Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

FBI MoneyPak Virus

Started by jmkearney , Jun 30 2012 10:58 PM

Please log in to reply

27 replies to this topic

#1 jmkearney

New Member

Members
14 posts

Posted 30 June 2012 - 10:58 PM

First time poster with the FBI MoneyPak Virus, which took over my user (not my wife's/kids' sides) and I've been hostage since. Downloaded a couple of "free, then pay" deals that didn't work. MBAM did not detect it, Avast didn't either. Microsoft Safety Scanner (MSS) has been running for 7.5 hours and has scanned 2.4 million files. Only one file is infected, but MSS is still running. Need help please....

BC Ads
BleepingComputer.com

#2 ElFasso

Forum Regular

Members
229 posts

Gender:Male
Location:Belgium

Posted 01 July 2012 - 01:45 AM

Try this instead:

Download Kaspersky Virus Removal to your Desktop.

Posted Image

Edited by ElFasso, 01 July 2012 - 01:47 AM.

#3 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 01 July 2012 - 04:12 AM

Please do not recommend kaspersky virus removal tool in this forum

Boot the PC into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 jmkearney

New Member

Members
14 posts

Posted 01 July 2012 - 06:31 PM

TDSSKiller Log (with TDLFS on):

08:35:31.0171 1804 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
08:35:31.0671 1804 ============================================================
08:35:31.0671 1804 Current date / time: 2012/07/01 08:35:31.0671
08:35:31.0671 1804 SystemInfo:
08:35:31.0671 1804
08:35:31.0671 1804 OS Version: 6.1.7601 ServicePack: 1.0
08:35:31.0671 1804 Product type: Workstation
08:35:31.0671 1804 ComputerName: CHAMPYHP06-PC
08:35:31.0671 1804 UserName: Hedgehog
08:35:31.0671 1804 Windows directory: C:\Windows
08:35:31.0671 1804 System windows directory: C:\Windows
08:35:31.0671 1804 Running under WOW64
08:35:31.0671 1804 Processor architecture: Intel x64
08:35:31.0671 1804 Number of processors: 2
08:35:31.0671 1804 Page size: 0x1000
08:35:31.0671 1804 Boot type: Safe boot with network
08:35:31.0671 1804 ============================================================
08:35:32.0812 1804 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:35:32.0828 1804 ============================================================
08:35:32.0828 1804 \Device\Harddisk0\DR0:
08:35:32.0828 1804 MBR partitions:
08:35:32.0828 1804 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C0D6631
08:35:32.0828 1804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x1C0DA531, BlocksNum 0x10EA050
08:35:32.0828 1804 ============================================================
08:35:32.0859 1804 C: <-> \Device\Harddisk0\DR0\Partition0
08:35:32.0875 1804 D: <-> \Device\Harddisk0\DR0\Partition1
08:35:32.0875 1804 ============================================================
08:35:32.0875 1804 Initialize success
08:35:32.0875 1804 ============================================================
08:35:35.0093 1800 ============================================================
08:35:35.0093 1800 Scan started
08:35:35.0093 1800 Mode: Manual;
08:35:35.0093 1800 ============================================================
08:35:36.0718 1800 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:35:36.0718 1800 1394ohci - ok
08:35:36.0812 1800 44674880 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\44674880.sys
08:35:36.0828 1800 44674880 - ok
08:35:36.0906 1800 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:35:36.0906 1800 ACPI - ok
08:35:36.0937 1800 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:35:36.0937 1800 AcpiPmi - ok
08:35:37.0046 1800 AdobeARMservice - ok
08:35:37.0125 1800 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:35:37.0125 1800 adp94xx - ok
08:35:37.0187 1800 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:35:37.0187 1800 adpahci - ok
08:35:37.0218 1800 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:35:37.0218 1800 adpu320 - ok
08:35:37.0265 1800 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:35:37.0265 1800 AeLookupSvc - ok
08:35:37.0359 1800 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
08:35:37.0375 1800 AFD - ok
08:35:37.0421 1800 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:35:37.0421 1800 agp440 - ok
08:35:37.0453 1800 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:35:37.0453 1800 ALG - ok
08:35:37.0484 1800 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:35:37.0484 1800 aliide - ok
08:35:37.0531 1800 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:35:37.0531 1800 amdide - ok
08:35:37.0593 1800 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:35:37.0593 1800 AmdK8 - ok
08:35:37.0609 1800 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:35:37.0609 1800 AmdPPM - ok
08:35:37.0625 1800 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:35:37.0640 1800 amdsata - ok
08:35:37.0671 1800 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:35:37.0671 1800 amdsbs - ok
08:35:37.0703 1800 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:35:37.0703 1800 amdxata - ok
08:35:37.0765 1800 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:35:37.0765 1800 AppID - ok
08:35:37.0812 1800 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:35:37.0812 1800 AppIDSvc - ok
08:35:37.0859 1800 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:35:37.0859 1800 Appinfo - ok
08:35:37.0984 1800 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:35:37.0984 1800 Apple Mobile Device - ok
08:35:38.0046 1800 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:35:38.0046 1800 arc - ok
08:35:38.0078 1800 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:35:38.0078 1800 arcsas - ok
08:35:38.0125 1800 aswFsBlk (5d0fcd12a43e92409eb2ac88c6cf7d48) C:\Windows\system32\drivers\aswFsBlk.sys
08:35:38.0125 1800 aswFsBlk - ok
08:35:38.0140 1800 aswMonFlt (d51d963c2357b02a862f99bc0802aabb) C:\Windows\system32\drivers\aswMonFlt.sys
