Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus is Invincible


  • Please log in to reply
18 replies to this topic

#1 sissymac70

sissymac70

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 29 January 2013 - 08:03 PM

Hello. I am new to this forum and pretty much a novice. About two weeks ago my husband noticed a problem with his computer. He would do a search and when he clicked on one of the results, he would be redirected to another search results page that had nothing to do with the original search. A little research informed us of the redirect virus. Since then, we have run BitDefender, MalwareBytes, CCleaner, TDSSKiller, Symantec's FixTDSS, and Microsoft's FixIt. We have followed instructions on how to reset the hosts file. Every scan has come back clean, and the reset made no difference. Whatever this nasty little bug is, it disables the autoscan in BitDefender, and causes Outlook to shut down whenever he tries to open an email. I've also not been able to download and install security updates. Not sure if that is a side effect of the virus but both started happening after infection. Everything I've read says this virus is tough to remove, but there are solutions that have worked for others. I've almost decided that this particular version of the virus is completely invincible and the best course of action would be the use of a very large hammer. Any assistance will be greatly appreciated.

Moderator Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum, due to the absence of any malware logs included in the topic

Roger

Edited by rotor123, 29 January 2013 - 08:45 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 29 January 2013 - 08:50 PM

Hello and welcome.. Lets take a look ..
Which browser(s) do you use?

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




This is a little different..
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.




Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 sissymac70

sissymac70
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 31 January 2013 - 10:59 AM

Boopme,

Thank you for responding.

We're running Windows 7.

I ran the MiniToolBox, TDSSKiller, and aswMBR as you suggested. The logs for MiniToolBox and TDSSKiller are pasted below. aswMBR has found some infections, but every time I click Save Log, the program shuts down and I lose the log.

Please let me know what I need to do next.

Thanks!


MiniToolBox:

MiniToolBox by Farbar Version:10-01-2013
Ran by Rex Delk (administrator) on 31-01-2013 at 09:03:06
Running from "C:\Users\Rex Delk\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

#

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Hardware not present)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : RexDelk
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : launchmodem.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : launchmodem.com
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-24-D6-3E-8D-46
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::588d:887f:f6a0:4767%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.5.107(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, January 31, 2013 8:49:30 AM
Lease Expires . . . . . . . . . . : Friday, February 01, 2013 8:49:29 AM
Default Gateway . . . . . . . . . : 192.168.5.1
DHCP Server . . . . . . . . . . . : 192.168.5.1
DHCPv6 IAID . . . . . . . . . . . : 301998843
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-9B-FF-AD-00-26-9E-A0-02-8F
DNS Servers . . . . . . . . . . . : 192.168.1.254
192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-26-9E-A0-02-8F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.launchmodem.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : launchmodem.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2ca5:3916:bd63:abb9(Preferred)
Link-local IPv6 Address . . . . . : fe80::2ca5:3916:bd63:abb9%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: launchmodem
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4002:802::1000
173.194.37.64
173.194.37.65
173.194.37.66
173.194.37.67
173.194.37.68
173.194.37.69
173.194.37.70
173.194.37.71
173.194.37.72
173.194.37.73
173.194.37.78


Pinging google.com [173.194.37.64] with 32 bytes of data:
Reply from 173.194.37.64: bytes=32 time=19ms TTL=53
Reply from 173.194.37.64: bytes=32 time=18ms TTL=53

Ping statistics for 173.194.37.64:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 19ms, Average = 18ms
Server: launchmodem
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=97ms TTL=46
Reply from 98.138.253.109: bytes=32 time=102ms TTL=46

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 97ms, Maximum = 102ms, Average = 99ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 24 d6 3e 8d 46 ......Intel® WiFi Link 5100 AGN
10...00 26 9e a0 02 8f ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.5.1 192.168.5.107 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.5.0 255.255.255.0 On-link 192.168.5.107 281
192.168.5.107 255.255.255.255 On-link 192.168.5.107 281
192.168.5.255 255.255.255.255 On-link 192.168.5.107 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.5.107 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.5.107 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:9d38:6ab8:2ca5:3916:bd63:abb9/128
On-link
11 281 fe80::/64 On-link
17 306 fe80::/64 On-link
17 306 fe80::2ca5:3916:bd63:abb9/128
On-link
11 281 fe80::588d:887f:f6a0:4767/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/31/2013 09:00:19 AM) (Source: Application Error) (User: )
Description: Faulting application name: dds.com, version: 2012.11.20.1, time stamp: 0x4b1ae3c6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xc0337795
Faulting process id: 0x19e0
Faulting application start time: 0xdds.com0
Faulting application path: dds.com1
Faulting module path: dds.com2
Report Id: dds.com3

Error: (01/31/2013 08:59:58 AM) (Source: Application Error) (User: )
Description: Faulting application name: dds.com, version: 2012.11.20.1, time stamp: 0x4b1ae3c6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000246
Faulting process id: 0x1828
Faulting application start time: 0xdds.com0
Faulting application path: dds.com1
Faulting module path: dds.com2
Report Id: dds.com3

Error: (01/31/2013 08:59:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: NOTEPAD.EXE, version: 6.1.7600.16385, time stamp: 0x4a5bc60f
Faulting module name: qkrdukv.dll, version: 1.9.24.109, time stamp: 0x4c576084
Exception code: 0xc0000005
Fault offset: 0x00001045
Faulting process id: 0x9dc
Faulting application start time: 0xNOTEPAD.EXE0
Faulting application path: NOTEPAD.EXE1
Faulting module path: NOTEPAD.EXE2
Report Id: NOTEPAD.EXE3

Error: (01/31/2013 08:57:19 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional 2007 - Update 'Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\MSI777fc.LOG.

Error: (01/31/2013 08:57:13 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional 2007 -- Error 1406.Setup cannot write the value to the registry key \Software\Classes\CLSID\{F0291081-E87C-4E07-97DA-A0A03761E586}\Version. Verify that you have sufficient permissions to access the registry or contact Microsoft Product Support Services (PSS) for assistance. For information about how to contact PSS, seePSS10R.CHM.

Error: (01/31/2013 08:56:49 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional 2007 - Update 'Microsoft Office 2007 Service Pack 3 (SP3)' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\MSI520f7.LOG.

Error: (01/31/2013 08:56:15 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional 2007 -- Error 1406.Setup cannot write the value to the registry key \Software\Classes\CLSID\{F0291081-E87C-4E07-97DA-A0A03761E586}\Version. Verify that you have sufficient permissions to access the registry or contact Microsoft Product Support Services (PSS) for assistance. For information about how to contact PSS, seePSS10R.CHM.

Error: (01/31/2013 08:50:53 AM) (Source: Application Error) (User: )
Description: Faulting application name: CLMLSvc.exe, version: 4.3.3109.0, time stamp: 0x4a55bfed
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xc0337795
Faulting process id: 0x171c
Faulting application start time: 0xCLMLSvc.exe0
Faulting application path: CLMLSvc.exe1
Faulting module path: CLMLSvc.exe2
Report Id: CLMLSvc.exe3

Error: (01/31/2013 08:50:45 AM) (Source: Application Error) (User: )
Description: Faulting application name: QBW32.EXE, version: 21.0.4009.904, time stamp: 0x4eb45829
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x000771ec
Faulting process id: 0x1368
Faulting application start time: 0xQBW32.EXE0
Faulting application path: QBW32.EXE1
Faulting module path: QBW32.EXE2
Report Id: QBW32.EXE3

Error: (01/31/2013 08:50:39 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle


System errors:
=============
Error: (01/31/2013 08:57:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office PowerPoint 2007 (KB2596764).

Error: (01/31/2013 08:57:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: The 2007 Microsoft Office Suite Service Pack 3 (SP3).

Error: (01/31/2013 08:50:39 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/31/2013 08:49:39 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
trufos

Error: (01/30/2013 05:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office PowerPoint 2007 (KB2596764).

Error: (01/30/2013 05:02:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: The 2007 Microsoft Office Suite Service Pack 3 (SP3).

