Service Scanner to your desktop and run it.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

NEXT

Please let me know how the computer is running now and if there are any outstanding issues

Link to post
Share on other sites

MiniToolBox by Farbar Version: 23-07-2012

Ran by chris (administrator) on 17-09-2012 at 10:13:25

Microsoft Windows 7 Professional Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

========================= Hosts content: =================================

127.0.0.1 localhost

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)

2003 ICC Complete Collection

64 Bit HP CIO Components Installer (Version: 8.2.1)

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)

Adobe AIR (Version: 2.5.1.17730)

Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)

Adobe Flash Player 11 Plugin (Version: 11.3.300.271)

Adobe Reader X (10.1.4) (Version: 10.1.4)

Adobe Shockwave Player 11.5 (Version: 11.5.9.620)

Akamai NetSession Interface

Akamai NetSession Interface Service

Apple Application Support (Version: 2.1.9)

Apple Mobile Device Support (Version: 5.2.0.6)

Ask Toolbar (Version: 1.15.2.0)

Ask Toolbar Updater (Version: 1.2.1.23037)

AutoCAD 2012 - English (Version: 18.2.51.0)

AutoCAD 2012 Language Pack - English (Version: 18.2.51.0)

AutoCAD Architecture 2012 - English (Version: 6.7.107.0)

AutoCAD Architecture 2012 - English (Version: 6.7.49.0)

AutoCAD Architecture 2012 - English SP 1 (Version: 1)

AutoCAD Architecture 2012 Language Pack - English (Version: 18.2.51.0)

AutoCAD Architecture 2013 - English (Version: 7.0.50.0)

AutoCAD Architecture 2013 Language Pack - English (Version: 7.0.50.0)

Autodesk 3ds Max Design 2012 64-bit - English (Version: 14.0)

Autodesk Backburner 2012.0.0 (Version: 2012.0.0)

Autodesk CAD Manager Tools (Version: 16.0.0.65)

Autodesk Content Service (Version: 3.0.84.0)

Autodesk Content Service Language Pack (Version: 3.0.84.0)

Autodesk Design Review 2013 (Version: 13.0.0.82)

Autodesk Download Manager (Version: 1.0.122.0)

Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit

Autodesk Inventor Fusion 2012 (Version: 1.0.0.79)

Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79)

Autodesk Material Library 2012 (Version: 2.5.0.8)

Autodesk Material Library 2013 (Version: 3.0.13)

Autodesk Material Library Base Resolution Image Library 2012 (Version: 2.5.0.8)

Autodesk Material Library Base Resolution Image Library 2013 (Version: 3.0.13)

Autodesk Material Library Low Resolution Image Library 2012 (Version: 2.5.0.8)

Autodesk Material Library Low Resolution Image Library 2013 (Version: 3.0.13)

Autodesk Material Library Medium Resolution Image Library 2012 (Version: 2.5.0.8)

Autodesk Material Library Medium Resolution Image Library 2013 (Version: 3.0.13)

Autodesk Network License Manager (Version: 1.0.0)

Autodesk Revit 2013 (Version: 12.02.21203)

Autodesk Revit Architecture 2012 (Version: 11.03.09231)

Autodesk Revit MEP 2012 (Version: 11.03.09231)

Autodesk Revit Structure 2012 (Version: 11.03.09231)

Autodesk Showcase 2012 64-bit - English (Version: 6.0.0.0)

Autodesk SketchBook Designer 2013 (Version: 3.00.0000)

Autodesk Sync (Version: 3.5.24.0)

Autodesk Workflows - Building Design Suite 2013 (Version: 3.0.10.0)

AutoLogon 9.1.5

Bonjour (Version: 3.0.0.10)

COMcheck 3.9.1.1 (Current User)

Composite 2012 64-bit (Version: 7.0.0)

Core FTP LE

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dropbox (Version: 1.4.7)

ESET Online Scanner v3

FARO LS 1.1.406.58 (Version: 4.6.58.2)

FARO LS 1.1.408.2 (Version: 4.8.2.25521)

FARO LS 4.8.2.25521

FileZilla Client 3.3.5.1 (Version: 3.3.5.1)

Google SketchUp 8 (Version: 3.0.14346)

GoToMeeting 5.1.0.880 (Version: 5.1.0.880)

HP Product Detection (Version: 10.7.9.0)

ImgBurn (Version: 2.5.6.0)

Intel® Matrix Storage Manager

Java Auto Updater (Version: 2.0.7.1)

Java 6 Update 35 (Version: 6.0.350)

JMicron JMB36X Driver (Version: 1.17.56.2)

Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010 Primary Interop Assemblies (Version: 14.0.4763.1024)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Outlook 2007 (Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)

Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Standard 2010 (Version: 14.0.6029.1000)

Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Security Client (Version: 4.0.1526.0)

Microsoft Security Essentials (Version: 4.0.1526.0)

Microsoft Silverlight (Version: 5.1.10411.0)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729)

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (Version: 1)

Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729)

Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)

QuickTime (Version: 7.72.80.56)

Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)

Realtek High Definition Audio Driver (Version: 6.0.1.6037)

Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0)

ReproEFS

Revit 2013 Language Pack - English (Version: 12.02.21203)

Revit Architecture 2012 Language Pack - English (Version: 11.03.09231)

Revit MEP 2012 Language Pack - English (Version: 11.03.09231)

Revit Structure 2012 Language Pack - English (Version: 11.03.09231)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (Version: 9.0.30729.177)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (Version: 9.0.30729.177)

Visual Studio Tools for the Office system 3.0 Runtime

Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022)

**** End of log ****

Link to post
Share on other sites

Farbar Service Scanner Version: 06-08-2012

Ran by chris (administrator) on 17-09-2012 at 10:15:50

Running from "C:\Users\chris\Desktop"

Microsoft Windows 7 Professional Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall"=DWORD:0

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys

[2012-09-13 11:52] - [2012-08-22 13:12] - 1913200 ____A (Microsoft Corporation) F782CAD3CEDBB3F9FFE3BF2775D92DDC

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.