08:35:38.0156 1800 aswMonFlt - ok
08:35:38.0171 1800 aswRdr (f2a846c15ea4e35d0a8e53891abdf528) C:\Windows\System32\Drivers\aswrdr2.sys
08:35:38.0171 1800 aswRdr - ok
08:35:38.0250 1800 aswSnx (87542057e699eed8d1a545c75cef4547) C:\Windows\system32\drivers\aswSnx.sys
08:35:38.0250 1800 aswSnx - ok
08:35:38.0296 1800 aswSP (58143f82d886e10bafe33dc57eee53f9) C:\Windows\system32\drivers\aswSP.sys
08:35:38.0296 1800 aswSP - ok
08:35:38.0343 1800 aswTdi (c944767bd5e69bf3f49a6562abd4eaea) C:\Windows\system32\drivers\aswTdi.sys
08:35:38.0343 1800 aswTdi - ok
08:35:38.0375 1800 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:35:38.0375 1800 AsyncMac - ok
08:35:38.0421 1800 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:35:38.0421 1800 atapi - ok
08:35:38.0515 1800 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
08:35:38.0515 1800 atksgt - ok
08:35:38.0625 1800 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:35:38.0640 1800 AudioEndpointBuilder - ok
08:35:38.0640 1800 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:35:38.0640 1800 AudioSrv - ok
08:35:38.0812 1800 avast! Antivirus (b31f785751157aa8e2a33ea1cb4dc5be) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:35:38.0812 1800 avast! Antivirus - ok
08:35:39.0265 1800 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
08:35:39.0359 1800 AVGIDSAgent - ok
08:35:39.0593 1800 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
08:35:39.0593 1800 AVGIDSDriver - ok
08:35:39.0640 1800 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
08:35:39.0640 1800 AVGIDSFilter - ok
08:35:39.0687 1800 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
08:35:39.0687 1800 AVGIDSHA - ok
08:35:39.0750 1800 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
08:35:39.0750 1800 Avgldx64 - ok
08:35:39.0812 1800 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
08:35:39.0812 1800 Avgmfx64 - ok
08:35:39.0843 1800 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
08:35:39.0843 1800 Avgrkx64 - ok
08:35:39.0890 1800 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
08:35:39.0890 1800 Avgtdia - ok
08:35:40.0031 1800 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
08:35:40.0031 1800 avgwd - ok
08:35:40.0093 1800 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:35:40.0109 1800 AxInstSV - ok
08:35:40.0187 1800 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:35:40.0187 1800 b06bdrv - ok
08:35:40.0234 1800 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:35:40.0234 1800 b57nd60a - ok
08:35:40.0359 1800 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
08:35:40.0359 1800 BBSvc - ok
08:35:40.0375 1800 BBUpdate - ok
08:35:40.0437 1800 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:35:40.0437 1800 BDESVC - ok
08:35:40.0453 1800 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:35:40.0453 1800 Beep - ok
08:35:40.0546 1800 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
08:35:40.0562 1800 BITS - ok
08:35:40.0609 1800 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:35:40.0609 1800 blbdrive - ok
08:35:40.0734 1800 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
08:35:40.0750 1800 Bonjour Service - ok
08:35:40.0796 1800 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:35:40.0796 1800 bowser - ok
08:35:40.0828 1800 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:35:40.0828 1800 BrFiltLo - ok
08:35:40.0843 1800 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:35:40.0843 1800 BrFiltUp - ok
08:35:40.0953 1800 Brother XP spl Service (c711ed965009bdcff9aa62ceb6ff1aad) C:\Windows\SysWOW64\brsvc01a.exe
08:35:40.0953 1800 Brother XP spl Service - ok
08:35:41.0015 1800 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:35:41.0015 1800 Browser - ok
08:35:41.0062 1800 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
08:35:41.0062 1800 Brserid - ok
08:35:41.0078 1800 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:35:41.0078 1800 BrSerWdm - ok
08:35:41.0109 1800 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:35:41.0109 1800 BrUsbMdm - ok
08:35:41.0125 1800 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
08:35:41.0125 1800 BrUsbSer - ok
08:35:41.0156 1800 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:35:41.0156 1800 BTHMODEM - ok
08:35:41.0218 1800 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:35:41.0218 1800 bthserv - ok
08:35:41.0296 1800 CAXHWBS2 (46f088d1247e825b313200254edd9e5b) C:\Windows\system32\DRIVERS\CAXHWBS2.sys
08:35:41.0312 1800 CAXHWBS2 - ok
08:35:41.0328 1800 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:35:41.0328 1800 cdfs - ok
08:35:41.0406 1800 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
08:35:41.0406 1800 cdrom - ok
08:35:41.0468 1800 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:35:41.0468 1800 CertPropSvc - ok
08:35:41.0500 1800 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:35:41.0500 1800 circlass - ok
08:35:41.0562 1800 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:35:41.0562 1800 CLFS - ok
08:35:41.0640 1800 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:35:41.0656 1800 clr_optimization_v2.0.50727_32 - ok
08:35:41.0734 1800 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:35:41.0734 1800 clr_optimization_v2.0.50727_64 - ok
08:35:41.0875 1800 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:35:42.0000 1800 clr_optimization_v4.0.30319_32 - ok
08:35:42.0109 1800 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:35:42.0109 1800 clr_optimization_v4.0.30319_64 - ok
08:35:42.0171 1800 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:35:42.0171 1800 CmBatt - ok
08:35:42.0218 1800 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:35:42.0218 1800 cmdide - ok
08:35:42.0281 1800 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
08:35:42.0281 1800 CNG - ok