Error: (01/30/2013 04:55:09 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/30/2013 04:54:51 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
trufos

Error: (01/29/2013 09:46:48 PM) (Source: Service Control Manager) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (01/29/2013 09:45:15 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}


Microsoft Office Sessions:
=========================
Error: (01/20/2013 09:07:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 95 seconds with 60 seconds of active time. This session ended with a crash.

Error: (01/18/2013 07:00:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 39 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/17/2013 11:34:47 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/17/2013 10:49:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/17/2013 10:37:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????=????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????y???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????y?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????y?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????z??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????F???????????????????????m?m???????????????????????L?F??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????m???????????????????????????????????????????????????m??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????L???????????????????????????????????????????????????????????????y??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????y???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????L?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????}????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????D????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????F?????D?????????????????????????????D?????????????????D???????????????????????????N?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????J?????????????????????????????J???????D?????????????????????????????????????????????????????????????????????????????????????????????N?????????????????????????????????????????????????????????????J???????D???????????????????????????????B??????????????????????????????????????????????????????????????????????????????????????????????J??????????????????????????????????????????????????J?????J???????J?????????J?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????N???????????????????????????N????????????????????????'??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????J???????????????????????????????????????????F?????D???????????????????????F?????D?????????????????D???????????????????????????N????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????J?????????????????????????????J???????D???????????????????????????????????????????N?????????????????????????????????????????????????N?????????????????????????????????????????????????????????????J???????D???????????????????????????????B??????????????????????????????????????????????????????????????????????????????????????????????J??????????????????????????????????????????????????J?????J???????J?????????J?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????N???????????????????????????N?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????K, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/17/2013 06:42:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/17/2013 00:41:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 270 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/12/2012 08:37:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 800 seconds with 540 seconds of active time. This session ended with a crash.

Error: (10/15/2012 00:12:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23147 seconds with 2400 seconds of active time. This session ended with a crash.

Error: (04/19/2012 09:04:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 94547 seconds with 360 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-01-31 09:00:48.188
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00176_033\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 22:24:45.532
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00176_033\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 22:01:28.873
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00176_033\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 18:53:23.246
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00176_033\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 17:51:09.649
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00176_033\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 16:53:45.544
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00175_032\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-29 21:42:46.436
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00175_032\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-29 21:23:03.537
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00175_032\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-29 20:47:36.079
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00175_032\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-29 20:10:59.526
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00175_032\avcuf64.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 3.2.1)
Acrobat.com (Version: 1.6.65)
Active RFID Analyzer 1.0.26
Adobe AIR (Version: 3.3.0.3670)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader X (10.1.5) (Version: 10.1.5)
AOL Toolbar
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.4.0)
Ask Toolbar Updater (Version: 1.2.2.23821)
ASP-MG24
Batch PDF Merger (Version: 2.6)
Bing Bar (Version: 7.0.822.0)
Bitdefender Total Security 2012 (Version: 15.0.36)
Bonjour (Version: 1.0.104)
Bonjour (Version: 3.0.0.10)
Brother BRAdmin Light 1.18.0001 (Version: 1.18.0001)
BUFFALO NAS Navigator2
Canon iPF610 User Manual (Version: 1.40)
CCleaner (Version: 3.27)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Paint Shop Pro Photo X2 (Version: 12.50.0001)
Corel VideoStudio 12 (Version: 12.0.0.0000)
CyberLink DVD Suite (Version: 6.0.3101)
D3DX10 (Version: 15.4.2368.0902)
Download Updater (AOL Inc.)
ENE CIR Receiver Driver (Version: 2.7.4.0)
eXtreme Fax Call Controller
EZWebCon
FileZilla Client 3.5.3 (Version: 3.5.3)
Gimp 2.6.2 Debug
Google Chrome (Version: 24.0.1312.56)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
Homepage Protection (Version: )
Honeywell IP Utility (Version: 1.43.00)
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.2.8946.3086)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.0.71)
HP MediaSmart DVD (Version: 3.0.3123)
HP MediaSmart Internet TV (Version: 3.0.1916)
HP MediaSmart Live TV (Version: 3.0.1924)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.0.3123)
HP MediaSmart SmartMenu (Version: 3.0.30.1)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP MediaSmart Webcam (Version: 3.0.1913)
HP Quick Launch Buttons (Version: 6.50.3.1)
HP Setup (Version: 1.2.3220.3079)
HP Smart Web Printing (Version: 131.1.35898)
HP Update (Version: 5.001.000.014)
HP User Guides 0153 (Version: 1.01.0000)
HP Wireless Assistant (Version: 3.50.11.2)
iCloud (Version: 2.1.0.39)
IDT Audio (Version: 1.0.6276.0)
imagePROGRAF Firmware Update Tool (Version: 3.40)
Intel® Turbo Boost Technology Driver (Version: 01.00.00.1030)
Intel Matrix Storage Manager
Internet TV for Windows Media Center (Version: 3.2.1.0)
iTunes (Version: 11.0.1.12)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 37 (Version: 6.0.370)
JavaFX 2.0.3 (Version: 2.0.3)
JMicron Flash Media Controller Driver (Version: 1.0.32.1)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.1913)
Lantronix DeviceInstaller 4.3.0.0 (x64) (Version: 43.00.0500)
LightScribe System Software (Version: 1.18.16.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Lync 2010 Attendee (Version: 4.0.7577.4098)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
NVIDIA Control Panel 295.73 (Version: 295.73)
NVIDIA Graphics Driver 295.73 (Version: 295.73)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0209)
NVIDIA PhysX System Software 9.12.0209 (Version: 9.12.0209)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
PDFCreator (Version: 1.2.0)
pdfforge Toolbar v6.7 (Version: 6.7)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
QLBCASL (Version: 6.40.17.2)
QuickBooks (Version: 21.0.4009.904)
QuickBooks Premier: Professional Services Edition 2011 (Version: 21.0.4009.904)
QuickTime (Version: 7.73.80.64)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0011)
Revo Uninstaller Pro 2.5.7 (Version: 2.5.7)
Safari (Version: 5.34.57.2)
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista (Version: 5.30)
SmartDraw 2012
SupportSoft Assisted Service (Version: 15)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
System Requirements Lab
t@b ZS4 Video Editor v0.958-686
TOPO! Explorer (Version: 1.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VantagePoint (Version: 1.80.0000)
VBA (2627.01) (Version: 6.03.00.9402)
VideoStudio (Version: 12.0.0.0000)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VZAccess Manager (Version: 7.0.11.4)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

**** End of log ****


TDSSKiller:

09:06:06.0698 6980 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:06:07.0073 6980 ============================================================
09:06:07.0073 6980 Current date / time: 2013/01/31 09:06:07.0073
09:06:07.0073 6980 SystemInfo:
09:06:07.0073 6980
09:06:07.0073 6980 OS Version: 6.1.7601 ServicePack: 1.0
09:06:07.0073 6980 Product type: Workstation
09:06:07.0073 6980 ComputerName: REXDELK
09:06:07.0073 6980 UserName: Rex Delk
09:06:07.0073 6980 Windows directory: C:\Windows
09:06:07.0073 6980 System windows directory: C:\Windows
09:06:07.0073 6980 Running under WOW64
09:06:07.0073 6980 Processor architecture: Intel x64
09:06:07.0073 6980 Number of processors: 8
09:06:07.0073 6980 Page size: 0x1000
09:06:07.0073 6980 Boot type: Normal boot
09:06:07.0073 6980 ============================================================
09:06:08.0118 6980 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:06:08.0134 6980 ============================================================
09:06:08.0134 6980 \Device\Harddisk0\DR0:
09:06:08.0134 6980 MBR partitions:
09:06:08.0134 6980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
09:06:08.0134 6980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x384DC000
09:06:08.0134 6980 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38540000, BlocksNum 0x1E12000
09:06:08.0134 6980 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
09:06:08.0134 6980 ============================================================
09:06:08.0165 6980 C: <-> \Device\Harddisk0\DR0\Partition2
09:06:08.0212 6980 D: <-> \Device\Harddisk0\DR0\Partition3
09:06:08.0212 6980 ============================================================
09:06:08.0212 6980 Initialize success
09:06:08.0212 6980 ============================================================
09:06:53.0405 5252 ============================================================
09:06:53.0405 5252 Scan started
09:06:53.0405 5252 Mode: Manual; TDLFS;
09:06:53.0405 5252 ============================================================
09:06:54.0294 5252 ================ Scan system memory ========================
09:06:54.0294 5252 System memory - ok
09:06:54.0294 5252 ================ Scan services =============================
09:06:54.0450 5252 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:06:54.0466 5252 1394ohci - ok
09:06:54.0497 5252 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
09:06:54.0497 5252 Accelerometer - ok
09:06:54.0528 5252 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:06:54.0544 5252 ACPI - ok
09:06:54.0575 5252 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:06:54.0575 5252 AcpiPmi - ok
09:06:54.0684 5252 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:06:54.0684 5252 AdobeARMservice - ok
09:06:54.0824 5252 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:06:54.0824 5252 AdobeFlashPlayerUpdateSvc - ok
09:06:54.0856 5252 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:06:54.0887 5252 adp94xx - ok
09:06:54.0918 5252 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:06:54.0934 5252 adpahci - ok
09:06:54.0949 5252 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:06:54.0949 5252 adpu320 - ok
09:06:54.0980 5252 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:06:54.0980 5252 AeLookupSvc - ok
09:06:55.0074 5252 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
09:06:55.0074 5252 AESTFilters - ok
09:06:55.0121 5252 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:06:55.0136 5252 AFD - ok
09:06:55.0214 5252 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
09:06:55.0214 5252 AgereModemAudio - ok
09:06:55.0355 5252 [ C98356D813B581E9C425B42A5D146CE0 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
09:06:55.0386 5252 AgereSoftModem - ok
09:06:55.0433 5252 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:06:55.0433 5252 agp440 - ok
09:06:55.0448 5252 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:06:55.0448 5252 ALG - ok
09:06:55.0480 5252 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:06:55.0480 5252 aliide - ok
09:06:55.0495 5252 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:06:55.0495 5252 amdide - ok
09:06:55.0526 5252 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:06:55.0526 5252 AmdK8 - ok
09:06:55.0542 5252 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:06:55.0542 5252 AmdPPM - ok
09:06:55.0573 5252 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:06:55.0589 5252 amdsata - ok
09:06:55.0604 5252 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:06:55.0620 5252 amdsbs - ok
09:06:55.0620 5252 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:06:55.0636 5252 amdxata - ok
09:06:55.0682 5252 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:06:55.0682 5252 AppID - ok
09:06:55.0698 5252 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:06:55.0698 5252 AppIDSvc - ok
09:06:55.0729 5252 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:06:55.0729 5252 Appinfo - ok
09:06:55.0807 5252 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:06:55.0823 5252 Apple Mobile Device - ok
09:06:55.0916 5252 [ 89142F8A7C303D9F9A8B38A5385E3FD2 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
09:06:55.0932 5252 Application Updater - ok
09:06:55.0963 5252 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:06:55.0963 5252 arc - ok
09:06:55.0979 5252 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:06:55.0979 5252 arcsas - ok
09:06:56.0072 5252 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:06:56.0072 5252 aspnet_state - ok
09:06:56.0104 5252 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:06:56.0104 5252 AsyncMac - ok
09:06:56.0135 5252 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:06:56.0135 5252 atapi - ok
09:06:56.0182 5252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:06:56.0213 5252 AudioEndpointBuilder - ok
09:06:56.0228 5252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:06:56.0244 5252 AudioSrv - ok
09:06:56.0291 5252 [ E7433C0C2505D8DEE6CA2A446C355595 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
09:06:56.0291 5252 avc3 - ok
09:06:56.0338 5252 [ 3B9549FEF98AB1768A1D6A919F355B70 ] avchv C:\Windows\system32\DRIVERS\avchv.sys
09:06:56.0338 5252 avchv - ok
09:06:56.0384 5252 [ 3CA0BD46B2FC65393A9B1DCAF6E2F7E7 ] avckf C:\Windows\system32\DRIVERS\avckf.sys
09:06:56.0400 5252 avckf - ok
09:06:56.0431 5252 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:06:56.0431 5252 AxInstSV - ok
09:06:56.0478 5252 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:06:56.0494 5252 b06bdrv - ok
09:06:56.0540 5252 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:06:56.0540 5252 b57nd60a - ok
09:06:56.0618 5252 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:06:56.0665 5252 BBSvc - ok
09:06:56.0728 5252 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:06:56.0728 5252 BBUpdate - ok
09:06:56.0743 5252 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:06:56.0743 5252 BDESVC - ok
09:06:56.0821 5252 [ 9920B815BC3B3F2D69071842DD18D422 ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
09:06:56.0821 5252 BdfNdisf - ok
09:06:56.0837 5252 [ EA195950FA5DD4A8F7BC00822213A363 ] bdfsfltr C:\Windows\system32\DRIVERS\bdfsfltr.sys
09:06:56.0852 5252 bdfsfltr - ok
09:06:56.0884 5252 [ 4CE4B0098FC315C237FA8867F07886C4 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
09:06:56.0884 5252 bdfwfpf - ok
09:06:56.0915 5252 [ 31571D77C6186AD228F52EE4EBDF8EE9 ] bdsandbox C:\Windows\system32\drivers\bdsandbox.sys
09:06:56.0915 5252 bdsandbox - ok
09:06:56.0946 5252 [ B89DEFF4817B4CC6FC2BCD8F83B4E75D ] BDVEDISK C:\Windows\system32\DRIVERS\bdvedisk.sys
09:06:56.0946 5252 BDVEDISK - ok
09:06:56.0962 5252 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:06:56.0962 5252 Beep - ok
09:06:57.0024 5252 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:06:57.0055 5252 BFE - ok
09:06:57.0086 5252 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:06:57.0102 5252 BITS - ok
09:06:57.0133 5252 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:06:57.0133 5252 blbdrive - ok
09:06:57.0196 5252 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:06:57.0196 5252 Bonjour Service - ok
09:06:57.0242 5252 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:06:57.0242 5252 bowser - ok
09:06:57.0274 5252 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:06:57.0274 5252 BrFiltLo - ok
09:06:57.0289 5252 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:06:57.0305 5252 BrFiltUp - ok
09:06:57.0336 5252 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:06:57.0352 5252 Browser - ok
09:06:57.0367 5252 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:06:57.0367 5252 Brserid - ok
09:06:57.0414 5252 [ 34F6C504B150F99DAE69D7073D2A4DF4 ] BrSerIf C:\Windows\system32\DRIVERS\BrSerIf.sys
09:06:57.0414 5252 BrSerIf - ok
09:06:57.0430 5252 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:06:57.0430 5252 BrSerWdm - ok
09:06:57.0445 5252 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:06:57.0445 5252 BrUsbMdm - ok
09:06:57.0461 5252 [ 601CB966FFFEBC6806626DC8E7AA0EF2 ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
09:06:57.0461 5252 BrUsbSer - ok
09:06:57.0492 5252 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:06:57.0492 5252 BTHMODEM - ok
09:06:57.0523 5252 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:06:57.0523 5252 bthserv - ok
09:06:57.0554 5252 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:06:57.0554 5252 cdfs - ok
09:06:57.0601 5252 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:06:57.0601 5252 cdrom - ok
09:06:57.0632 5252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:06:57.0632 5252 CertPropSvc - ok
09:06:57.0648 5252 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:06:57.0648 5252 circlass - ok
09:06:57.0679 5252 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:06:57.0679 5252 CLFS - ok
09:06:57.0742 5252 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:06:57.0742 5252 clr_optimization_v2.0.50727_32 - ok
09:06:57.0788 5252 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:06:57.0804 5252 clr_optimization_v2.0.50727_64 - ok
09:06:57.0866 5252 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:06:57.0866 5252 clr_optimization_v4.0.30319_32 - ok
09:06:57.0898 5252 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:06:57.0898 5252 clr_optimization_v4.0.30319_64 - ok
09:06:57.0929 5252 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:06:57.0929 5252 CmBatt - ok
09:06:57.0960 5252 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:06:57.0960 5252 cmdide - ok
09:06:58.0007 5252 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
09:06:58.0022 5252 CNG - ok
09:06:58.0100 5252 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
09:06:58.0116 5252 Com4QLBEx - ok
09:06:58.0132 5252 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:06:58.0132 5252 Compbatt - ok
09:06:58.0163 5252 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:06:58.0178 5252 CompositeBus - ok
09:06:58.0194 5252 COMSysApp - ok
09:06:58.0210 5252 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:06:58.0210 5252 crcdisk - ok
09:06:58.0256 5252 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:06:58.0256 5252 CryptSvc - ok
09:06:58.0303 5252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:06:58.0334 5252 DcomLaunch - ok
09:06:58.0366 5252 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:06:58.0366 5252 defragsvc - ok
09:06:58.0397 5252 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:06:58.0397 5252 DfsC - ok
09:06:58.0444 5252 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:06:58.0459 5252 Dhcp - ok
09:06:58.0475 5252 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:06:58.0475 5252 discache - ok
09:06:58.0506 5252 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:06:58.0506 5252 Disk - ok
09:06:58.0553 5252 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:06:58.0553 5252 Dnscache - ok
09:06:58.0584 5252 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:06:58.0600 5252 dot3svc - ok
09:06:58.0631 5252 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:06:58.0646 5252 dot4 - ok
09:06:58.0678 5252 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
09:06:58.0678 5252 Dot4Print - ok
09:06:58.0709 5252 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:06:58.0724 5252 dot4usb - ok
09:06:58.0756 5252 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:06:58.0756 5252 DPS - ok
09:06:58.0771 5252 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:06:58.0771 5252 drmkaud - ok
09:06:58.0834 5252 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:06:58.0849 5252 DXGKrnl - ok
09:06:58.0865 5252 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:06:58.0880 5252 EapHost - ok
09:06:58.0974 5252 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:06:59.0068 5252 ebdrv - ok
09:06:59.0114 5252 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:06:59.0114 5252 EFS - ok
09:06:59.0161 5252 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:06:59.0192 5252 ehRecvr - ok
09:06:59.0208 5252 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:06:59.0224 5252 ehSched - ok
09:06:59.0255 5252 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:06:59.0270 5252 elxstor - ok
09:06:59.0302 5252 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
09:06:59.0302 5252 enecir - ok
09:06:59.0333 5252 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:06:59.0348 5252 ErrDev - ok
09:06:59.0395 5252 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:06:59.0411 5252 EventSystem - ok
09:06:59.0442 5252 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:06:59.0442 5252 exfat - ok
09:06:59.0473 5252 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:06:59.0473 5252 fastfat - ok
09:06:59.0520 5252 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:06:59.0551 5252 Fax - ok
09:06:59.0567 5252 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:06:59.0567 5252 fdc - ok
09:06:59.0582 5252 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:06:59.0582 5252 fdPHost - ok
09:06:59.0598 5252 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:06:59.0598 5252 FDResPub - ok
09:06:59.0629 5252 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:06:59.0629 5252 FileInfo - ok
09:06:59.0660 5252 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:06:59.0660 5252 Filetrace - ok
09:06:59.0676 5252 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:06:59.0692 5252 flpydisk - ok
09:06:59.0723 5252 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:06:59.0738 5252 FltMgr - ok
09:06:59.0785 5252 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:06:59.0816 5252 FontCache - ok
09:06:59.0863 5252 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:06:59.0863 5252 FontCache3.0.0.0 - ok
09:06:59.0879 5252 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:06:59.0894 5252 FsDepends - ok
09:06:59.0926 5252 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:06:59.0926 5252 fssfltr - ok
09:07:00.0035 5252 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:07:00.0144 5252 fsssvc - ok
09:07:00.0175 5252 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:07:00.0175 5252 Fs_Rec - ok
09:07:00.0222 5252 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:07:00.0222 5252 fvevol - ok
09:07:00.0253 5252 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:07:00.0253 5252 gagp30kx - ok
09:07:00.0316 5252 [ 73A2EC1A8DD15F85F92F8AC303A7E39B ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
09:07:00.0394 5252 GameConsoleService - ok
09:07:00.0409 5252 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:07:00.0409 5252 GEARAspiWDM - ok
09:07:00.0440 5252 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:07:00.0472 5252 gpsvc - ok
09:07:00.0550 5252 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:07:00.0550 5252 gupdate - ok
09:07:00.0581 5252 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:07:00.0581 5252 gupdatem - ok
09:07:00.0628 5252 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:07:00.0643 5252 gusvc - ok
09:07:00.0659 5252 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:07:00.0674 5252 hcw85cir - ok
09:07:00.0721 5252 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:07:00.0721 5252 HdAudAddService - ok
09:07:00.0752 5252 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:07:00.0752 5252 HDAudBus - ok
09:07:00.0768 5252 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:07:00.0784 5252 HidBatt - ok
09:07:00.0799 5252 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:07:00.0815 5252 HidBth - ok
09:07:00.0846 5252 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:07:00.0846 5252 HidIr - ok
09:07:00.0877 5252 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:07:00.0877 5252 hidserv - ok
09:07:00.0908 5252 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:07:00.0908 5252 HidUsb - ok
09:07:00.0940 5252 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:07:00.0940 5252 hkmsvc - ok
09:07:00.0986 5252 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:07:00.0986 5252 HomeGroupListener - ok
09:07:01.0033 5252 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:07:01.0033 5252 HomeGroupProvider - ok
09:07:01.0111 5252 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
09:07:01.0111 5252 HP Support Assistant Service - ok
09:07:01.0127 5252 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
09:07:01.0127 5252 hpdskflt - ok
09:07:01.0158 5252 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
09:07:01.0158 5252 HpqKbFiltr - ok
09:07:01.0220 5252 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
09:07:01.0252 5252 hpqwmiex - ok
09:07:01.0283 5252 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:07:01.0283 5252 HpSAMD - ok
09:07:01.0314 5252 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
09:07:01.0330 5252 hpsrv - ok
09:07:01.0392 5252 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:07:01.0408 5252 HTTP - ok
09:07:01.0439 5252 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:07:01.0439 5252 hwpolicy - ok
09:07:01.0486 5252 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:07:01.0486 5252 i8042prt - ok
09:07:01.0532 5252 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:07:01.0532 5252 iaStor - ok
09:07:01.0579 5252 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:07:01.0595 5252 iaStorV - ok
09:07:01.0688 5252 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:07:01.0766 5252 IDriverT - ok
09:07:01.0829 5252 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:07:01.0860 5252 idsvc - ok
09:07:02.0016 5252 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:07:02.0172 5252 igfx - ok
09:07:02.0203 5252 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:07:02.0203 5252 iirsp - ok
09:07:02.0234 5252 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:07:02.0250 5252 IKEEXT - ok
09:07:02.0312 5252 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
09:07:02.0312 5252 Impcd - ok
09:07:02.0328 5252 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:07:02.0344 5252 intelide - ok
09:07:02.0344 5252 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:07:02.0359 5252 intelppm - ok
09:07:02.0375 5252 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:07:02.0390 5252 IPBusEnum - ok
09:07:02.0422 5252 [ 81E4F49DEE036B93D41CF9075A1FEC47 ] iPFDeviceAgentService C:\Windows\system32\cnwiols6.exe
09:07:02.0437 5252 iPFDeviceAgentService - ok
09:07:02.0468 5252 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:07:02.0468 5252 IpFilterDriver - ok
09:07:02.0531 5252 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:07:02.0546 5252 iphlpsvc - ok
09:07:02.0578 5252 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:07:02.0578 5252 IPMIDRV - ok
09:07:02.0609 5252 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:07:02.0609 5252 IPNAT - ok
09:07:02.0687 5252 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:07:02.0718 5252 iPod Service - ok
09:07:02.0734 5252 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:07:02.0734 5252 IRENUM - ok
09:07:02.0765 5252 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:07:02.0765 5252 isapnp - ok
09:07:02.0780 5252 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:07:02.0796 5252 iScsiPrt - ok
09:07:02.0827 5252 [ F8844B00C10E386C704C610E95A9847D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
09:07:02.0843 5252 JMCR - ok
09:07:02.0858 5252 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:07:02.0874 5252 kbdclass - ok
09:07:02.0890 5252 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:07:02.0890 5252 kbdhid - ok
09:07:02.0921 5252 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:07:02.0921 5252 KeyIso - ok
09:07:02.0952 5252 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:07:02.0968 5252 KSecDD - ok
09:07:02.0999 5252 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:07:02.0999 5252 KSecPkg - ok
09:07:03.0014 5252 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:07:03.0030 5252 ksthunk - ok
09:07:03.0061 5252 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:07:03.0092 5252 KtmRm - ok
09:07:03.0124 5252 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:07:03.0139 5252 LanmanServer - ok