08:35:42.0359 1800 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:35:42.0359 1800 Compbatt - ok
08:35:42.0421 1800 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:35:42.0421 1800 CompositeBus - ok
08:35:42.0421 1800 COMSysApp - ok
08:35:42.0453 1800 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:35:42.0453 1800 crcdisk - ok
08:35:42.0546 1800 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
08:35:42.0546 1800 CryptSvc - ok
08:35:42.0640 1800 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:35:42.0640 1800 DcomLaunch - ok
08:35:42.0703 1800 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:35:42.0718 1800 defragsvc - ok
08:35:42.0781 1800 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:35:42.0781 1800 DfsC - ok
08:35:42.0828 1800 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:35:42.0828 1800 Dhcp - ok
08:35:42.0875 1800 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:35:42.0875 1800 discache - ok
08:35:42.0906 1800 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:35:42.0906 1800 Disk - ok
08:35:42.0968 1800 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:35:42.0968 1800 Dnscache - ok
08:35:43.0031 1800 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:35:43.0031 1800 dot3svc - ok
08:35:43.0093 1800 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:35:43.0093 1800 DPS - ok
08:35:43.0156 1800 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:35:43.0156 1800 drmkaud - ok
08:35:43.0265 1800 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:35:43.0265 1800 DXGKrnl - ok
08:35:43.0343 1800 e1express (099e01a94167ca8bda2cf72037ad0e28) C:\Windows\system32\DRIVERS\e1e6232e.sys
08:35:43.0343 1800 e1express - ok
08:35:43.0390 1800 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:35:43.0390 1800 EapHost - ok
08:35:43.0640 1800 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:35:43.0671 1800 ebdrv - ok
08:35:43.0828 1800 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
08:35:43.0828 1800 EFS - ok
08:35:43.0937 1800 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:35:43.0937 1800 ehRecvr - ok
08:35:44.0000 1800 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:35:44.0000 1800 ehSched - ok
08:35:44.0109 1800 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:35:44.0109 1800 elxstor - ok
08:35:44.0156 1800 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:35:44.0156 1800 ErrDev - ok
08:35:44.0265 1800 esgiguard - ok
08:35:44.0343 1800 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:35:44.0343 1800 EventSystem - ok
08:35:44.0375 1800 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:35:44.0375 1800 exfat - ok
08:35:44.0406 1800 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:35:44.0406 1800 fastfat - ok
08:35:44.0500 1800 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:35:44.0500 1800 Fax - ok
08:35:44.0531 1800 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:35:44.0531 1800 fdc - ok
08:35:44.0562 1800 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:35:44.0562 1800 fdPHost - ok
08:35:44.0578 1800 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:35:44.0578 1800 FDResPub - ok
08:35:44.0593 1800 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:35:44.0593 1800 FileInfo - ok
08:35:44.0625 1800 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:35:44.0625 1800 Filetrace - ok
08:35:44.0781 1800 FlipShare Service (869bde240b7fe9c7b25bd80df85641c8) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
08:35:44.0781 1800 FlipShare Service - ok
08:35:44.0937 1800 FlipShareServer (9c330b7ddee9492373041e75da01f80c) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
08:35:44.0953 1800 FlipShareServer - ok
08:35:45.0125 1800 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:35:45.0125 1800 flpydisk - ok
08:35:45.0187 1800 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:35:45.0187 1800 FltMgr - ok
08:35:45.0312 1800 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:35:45.0328 1800 FontCache - ok
08:35:45.0421 1800 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:35:45.0437 1800 FontCache3.0.0.0 - ok
08:35:45.0453 1800 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:35:45.0453 1800 FsDepends - ok
08:35:45.0500 1800 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
08:35:45.0500 1800 Fs_Rec - ok
08:35:45.0578 1800 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:35:45.0593 1800 fvevol - ok
08:35:45.0609 1800 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:35:45.0609 1800 gagp30kx - ok
08:35:45.0671 1800 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:35:45.0671 1800 GEARAspiWDM - ok
08:35:45.0765 1800 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:35:45.0765 1800 gpsvc - ok
08:35:45.0828 1800 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys
08:35:45.0828 1800 grmnusb - ok
08:35:46.0015 1800 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:35:46.0015 1800 gupdate - ok
08:35:46.0046 1800 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:35:46.0046 1800 gupdatem - ok
08:35:46.0125 1800 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:35:46.0125 1800 gusvc - ok
08:35:46.0187 1800 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:35:46.0187 1800 hcw85cir - ok
08:35:46.0250 1800 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:35:46.0265 1800 HdAudAddService - ok
08:35:46.0296 1800 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:35:46.0296 1800 HDAudBus - ok
08:35:46.0328 1800 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:35:46.0328 1800 HidBatt - ok
08:35:46.0343 1800 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:35:46.0343 1800 HidBth - ok
08:35:46.0375 1800 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:35:46.0375 1800 HidIr - ok
08:35:46.0421 1800 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
08:35:46.0421 1800 hidserv - ok
08:35:46.0437 1800 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:35:46.0453 1800 HidUsb - ok
08:35:46.0500 1800 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:35:46.0500 1800 hkmsvc - ok
08:35:46.0546 1800 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:35:46.0562 1800 HomeGroupListener - ok
08:35:46.0640 1800 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:35:46.0640 1800 HomeGroupProvider - ok
08:35:46.0671 1800 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:35:46.0671 1800 HpSAMD - ok
08:35:46.0812 1800 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
08:35:46.0812 1800 HsfXAudioService - ok
08:35:46.0921 1800 HSF_DP (64667d9808fd09fabedccf62e8f52662) C:\Windows\system32\DRIVERS\CAX_DP.sys
08:35:46.0937 1800 HSF_DP - ok
08:35:47.0140 1800 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:35:47.0156 1800 HTTP - ok
08:35:47.0203 1800 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:35:47.0203 1800 hwpolicy - ok
08:35:47.0281 1800 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:35:47.0281 1800 i8042prt - ok
08:35:47.0328 1800 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:35:47.0328 1800 iaStorV - ok
08:35:47.0484 1800 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:35:47.0500 1800 idsvc - ok
08:35:47.0937 1800 igfx (89b99e3e988dfa20abb58ff1930add21) C:\Windows\system32\DRIVERS\igdkmd64.sys
08:35:48.0046 1800 igfx - ok
08:35:48.0218 1800 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:35:48.0218 1800 iirsp - ok
08:35:48.0328 1800 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:35:48.0343 1800 IKEEXT - ok
08:35:48.0531 1800 IntcAzAudAddService (bfbabcb231628a4551dbb10d0ea25d62) C:\Windows\system32\drivers\RTKVHD64.sys
08:35:48.0562 1800 IntcAzAudAddService - ok
08:35:48.0671 1800 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:35:48.0671 1800 intelide - ok
08:35:48.0734 1800 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:35:48.0734 1800 intelppm - ok
08:35:48.0781 1800 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:35:48.0781 1800 IPBusEnum - ok
08:35:48.0828 1800 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:35:48.0843 1800 IpFilterDriver - ok
08:35:48.0890 1800 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:35:48.0890 1800 IPMIDRV - ok
08:35:48.0921 1800 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:35:48.0937 1800 IPNAT - ok
08:35:49.0093 1800 iPod Service (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe
08:35:49.0093 1800 iPod Service - ok
08:35:49.0125 1800 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:35:49.0125 1800 IRENUM - ok
08:35:49.0140 1800 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:35:49.0140 1800 isapnp - ok
08:35:49.0187 1800 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:35:49.0187 1800 iScsiPrt - ok
08:35:49.0218 1800 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
08:35:49.0218 1800 kbdclass - ok
08:35:49.0250 1800 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
08:35:49.0250 1800 kbdhid - ok
08:35:49.0296 1800 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:35:49.0296 1800 KeyIso - ok
08:35:49.0312 1800 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
08:35:49.0312 1800 KSecDD - ok
08:35:49.0328 1800 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
08:35:49.0343 1800 KSecPkg - ok
08:35:49.0390 1800 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:35:49.0390 1800 ksthunk - ok
08:35:49.0453 1800 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:35:49.0453 1800 KtmRm - ok
08:35:49.0531 1800 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
08:35:49.0546 1800 LanmanServer - ok
08:35:49.0609 1800 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:35:49.0609 1800 LanmanWorkstation - ok
08:35:49.0687 1800 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
08:35:49.0687 1800 lirsgt - ok
08:35:49.0718 1800 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:35:49.0718 1800 lltdio - ok
08:35:49.0796 1800 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:35:49.0796 1800 lltdsvc - ok
08:35:49.0843 1800 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:35:49.0843 1800 lmhosts - ok
08:35:49.0906 1800 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:35:49.0906 1800 LSI_FC - ok
08:35:49.0921 1800 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:35:49.0937 1800 LSI_SAS - ok
08:35:49.0953 1800 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:35:49.0953 1800 LSI_SAS2 - ok
08:35:49.0984 1800 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:35:49.0984 1800 LSI_SCSI - ok
08:35:50.0015 1800 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:35:50.0031 1800 luafv - ok
08:35:50.0078 1800 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:35:50.0078 1800 Mcx2Svc - ok
08:35:50.0125 1800 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
08:35:50.0125 1800 mdmxsdk - ok
08:35:50.0140 1800 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:35:50.0156 1800 megasas - ok
08:35:50.0187 1800 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:35:50.0187 1800 MegaSR - ok
08:35:50.0250 1800 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:35:50.0250 1800 MMCSS - ok
08:35:50.0296 1800 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:35:50.0296 1800 Modem - ok
08:35:50.0359 1800 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:35:50.0359 1800 monitor - ok
08:35:50.0406 1800 motmodem (db83dc223b9133da3e41afcbdecc46b5) C:\Windows\system32\DRIVERS\motmodem.sys
08:35:50.0406 1800 motmodem - ok
08:35:50.0562 1800 MotoConnect Service (9b2923c59d49672d1205c391a1296525) C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
08:35:50.0562 1800 MotoConnect Service - ok
08:35:50.0656 1800 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
08:35:50.0656 1800 mouclass - ok