09:07:03.0170 5252 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:07:03.0170 5252 LanmanWorkstation - ok
09:07:03.0217 5252 [ 07B1888209C54B675FFCCBDE9F06D2C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
09:07:03.0217 5252 LightScribeService - ok
09:07:03.0248 5252 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:07:03.0248 5252 lltdio - ok
09:07:03.0280 5252 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:07:03.0295 5252 lltdsvc - ok
09:07:03.0311 5252 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:07:03.0311 5252 lmhosts - ok
09:07:03.0342 5252 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:07:03.0358 5252 LSI_FC - ok
09:07:03.0373 5252 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:07:03.0373 5252 LSI_SAS - ok
09:07:03.0389 5252 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:07:03.0389 5252 LSI_SAS2 - ok
09:07:03.0420 5252 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:07:03.0420 5252 LSI_SCSI - ok
09:07:03.0451 5252 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:07:03.0451 5252 luafv - ok
09:07:03.0498 5252 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:07:03.0498 5252 Mcx2Svc - ok
09:07:03.0529 5252 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:07:03.0545 5252 megasas - ok
09:07:03.0560 5252 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:07:03.0560 5252 MegaSR - ok
09:07:03.0592 5252 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:07:03.0592 5252 MMCSS - ok
09:07:03.0607 5252 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:07:03.0607 5252 Modem - ok
09:07:03.0638 5252 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:07:03.0638 5252 monitor - ok
09:07:03.0685 5252 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:07:03.0685 5252 mouclass - ok
09:07:03.0701 5252 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:07:03.0701 5252 mouhid - ok
09:07:03.0732 5252 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:07:03.0732 5252 mountmgr - ok
09:07:03.0763 5252 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:07:03.0763 5252 mpio - ok
09:07:03.0794 5252 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:07:03.0794 5252 mpsdrv - ok
09:07:03.0841 5252 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:07:03.0872 5252 MpsSvc - ok
09:07:03.0904 5252 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:07:03.0904 5252 MRxDAV - ok
09:07:03.0950 5252 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:07:03.0950 5252 mrxsmb - ok
09:07:03.0982 5252 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:07:03.0997 5252 mrxsmb10 - ok
09:07:04.0013 5252 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:07:04.0013 5252 mrxsmb20 - ok
09:07:04.0044 5252 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:07:04.0044 5252 msahci - ok
09:07:04.0060 5252 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:07:04.0060 5252 msdsm - ok
09:07:04.0075 5252 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:07:04.0091 5252 MSDTC - ok
09:07:04.0106 5252 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:07:04.0122 5252 Msfs - ok
09:07:04.0138 5252 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:07:04.0138 5252 mshidkmdf - ok
09:07:04.0153 5252 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:07:04.0153 5252 msisadrv - ok
09:07:04.0184 5252 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:07:04.0184 5252 MSiSCSI - ok
09:07:04.0184 5252 msiserver - ok
09:07:04.0200 5252 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:07:04.0200 5252 MSKSSRV - ok
09:07:04.0216 5252 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:07:04.0231 5252 MSPCLOCK - ok
09:07:04.0231 5252 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:07:04.0231 5252 MSPQM - ok
09:07:04.0262 5252 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:07:04.0262 5252 MsRPC - ok
09:07:04.0278 5252 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:07:04.0278 5252 mssmbios - ok
09:07:04.0278 5252 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:07:04.0278 5252 MSTEE - ok
09:07:04.0294 5252 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:07:04.0309 5252 MTConfig - ok
09:07:04.0356 5252 [ 3172D8D5855C5C564F70C0E3E19CC974 ] MUD C:\Windows\system32\DRIVERS\MUD.sys
09:07:04.0356 5252 MUD - ok
09:07:04.0372 5252 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:07:04.0387 5252 Mup - ok
09:07:04.0418 5252 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:07:04.0434 5252 napagent - ok
09:07:04.0465 5252 NasPmService - ok
09:07:04.0481 5252 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:07:04.0496 5252 NativeWifiP - ok
09:07:04.0543 5252 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:07:04.0559 5252 NDIS - ok
09:07:04.0590 5252 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:07:04.0590 5252 NdisCap - ok
09:07:04.0606 5252 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:07:04.0621 5252 NdisTapi - ok
09:07:04.0652 5252 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:07:04.0652 5252 Ndisuio - ok
09:07:04.0684 5252 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:07:04.0684 5252 NdisWan - ok
09:07:04.0715 5252 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:07:04.0715 5252 NDProxy - ok
09:07:04.0762 5252 [ BD94210175C488F18ADD3E189EE9304C ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:07:04.0762 5252 Net Driver HPZ12 - ok
09:07:04.0777 5252 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:07:04.0777 5252 NetBIOS - ok
09:07:04.0808 5252 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:07:04.0824 5252 NetBT - ok
09:07:04.0840 5252 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:07:04.0840 5252 Netlogon - ok
09:07:04.0886 5252 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:07:04.0902 5252 Netman - ok
09:07:04.0933 5252 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:07:04.0933 5252 NetMsmqActivator - ok
09:07:04.0933 5252 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:07:04.0949 5252 NetPipeActivator - ok
09:07:04.0980 5252 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:07:05.0011 5252 netprofm - ok
09:07:05.0011 5252 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:07:05.0011 5252 NetTcpActivator - ok
09:07:05.0027 5252 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:07:05.0027 5252 NetTcpPortSharing - ok
09:07:05.0245 5252 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
09:07:05.0417 5252 NETw5s64 - ok
09:07:05.0604 5252 [ D68DE412A3243F8D57DDB814AA509813 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
09:07:05.0729 5252 netw5v64 - ok
09:07:05.0916 5252 [ EB43840BABF5589E33186D094DE7381D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
09:07:06.0056 5252 NETwNs64 - ok
09:07:06.0072 5252 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:07:06.0088 5252 nfrd960 - ok
09:07:06.0119 5252 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:07:06.0134 5252 NlaSvc - ok
09:07:06.0150 5252 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:07:06.0150 5252 Npfs - ok
09:07:06.0181 5252 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:07:06.0181 5252 nsi - ok
09:07:06.0197 5252 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:07:06.0197 5252 nsiproxy - ok
09:07:06.0275 5252 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:07:06.0306 5252 Ntfs - ok
09:07:06.0322 5252 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:07:06.0322 5252 Null - ok
09:07:06.0353 5252 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:07:06.0353 5252 NVHDA - ok
09:07:06.0618 5252 [ 9C1996DD3C0469BC8933321F15709F5A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:07:06.0680 5252 nvlddmkm - ok
09:07:06.0727 5252 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:07:06.0727 5252 nvraid - ok
09:07:06.0758 5252 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:07:06.0758 5252 nvstor - ok
09:07:06.0805 5252 [ 34E5498528BB3D5A951F889F8756AD26 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:07:06.0836 5252 nvsvc - ok
09:07:06.0914 5252 [ CD0BFAA6872CFE38C908D313AE17C350 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:07:06.0946 5252 nvUpdatusService - ok
09:07:06.0961 5252 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:07:06.0961 5252 nv_agp - ok
09:07:07.0024 5252 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:07:07.0180 5252 odserv - ok
09:07:07.0180 5252 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:07:07.0195 5252 ohci1394 - ok
09:07:07.0242 5252 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:07:07.0304 5252 ose - ok
09:07:07.0351 5252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:07:07.0367 5252 p2pimsvc - ok
09:07:07.0382 5252 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:07:07.0398 5252 p2psvc - ok
09:07:07.0414 5252 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:07:07.0429 5252 Parport - ok
09:07:07.0460 5252 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:07:07.0460 5252 partmgr - ok
09:07:07.0476 5252 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:07:07.0492 5252 PcaSvc - ok
09:07:07.0507 5252 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:07:07.0507 5252 pci - ok
09:07:07.0523 5252 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:07:07.0523 5252 pciide - ok
09:07:07.0554 5252 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:07:07.0554 5252 pcmcia - ok
09:07:07.0585 5252 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:07:07.0585 5252 pcw - ok
09:07:07.0616 5252 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:07:07.0648 5252 PEAUTH - ok
09:07:07.0741 5252 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:07:07.0741 5252 PerfHost - ok
09:07:07.0788 5252 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:07:07.0819 5252 pla - ok
09:07:07.0866 5252 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:07:07.0866 5252 PlugPlay - ok
09:07:07.0913 5252 [ 7FE2AFB17D91CF39843D6766EA31CFC7 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:07:07.0913 5252 Pml Driver HPZ12 - ok
09:07:07.0928 5252 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:07:07.0928 5252 PNRPAutoReg - ok
09:07:07.0944 5252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:07:07.0960 5252 PNRPsvc - ok
09:07:07.0975 5252 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:07:07.0975 5252 PolicyAgent - ok
09:07:08.0006 5252 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:07:08.0006 5252 Power - ok
09:07:08.0053 5252 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:07:08.0053 5252 PptpMiniport - ok
09:07:08.0069 5252 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:07:08.0069 5252 Processor - ok
09:07:08.0100 5252 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:07:08.0100 5252 ProfSvc - ok
09:07:08.0131 5252 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:07:08.0131 5252 ProtectedStorage - ok
09:07:08.0178 5252 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:07:08.0178 5252 Psched - ok
09:07:08.0225 5252 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
09:07:08.0225 5252 PSI_SVC_2 - ok
09:07:08.0303 5252 [ 91195091F449699B176FE1305DAD40DA ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
09:07:08.0318 5252 QBCFMonitorService - ok
09:07:08.0350 5252 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
09:07:08.0365 5252 QBFCService - ok
09:07:08.0459 5252 [ 78AFB70DBE365BD6140E6740792AC3EA ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
09:07:08.0490 5252 QBVSS - ok
09:07:08.0552 5252 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:07:08.0615 5252 ql2300 - ok
09:07:08.0630 5252 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:07:08.0630 5252 ql40xx - ok
09:07:08.0677 5252 [ E92CA234469CC386AD81B9DB924FE9D4 ] qrkis C:\Windows\system32\DRIVERS\qrkis.sys
09:07:08.0677 5252 qrkis - ok
09:07:08.0708 5252 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:07:08.0724 5252 QWAVE - ok
09:07:08.0740 5252 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:07:08.0740 5252 QWAVEdrv - ok
09:07:08.0755 5252 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:07:08.0755 5252 RasAcd - ok
09:07:08.0786 5252 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:07:08.0786 5252 RasAgileVpn - ok
09:07:08.0802 5252 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:07:08.0802 5252 RasAuto - ok
09:07:08.0833 5252 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:07:08.0833 5252 Rasl2tp - ok
09:07:08.0864 5252 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:07:08.0880 5252 RasMan - ok
09:07:08.0911 5252 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:07:08.0911 5252 RasPppoe - ok
09:07:08.0927 5252 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:07:08.0927 5252 RasSstp - ok
09:07:08.0974 5252 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:07:08.0974 5252 rdbss - ok
09:07:09.0005 5252 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:07:09.0005 5252 rdpbus - ok
09:07:09.0020 5252 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:07:09.0020 5252 RDPCDD - ok
09:07:09.0052 5252 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:07:09.0052 5252 RDPENCDD - ok
09:07:09.0067 5252 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:07:09.0067 5252 RDPREFMP - ok
09:07:09.0098 5252 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:07:09.0098 5252 RdpVideoMiniport - ok
09:07:09.0130 5252 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:07:09.0130 5252 RDPWD - ok
09:07:09.0161 5252 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:07:09.0176 5252 rdyboost - ok
09:07:09.0192 5252 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:07:09.0208 5252 RemoteAccess - ok
09:07:09.0223 5252 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:07:09.0223 5252 RemoteRegistry - ok
09:07:09.0286 5252 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
09:07:09.0286 5252 Revoflt - ok
09:07:09.0364 5252 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
09:07:09.0364 5252 RichVideo - ok
09:07:09.0379 5252 RimUsb - ok
09:07:09.0410 5252 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
09:07:09.0410 5252 RimVSerPort - ok
09:07:09.0442 5252 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
09:07:09.0442 5252 ROOTMODEM - ok
09:07:09.0457 5252 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:07:09.0457 5252 RpcEptMapper - ok
09:07:09.0488 5252 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:07:09.0488 5252 RpcLocator - ok
09:07:09.0535 5252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:07:09.0535 5252 RpcSs - ok
09:07:09.0566 5252 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:07:09.0566 5252 rspndr - ok
09:07:09.0598 5252 [ FE61B0B4AA58C3BD3DFA6279131F7F53 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:07:09.0613 5252 RTL8167 - ok
09:07:09.0707 5252 [ 2DCA3C6FAAD8CD097C2261B3BD06A5EA ] SafeBox C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
09:07:09.0707 5252 SafeBox - ok
09:07:09.0722 5252 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:07:09.0722 5252 SamSs - ok
09:07:09.0754 5252 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:07:09.0769 5252 sbp2port - ok
09:07:09.0800 5252 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:07:09.0800 5252 SCardSvr - ok
09:07:09.0832 5252 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:07:09.0832 5252 scfilter - ok
09:07:09.0878 5252 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:07:09.0925 5252 Schedule - ok
09:07:09.0956 5252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:07:09.0956 5252 SCPolicySvc - ok
09:07:09.0988 5252 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
09:07:09.0988 5252 sdbus - ok
09:07:10.0019 5252 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:07:10.0034 5252 SDRSVC - ok
09:07:10.0066 5252 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:07:10.0066 5252 secdrv - ok
09:07:10.0081 5252 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:07:10.0081 5252 seclogon - ok
09:07:10.0112 5252 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:07:10.0112 5252 SENS - ok
09:07:10.0144 5252 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:07:10.0144 5252 SensrSvc - ok
09:07:10.0175 5252 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:07:10.0175 5252 Serenum - ok
09:07:10.0190 5252 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:07:10.0190 5252 Serial - ok
09:07:10.0222 5252 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:07:10.0222 5252 sermouse - ok
09:07:10.0284 5252 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:07:10.0300 5252 SessionEnv - ok
09:07:10.0315 5252 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:07:10.0331 5252 sffdisk - ok
09:07:10.0346 5252 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:07:10.0346 5252 sffp_mmc - ok
09:07:10.0362 5252 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:07:10.0362 5252 sffp_sd - ok
09:07:10.0378 5252 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:07:10.0378 5252 sfloppy - ok
09:07:10.0409 5252 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:07:10.0409 5252 SharedAccess - ok
09:07:10.0440 5252 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:07:10.0456 5252 ShellHWDetection - ok
09:07:10.0487 5252 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:07:10.0487 5252 SiSRaid2 - ok
09:07:10.0502 5252 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:07:10.0518 5252 SiSRaid4 - ok
09:07:10.0534 5252 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:07:10.0534 5252 Smb - ok
09:07:10.0580 5252 [ B5D3C24E4EA8E6D4850E83DAD8C510D4 ] SMSIVZAM5X64 C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS
09:07:10.0580 5252 SMSIVZAM5X64 - ok
09:07:10.0612 5252 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:07:10.0627 5252 SNMPTRAP - ok
09:07:10.0627 5252 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:07:10.0627 5252 spldr - ok
09:07:10.0674 5252 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:07:10.0705 5252 Spooler - ok
09:07:10.0799 5252 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:07:10.0892 5252 sppsvc - ok
09:07:10.0908 5252 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:07:10.0908 5252 sppuinotify - ok
09:07:10.0939 5252 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:07:10.0939 5252 srv - ok
09:07:10.0970 5252 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:07:10.0986 5252 srv2 - ok
09:07:11.0017 5252 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
09:07:11.0017 5252 SrvHsfHDA - ok
09:07:11.0048 5252 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
09:07:11.0095 5252 SrvHsfV92 - ok
09:07:11.0111 5252 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
09:07:11.0142 5252 SrvHsfWinac - ok
09:07:11.0142 5252 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:07:11.0158 5252 srvnet - ok
09:07:11.0173 5252 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:07:11.0173 5252 SSDPSRV - ok
09:07:11.0189 5252 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:07:11.0204 5252 SstpSvc - ok
09:07:11.0329 5252 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
09:07:11.0329 5252 STacSV - ok
09:07:11.0360 5252 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:07:11.0360 5252 stexstor - ok
09:07:11.0407 5252 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
09:07:11.0423 5252 STHDA - ok
09:07:11.0470 5252 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:07:11.0501 5252 stisvc - ok
09:07:11.0532 5252 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:07:11.0532 5252 swenum - ok
09:07:11.0563 5252 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:07:11.0579 5252 swprv - ok
09:07:11.0626 5252 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:07:11.0641 5252 SynTP - ok
09:07:11.0704 5252 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:07:11.0750 5252 SysMain - ok
09:07:11.0782 5252 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:07:11.0797 5252 TabletInputService - ok
09:07:11.0813 5252 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:07:11.0828 5252 TapiSrv - ok
09:07:11.0844 5252 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:07:11.0844 5252 TBS - ok
09:07:11.0922 5252 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:07:11.0953 5252 Tcpip - ok
09:07:12.0016 5252 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:07:12.0031 5252 TCPIP6 - ok
09:07:12.0062 5252 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:07:12.0062 5252 tcpipreg - ok
09:07:12.0078 5252 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:07:12.0078 5252 TDPIPE - ok
09:07:12.0109 5252 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:07:12.0109 5252 TDTCP - ok
09:07:12.0140 5252 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:07:12.0140 5252 tdx - ok
09:07:12.0172 5252 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:07:12.0172 5252 TermDD - ok
09:07:12.0218 5252 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:07:12.0234 5252 TermService - ok
09:07:12.0265 5252 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:07:12.0265 5252 Themes - ok
09:07:12.0296 5252 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:07:12.0296 5252 THREADORDER - ok
09:07:12.0328 5252 [ 519CB7D7F697F4BA47DE05845C20F158 ] TlntSvr C:\Windows\System32\tlntsvr.exe
09:07:12.0343 5252 TlntSvr - ok
09:07:12.0359 5252 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:07:12.0359 5252 TrkWks - ok