08:35:50.0734 1800 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:35:50.0734 1800 mouhid - ok
08:35:50.0828 1800 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:35:50.0828 1800 mountmgr - ok
08:35:50.0953 1800 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:35:50.0953 1800 MozillaMaintenance - ok
08:35:51.0031 1800 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
08:35:51.0046 1800 MpFilter - ok
08:35:51.0093 1800 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:35:51.0093 1800 mpio - ok
08:35:51.0140 1800 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:35:51.0140 1800 mpsdrv - ok
08:35:51.0187 1800 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:35:51.0187 1800 MRxDAV - ok
08:35:51.0250 1800 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:35:51.0250 1800 mrxsmb - ok
08:35:51.0296 1800 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:35:51.0312 1800 mrxsmb10 - ok
08:35:51.0375 1800 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:35:51.0375 1800 mrxsmb20 - ok
08:35:51.0421 1800 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:35:51.0421 1800 msahci - ok
08:35:51.0468 1800 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:35:51.0468 1800 msdsm - ok
08:35:51.0515 1800 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:35:51.0515 1800 MSDTC - ok
08:35:51.0609 1800 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:35:51.0609 1800 Msfs - ok
08:35:51.0625 1800 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:35:51.0625 1800 mshidkmdf - ok
08:35:51.0671 1800 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:35:51.0671 1800 msisadrv - ok
08:35:51.0718 1800 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:35:51.0734 1800 MSiSCSI - ok
08:35:51.0734 1800 msiserver - ok
08:35:51.0781 1800 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:35:51.0781 1800 MSKSSRV - ok
08:35:51.0921 1800 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:35:51.0921 1800 MsMpSvc - ok
08:35:51.0921 1800 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:35:51.0937 1800 MSPCLOCK - ok
08:35:51.0953 1800 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:35:51.0953 1800 MSPQM - ok
08:35:52.0015 1800 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:35:52.0015 1800 MsRPC - ok
08:35:52.0078 1800 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:35:52.0078 1800 mssmbios - ok
08:35:52.0093 1800 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:35:52.0093 1800 MSTEE - ok
08:35:52.0109 1800 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:35:52.0109 1800 MTConfig - ok
08:35:52.0140 1800 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:35:52.0140 1800 Mup - ok
08:35:52.0218 1800 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:35:52.0234 1800 napagent - ok
08:35:52.0281 1800 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:35:52.0281 1800 NativeWifiP - ok
08:35:52.0375 1800 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:35:52.0375 1800 NDIS - ok
08:35:52.0390 1800 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:35:52.0406 1800 NdisCap - ok
08:35:52.0421 1800 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:35:52.0421 1800 NdisTapi - ok
08:35:52.0468 1800 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:35:52.0468 1800 Ndisuio - ok
08:35:52.0531 1800 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:35:52.0531 1800 NdisWan - ok
08:35:52.0578 1800 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:35:52.0593 1800 NDProxy - ok
08:35:52.0640 1800 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:35:52.0640 1800 NetBIOS - ok
08:35:52.0703 1800 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:35:52.0703 1800 NetBT - ok
08:35:52.0765 1800 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:35:52.0765 1800 Netlogon - ok
08:35:52.0843 1800 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:35:52.0843 1800 Netman - ok
08:35:52.0906 1800 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:35:52.0921 1800 netprofm - ok
08:35:53.0031 1800 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:35:53.0046 1800 NetTcpPortSharing - ok
08:35:53.0093 1800 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:35:53.0093 1800 nfrd960 - ok
08:35:53.0171 1800 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:35:53.0171 1800 NisDrv - ok
08:35:53.0296 1800 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
08:35:53.0296 1800 NisSrv - ok
08:35:53.0375 1800 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:35:53.0375 1800 NlaSvc - ok
08:35:53.0421 1800 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:35:53.0437 1800 Npfs - ok
08:35:53.0484 1800 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:35:53.0484 1800 nsi - ok
08:35:53.0531 1800 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:35:53.0531 1800 nsiproxy - ok
08:35:53.0687 1800 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:35:53.0718 1800 Ntfs - ok
08:35:53.0875 1800 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:35:53.0875 1800 Null - ok
08:35:53.0937 1800 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:35:53.0937 1800 nvraid - ok
08:35:53.0968 1800 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:35:53.0968 1800 nvstor - ok
08:35:54.0015 1800 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:35:54.0015 1800 nv_agp - ok
08:35:54.0062 1800 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:35:54.0078 1800 ohci1394 - ok
08:35:54.0156 1800 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:35:54.0156 1800 ose - ok
08:35:54.0687 1800 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:35:54.0781 1800 osppsvc - ok
08:35:54.0953 1800 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:35:54.0968 1800 p2pimsvc - ok
08:35:55.0046 1800 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:35:55.0046 1800 p2psvc - ok
08:35:55.0140 1800 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:35:55.0140 1800 Parport - ok
08:35:55.0187 1800 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
08:35:55.0187 1800 partmgr - ok
08:35:55.0218 1800 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:35:55.0218 1800 PcaSvc - ok
08:35:55.0265 1800 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:35:55.0265 1800 pci - ok
08:35:55.0312 1800 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:35:55.0312 1800 pciide - ok
08:35:55.0375 1800 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:35:55.0375 1800 pcmcia - ok
08:35:55.0390 1800 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:35:55.0390 1800 pcw - ok
08:35:55.0453 1800 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:35:55.0453 1800 PEAUTH - ok
08:35:55.0593 1800 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:35:55.0593 1800 PerfHost - ok
08:35:55.0734 1800 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:35:55.0750 1800 pla - ok
08:35:55.0828 1800 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:35:55.0843 1800 PlugPlay - ok
08:35:55.0890 1800 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:35:55.0890 1800 PNRPAutoReg - ok
08:35:55.0921 1800 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:35:55.0921 1800 PNRPsvc - ok
08:35:55.0968 1800 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:35:55.0984 1800 PolicyAgent - ok
08:35:56.0046 1800 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:35:56.0046 1800 Power - ok
08:35:56.0140 1800 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:35:56.0140 1800 PptpMiniport - ok
08:35:56.0187 1800 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:35:56.0187 1800 Processor - ok
08:35:56.0234 1800 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
08:35:56.0234 1800 ProfSvc - ok
08:35:56.0281 1800 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:35:56.0281 1800 ProtectedStorage - ok
08:35:56.0328 1800 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:35:56.0343 1800 Psched - ok
08:35:56.0437 1800 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:35:56.0453 1800 ql2300 - ok
08:35:56.0625 1800 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:35:56.0625 1800 ql40xx - ok
08:35:56.0687 1800 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:35:56.0687 1800 QWAVE - ok
08:35:56.0703 1800 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:35:56.0703 1800 QWAVEdrv - ok
08:35:56.0718 1800 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:35:56.0718 1800 RasAcd - ok
08:35:56.0765 1800 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:35:56.0765 1800 RasAgileVpn - ok
08:35:56.0812 1800 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:35:56.0812 1800 RasAuto - ok
08:35:56.0859 1800 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:35:56.0875 1800 Rasl2tp - ok
08:35:56.0968 1800 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:35:56.0968 1800 RasMan - ok
08:35:57.0046 1800 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:35:57.0046 1800 RasPppoe - ok
08:35:57.0171 1800 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:35:57.0171 1800 RasSstp - ok
08:35:57.0281 1800 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:35:57.0296 1800 rdbss - ok
08:35:57.0312 1800 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:35:57.0312 1800 rdpbus - ok
08:35:57.0343 1800 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:35:57.0343 1800 RDPCDD - ok
08:35:57.0359 1800 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:35:57.0359 1800 RDPENCDD - ok
08:35:57.0375 1800 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:35:57.0375 1800 RDPREFMP - ok
08:35:57.0453 1800 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
08:35:57.0453 1800 RDPWD - ok
08:35:57.0500 1800 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:35:57.0500 1800 rdyboost - ok
08:35:57.0562 1800 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:35:57.0562 1800 RemoteAccess - ok
08:35:57.0625 1800 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:35:57.0625 1800 RemoteRegistry - ok
08:35:57.0640 1800 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:35:57.0656 1800 RpcEptMapper - ok
08:35:57.0671 1800 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:35:57.0671 1800 RpcLocator - ok
08:35:57.0765 1800 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:35:57.0765 1800 RpcSs - ok
08:35:57.0812 1800 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:35:57.0812 1800 rspndr - ok
08:35:57.0859 1800 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:35:57.0859 1800 SamSs - ok
08:35:58.0015 1800 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:35:58.0015 1800 sbp2port - ok
08:35:58.0046 1800 SBRE - ok
08:35:58.0421 1800 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
08:35:58.0437 1800 SBSDWSCService - ok
08:35:58.0484 1800 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:35:58.0484 1800 SCardSvr - ok
08:35:58.0609 1800 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:35:58.0609 1800 scfilter - ok
08:35:58.0765 1800 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:35:58.0781 1800 Schedule - ok
08:35:58.0843 1800 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:35:58.0843 1800 SCPolicySvc - ok
08:35:58.0890 1800 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:35:58.0890 1800 SDRSVC - ok
08:35:58.0953 1800 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:35:58.0953 1800 secdrv - ok
08:35:59.0046 1800 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:35:59.0046 1800 seclogon - ok
08:35:59.0171 1800 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
08:35:59.0187 1800 SENS - ok
08:35:59.0234 1800 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:35:59.0234 1800 SensrSvc - ok
08:35:59.0312 1800 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:35:59.0312 1800 Serenum - ok