09:07:12.0421 5252 [ DF219721DDFFCBE03AA894B6B6742BA1 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
09:07:12.0421 5252 trufos - ok
09:07:12.0468 5252 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:07:12.0484 5252 TrustedInstaller - ok
09:07:12.0499 5252 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:07:12.0515 5252 tssecsrv - ok
09:07:12.0546 5252 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:07:12.0546 5252 TsUsbFlt - ok
09:07:12.0608 5252 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:07:12.0608 5252 tunnel - ok
09:07:12.0640 5252 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:07:12.0640 5252 uagp35 - ok
09:07:12.0671 5252 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:07:12.0671 5252 udfs - ok
09:07:12.0702 5252 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:07:12.0718 5252 UI0Detect - ok
09:07:12.0749 5252 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:07:12.0749 5252 uliagpkx - ok
09:07:12.0780 5252 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:07:12.0780 5252 umbus - ok
09:07:12.0811 5252 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:07:12.0827 5252 UmPass - ok
09:07:12.0905 5252 [ 7DE3F30967CF77BD1FC440C2B847629A ] Update Server C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
09:07:12.0936 5252 Update Server - ok
09:07:12.0983 5252 [ DDC49896DC045AADC1988D0D0330811A ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
09:07:12.0983 5252 UPDATESRV - ok
09:07:13.0014 5252 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:07:13.0030 5252 upnphost - ok
09:07:13.0061 5252 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:07:13.0076 5252 USBAAPL64 - ok
09:07:13.0108 5252 [ C73CB90E6A2FF90FD02451A8DFC6AF8A ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
09:07:13.0108 5252 usbbus - ok
09:07:13.0154 5252 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:07:13.0154 5252 usbccgp - ok
09:07:13.0201 5252 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:07:13.0201 5252 usbcir - ok
09:07:13.0217 5252 [ 856CE1F23785369BB5A2DE0AEDAD0AA7 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
09:07:13.0217 5252 UsbDiag - ok
09:07:13.0232 5252 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:07:13.0248 5252 usbehci - ok
09:07:13.0264 5252 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:07:13.0279 5252 usbhub - ok
09:07:13.0326 5252 [ F81055629778D33C9317B32E4D2B58DB ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
09:07:13.0326 5252 USBModem - ok
09:07:13.0357 5252 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:07:13.0357 5252 usbohci - ok
09:07:13.0388 5252 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:07:13.0388 5252 usbprint - ok
09:07:13.0435 5252 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:07:13.0435 5252 usbscan - ok
09:07:13.0451 5252 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:07:13.0466 5252 USBSTOR - ok
09:07:13.0482 5252 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:07:13.0482 5252 usbuhci - ok
09:07:13.0513 5252 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:07:13.0529 5252 usbvideo - ok
09:07:13.0544 5252 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:07:13.0560 5252 UxSms - ok
09:07:13.0576 5252 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:07:13.0576 5252 VaultSvc - ok
09:07:13.0591 5252 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:07:13.0591 5252 vdrvroot - ok
09:07:13.0638 5252 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:07:13.0654 5252 vds - ok
09:07:13.0685 5252 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:07:13.0685 5252 vga - ok
09:07:13.0700 5252 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:07:13.0700 5252 VgaSave - ok
09:07:13.0716 5252 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:07:13.0732 5252 vhdmp - ok
09:07:13.0747 5252 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:07:13.0747 5252 viaide - ok
09:07:13.0763 5252 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:07:13.0778 5252 volmgr - ok
09:07:13.0810 5252 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:07:13.0810 5252 volmgrx - ok
09:07:13.0841 5252 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:07:13.0841 5252 volsnap - ok
09:07:13.0872 5252 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:07:13.0872 5252 vsmraid - ok
09:07:13.0934 5252 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:07:13.0997 5252 VSS - ok
09:07:14.0012 5252 VSSERV - ok
09:07:14.0028 5252 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:07:14.0028 5252 vwifibus - ok
09:07:14.0044 5252 [ 6A3D66263414FF0D6FA754C646612F3F ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:07:14.0044 5252 VWiFiFlt - ok
09:07:14.0059 5252 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:07:14.0059 5252 vwifimp - ok
09:07:14.0090 5252 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:07:14.0090 5252 W32Time - ok
09:07:14.0122 5252 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:07:14.0122 5252 WacomPen - ok
09:07:14.0137 5252 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:07:14.0153 5252 WANARP - ok
09:07:14.0168 5252 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:07:14.0168 5252 Wanarpv6 - ok
09:07:14.0215 5252 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:07:14.0231 5252 WatAdminSvc - ok
09:07:14.0278 5252 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:07:14.0309 5252 wbengine - ok
09:07:14.0324 5252 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:07:14.0324 5252 WbioSrvc - ok
09:07:14.0371 5252 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:07:14.0387 5252 wcncsvc - ok
09:07:14.0402 5252 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:07:14.0402 5252 WcsPlugInService - ok
09:07:14.0434 5252 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:07:14.0434 5252 Wd - ok
09:07:14.0480 5252 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:07:14.0496 5252 Wdf01000 - ok
09:07:14.0512 5252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:07:14.0527 5252 WdiServiceHost - ok
09:07:14.0527 5252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:07:14.0527 5252 WdiSystemHost - ok
09:07:14.0558 5252 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:07:14.0558 5252 WebClient - ok
09:07:14.0590 5252 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:07:14.0590 5252 Wecsvc - ok
09:07:14.0605 5252 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:07:14.0621 5252 wercplsupport - ok
09:07:14.0636 5252 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:07:14.0636 5252 WerSvc - ok
09:07:14.0668 5252 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:07:14.0668 5252 WfpLwf - ok
09:07:14.0683 5252 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:07:14.0699 5252 WIMMount - ok
09:07:14.0714 5252 WinDefend - ok
09:07:14.0714 5252 WinHttpAutoProxySvc - ok
09:07:14.0777 5252 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:07:14.0777 5252 Winmgmt - ok
09:07:14.0855 5252 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:07:14.0902 5252 WinRM - ok
09:07:14.0948 5252 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:07:14.0948 5252 WinUsb - ok
09:07:14.0980 5252 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:07:15.0011 5252 Wlansvc - ok
09:07:15.0073 5252 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:07:15.0089 5252 wlcrasvc - ok
09:07:15.0229 5252 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:07:15.0260 5252 wlidsvc - ok
09:07:15.0276 5252 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:07:15.0276 5252 WmiAcpi - ok
09:07:15.0307 5252 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:07:15.0307 5252 wmiApSrv - ok
09:07:15.0323 5252 WMPNetworkSvc - ok
09:07:15.0338 5252 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:07:15.0338 5252 WPCSvc - ok
09:07:15.0385 5252 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:07:15.0385 5252 WPDBusEnum - ok
09:07:15.0416 5252 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:07:15.0416 5252 ws2ifsl - ok
09:07:15.0432 5252 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:07:15.0432 5252 wscsvc - ok
09:07:15.0463 5252 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:07:15.0463 5252 WSDPrintDevice - ok
09:07:15.0479 5252 WSearch - ok
09:07:15.0635 5252 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:07:15.0713 5252 wuauserv - ok
09:07:15.0744 5252 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:07:15.0744 5252 WudfPf - ok
09:07:15.0760 5252 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:07:15.0760 5252 WUDFRd - ok
09:07:15.0775 5252 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:07:15.0791 5252 wudfsvc - ok
09:07:15.0806 5252 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:07:15.0822 5252 WwanSvc - ok
09:07:15.0884 5252 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:07:15.0884 5252 YahooAUService - ok
09:07:15.0947 5252 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
09:07:15.0947 5252 yukonw7 - ok
09:07:15.0994 5252 ================ Scan global ===============================
09:07:16.0009 5252 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:07:16.0040 5252 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:07:16.0056 5252 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:07:16.0087 5252 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:07:16.0103 5252 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:07:16.0118 5252 [Global] - ok
09:07:16.0134 5252 ================ Scan MBR ==================================
09:07:16.0150 5252 [ 59E8699D6ACAEA8EBB8A3ED243D39140 ] \Device\Harddisk0\DR0
09:07:16.0586 5252 \Device\Harddisk0\DR0 - ok
09:07:16.0586 5252 ================ Scan VBR ==================================
09:07:16.0618 5252 [ E6C7EEAAEF3B5616889CDD4DA1CB71E2 ] \Device\Harddisk0\DR0\Partition1
09:07:16.0618 5252 \Device\Harddisk0\DR0\Partition1 - ok
09:07:16.0633 5252 [ D680981E1F6FB40CE05F846F9BA5970B ] \Device\Harddisk0\DR0\Partition2
09:07:16.0633 5252 \Device\Harddisk0\DR0\Partition2 - ok
09:07:16.0664 5252 [ 37BD82CB7583E96D7D899F42ABC802B1 ] \Device\Harddisk0\DR0\Partition3
09:07:16.0680 5252 \Device\Harddisk0\DR0\Partition3 - ok
09:07:16.0696 5252 [ 576D02A4B4D56296C1F6BD1635DB5FEC ] \Device\Harddisk0\DR0\Partition4
09:07:16.0696 5252 \Device\Harddisk0\DR0\Partition4 - ok
09:07:16.0696 5252 ============================================================
09:07:16.0696 5252 Scan finished
09:07:16.0696 5252 ============================================================
09:07:16.0711 3200 Detected object count: 0
09:07:16.0711 3200 Actual detected object count: 0