08:35:59.0390 1800 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:35:59.0453 1800 Serial - ok
08:35:59.0562 1800 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:35:59.0562 1800 sermouse - ok
08:35:59.0625 1800 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:35:59.0625 1800 SessionEnv - ok
08:35:59.0703 1800 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:35:59.0703 1800 sffdisk - ok
08:35:59.0734 1800 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:35:59.0734 1800 sffp_mmc - ok
08:35:59.0765 1800 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:35:59.0765 1800 sffp_sd - ok
08:35:59.0859 1800 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:35:59.0859 1800 sfloppy - ok
08:35:59.0984 1800 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
08:36:00.0000 1800 SharedAccess - ok
08:36:00.0171 1800 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:36:00.0171 1800 ShellHWDetection - ok
08:36:00.0234 1800 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:36:00.0234 1800 SiSRaid2 - ok
08:36:00.0296 1800 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:36:00.0296 1800 SiSRaid4 - ok
08:36:00.0343 1800 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:36:00.0343 1800 Smb - ok
08:36:00.0421 1800 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:36:00.0421 1800 SNMPTRAP - ok
08:36:00.0453 1800 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:36:00.0453 1800 spldr - ok
08:36:00.0609 1800 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:36:00.0609 1800 Spooler - ok
08:36:01.0359 1800 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:36:01.0437 1800 sppsvc - ok
08:36:01.0812 1800 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:36:01.0812 1800 sppuinotify - ok
08:36:02.0000 1800 sprtlisten - ok
08:36:02.0515 1800 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:36:02.0515 1800 srv - ok
08:36:02.0718 1800 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:36:02.0718 1800 srv2 - ok
08:36:02.0875 1800 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:36:02.0875 1800 srvnet - ok
08:36:03.0234 1800 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:36:03.0234 1800 SSDPSRV - ok
08:36:03.0390 1800 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:36:03.0390 1800 SstpSvc - ok
08:36:03.0484 1800 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:36:03.0500 1800 stexstor - ok
08:36:04.0171 1800 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:36:04.0171 1800 stisvc - ok
08:36:04.0328 1800 SupportSoft RemoteAssist (2e5586392cdfbd1d73badb20e9ed6386) C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
08:36:04.0343 1800 SupportSoft RemoteAssist - ok
08:36:04.0390 1800 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:36:04.0390 1800 swenum - ok
08:36:04.0468 1800 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:36:04.0468 1800 swprv - ok
08:36:04.0640 1800 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:36:04.0671 1800 SysMain - ok
08:36:04.0796 1800 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:36:04.0796 1800 TabletInputService - ok
08:36:04.0859 1800 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:36:04.0875 1800 TapiSrv - ok
08:36:04.0906 1800 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:36:04.0906 1800 TBS - ok
08:36:05.0078 1800 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
08:36:05.0093 1800 Tcpip - ok
08:36:05.0312 1800 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
08:36:05.0328 1800 TCPIP6 - ok
08:36:05.0406 1800 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:36:05.0406 1800 tcpipreg - ok
08:36:05.0453 1800 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:36:05.0453 1800 TDPIPE - ok
08:36:05.0515 1800 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
08:36:05.0515 1800 TDTCP - ok
08:36:05.0562 1800 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:36:05.0562 1800 tdx - ok
08:36:05.0609 1800 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:36:05.0609 1800 TermDD - ok
08:36:05.0703 1800 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:36:05.0703 1800 TermService - ok
08:36:05.0750 1800 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:36:05.0750 1800 Themes - ok
08:36:05.0796 1800 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:36:05.0796 1800 THREADORDER - ok
08:36:05.0828 1800 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:36:05.0828 1800 TrkWks - ok
08:36:05.0921 1800 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:36:05.0921 1800 TrustedInstaller - ok
08:36:05.0968 1800 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:36:05.0968 1800 tssecsrv - ok
08:36:06.0015 1800 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:36:06.0015 1800 TsUsbFlt - ok
08:36:06.0078 1800 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:36:06.0078 1800 tunnel - ok
08:36:06.0125 1800 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:36:06.0125 1800 uagp35 - ok
08:36:06.0187 1800 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:36:06.0187 1800 udfs - ok
08:36:06.0250 1800 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:36:06.0250 1800 UI0Detect - ok
08:36:06.0296 1800 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:36:06.0296 1800 uliagpkx - ok
08:36:06.0343 1800 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
08:36:06.0343 1800 umbus - ok
08:36:06.0359 1800 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:36:06.0359 1800 UmPass - ok
08:36:06.0406 1800 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:36:06.0406 1800 upnphost - ok
08:36:06.0453 1800 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
08:36:06.0453 1800 USBAAPL64 - ok
08:36:06.0500 1800 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:36:06.0500 1800 usbccgp - ok
08:36:06.0531 1800 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:36:06.0546 1800 usbcir - ok