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 31 January 2013 - 12:49 PM

When it ends is the an option to click FIX or FIXMBR? if so click that..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 sissymac70

sissymac70
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 31 January 2013 - 01:34 PM

Yes, I get the FixMBR button. When I click on it, I get a warning message saying "Writing a new master boot record to your system could damage your partition tables and cause your partitions to become inaccessible. This application writes standard Windows MBR code. Are you sure you want to fix the MBR?"

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 31 January 2013 - 02:51 PM

Yes you do..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 sissymac70

sissymac70
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 31 January 2013 - 03:47 PM

OK! It says "Disk 0 Windows 601 MBR fixed successfully"

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 31 January 2013 - 04:00 PM

Nice!! now lets check.. the redirect is gone ?

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

Edited by boopme, 31 January 2013 - 04:00 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 sissymac70

sissymac70
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 31 January 2013 - 05:05 PM

I already have MalwareBytes installed. Do I need to uninstall/reinstall or just do the scan?

BTW... it is still redirecting.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 31 January 2013 - 11:10 PM

No,just update and scan.' What browser are you using.

Edited by boopme, 31 January 2013 - 11:18 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 sissymac70

sissymac70
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 01 February 2013 - 09:18 AM

Browser is IE8.

I cannot open MalwareBytes when Windows opens normally. I was able to open it in Safe mode, then update and run the scan. It came back with 1 infected file,(Files Detected: 1 C:\Users\Rex Delk\AppData\Local\Temp\0.9459370313578076 (Trojan.Happili) -> Quarantined and deleted successfully.).

On restart in normal mode, I got a RunDLL error. "There was a problem starting C:\Users\Rex Delk\AppData\Local\Diagnostics\Corel\qkrdukv.dll Access is denied!" That file is one that aswMBR originally identified as infected.

#12 sissymac70

sissymac70
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 01 February 2013 - 01:04 PM

Ok! My redirect issue might be resolved. I say might because I've read where others thought it was resolved only to have it pop back up again a few days later. I'm not sure what made the difference, but I was able to get MalwareBytes to open, update, and scan in normal mode. It came back clean, as did BitDefender, and aswMBR. I did several searches and none of them redirected. I do, however, still have a dll error. Same file as before, except now instead of "Access is denied" it says "The specified module could not be found." Maybe MalwareBytes deleted it since it was infected??

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 01 February 2013 - 02:47 PM

Its not unusual to receive such an error after using specialized fix tools.

A "Cannot find...", "Could not run...", "Error loading... or "specific module could not be found" message is usually related to malware that was set to run at startup but has been deleted. Windows is trying to load this file but cannot locate it since the file was mostly likely removed during an anti-virus or anti-malware scan. However, an associated orphaned registry entry remains and is telling Windows to load the file when you boot up. Since the file no longer exists, Windows will display an error message. You need to remove this registry entry so Windows stops searching for the file when it loads.

To resolve this, download Autoruns, search for the related entry and then delete it.

Create a new folder on your hard drive called AutoRuns (C:\AutoRuns) and extract (unzip) the file there. (click here if you're not sure how to do this.)
Open the folder and double-click on autoruns.exe to launch it.
Please be patient as it scans and populates the entries.
When done scanning, it will say Ready at the bottom.
Scroll through the list and look for a startup entry related to the file(s) in the error message.
Right-click on the entry and choose delete. [/b]
Reboot your computer and see if the startup error returns.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 sissymac70

sissymac70
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 01 February 2013 - 05:32 PM

OUTSTANDING!! You are officially "The Man"!!! Which by default, will make me "The Wo-Man" when my husband gets home! (Shhh!!) Thank you for your help!! Since you are such a master, I've got one more for you, on an unrelated topic. For about 6 months now, he has been unable to open an Excel file simply by double-clicking on the file. When he does he gets the error "There was a problem sending the command to the program". His work around has been to open Excel, search for the file, and open it that way. Time consuming and frustrating!! Any ideas??

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 01 February 2013 - 07:56 PM

My lips are sealed B) and thanks for saying I'm The Man :lol: ... Excellent.!! we still need to run 2 apps to be sure it's clean. It may also solve the other issue..

Do you NOT have an antivirus??

First go into control panel,Programs uninstall remove these. They are outdated and can allow infection in.
Java 7 Update 7 (Version: 7.0.70)
Java 6 Update 14 (64-bit) (Version: 6.0.140)
Java 6 Update 37 (Version: 6.0.370)
Reboot

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>
This one needs an hour or two but needs to be run..
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users