08:36:06.0562 1800 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
08:36:06.0562 1800 usbehci - ok
08:36:06.0609 1800 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:36:06.0609 1800 usbhub - ok
08:36:06.0640 1800 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
08:36:06.0640 1800 usbohci - ok
08:36:06.0687 1800 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:36:06.0687 1800 usbprint - ok
08:36:06.0734 1800 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
08:36:06.0734 1800 usbscan - ok
08:36:06.0750 1800 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:36:06.0750 1800 USBSTOR - ok
08:36:06.0765 1800 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
08:36:06.0765 1800 usbuhci - ok
08:36:06.0812 1800 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:36:06.0812 1800 UxSms - ok
08:36:06.0859 1800 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:36:06.0859 1800 VaultSvc - ok
08:36:06.0953 1800 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:36:06.0953 1800 vdrvroot - ok
08:36:07.0109 1800 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:36:07.0109 1800 vds - ok
08:36:07.0171 1800 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:36:07.0171 1800 vga - ok
08:36:07.0187 1800 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:36:07.0187 1800 VgaSave - ok
08:36:07.0250 1800 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:36:07.0250 1800 vhdmp - ok
08:36:07.0296 1800 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:36:07.0296 1800 viaide - ok
08:36:07.0328 1800 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:36:07.0328 1800 volmgr - ok
08:36:07.0406 1800 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:36:07.0406 1800 volmgrx - ok
08:36:07.0437 1800 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:36:07.0437 1800 volsnap - ok
08:36:07.0500 1800 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:36:07.0500 1800 vsmraid - ok
08:36:07.0640 1800 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:36:07.0656 1800 VSS - ok
08:36:07.0859 1800 VST64HWBS2 (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS
08:36:07.0859 1800 VST64HWBS2 - ok
08:36:07.0968 1800 VST64_DPV (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
08:36:07.0984 1800 VST64_DPV - ok
08:36:08.0078 1800 vToolbarUpdater11.1.0 - ok
08:36:08.0218 1800 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
08:36:08.0218 1800 vwifibus - ok
08:36:08.0281 1800 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:36:08.0296 1800 W32Time - ok
08:36:08.0312 1800 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:36:08.0312 1800 WacomPen - ok
08:36:08.0375 1800 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:36:08.0375 1800 WANARP - ok
08:36:08.0390 1800 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:36:08.0390 1800 Wanarpv6 - ok
08:36:08.0531 1800 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:36:08.0546 1800 WatAdminSvc - ok
08:36:08.0671 1800 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:36:08.0703 1800 wbengine - ok
08:36:08.0843 1800 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:36:08.0859 1800 WbioSrvc - ok
08:36:08.0921 1800 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:36:08.0921 1800 wcncsvc - ok
08:36:08.0937 1800 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:36:08.0937 1800 WcsPlugInService - ok
08:36:09.0000 1800 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:36:09.0015 1800 Wd - ok
08:36:09.0062 1800 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:36:09.0078 1800 Wdf01000 - ok
08:36:09.0093 1800 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:36:09.0093 1800 WdiServiceHost - ok
08:36:09.0093 1800 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:36:09.0093 1800 WdiSystemHost - ok
08:36:09.0156 1800 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:36:09.0171 1800 WebClient - ok
08:36:09.0203 1800 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:36:09.0203 1800 Wecsvc - ok
08:36:09.0218 1800 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:36:09.0218 1800 wercplsupport - ok
08:36:09.0234 1800 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:36:09.0234 1800 WerSvc - ok
08:36:09.0312 1800 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:36:09.0312 1800 WfpLwf - ok
08:36:09.0328 1800 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:36:09.0328 1800 WIMMount - ok
08:36:09.0421 1800 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
08:36:09.0437 1800 winachsf - ok
08:36:09.0437 1800 WinHttpAutoProxySvc - ok
08:36:09.0531 1800 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:36:09.0531 1800 Winmgmt - ok
08:36:09.0718 1800 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:36:09.0750 1800 WinRM - ok
08:36:09.0937 1800 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
08:36:09.0953 1800 WinUsb - ok
08:36:10.0046 1800 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:36:10.0046 1800 Wlansvc - ok
08:36:10.0328 1800 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:36:10.0359 1800 wlidsvc - ok
08:36:10.0484 1800 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:36:10.0500 1800 WmiAcpi - ok
08:36:10.0609 1800 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:36:10.0609 1800 wmiApSrv - ok
08:36:10.0671 1800 WMPNetworkSvc - ok
08:36:10.0718 1800 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:36:10.0718 1800 WPCSvc - ok
08:36:10.0781 1800 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:36:10.0781 1800 WPDBusEnum - ok
08:36:10.0828 1800 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:36:10.0828 1800 ws2ifsl - ok
08:36:10.0843 1800 WSearch - ok
08:36:11.0046 1800 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
08:36:11.0078 1800 wuauserv - ok
08:36:11.0250 1800 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:36:11.0265 1800 WudfPf - ok
08:36:11.0296 1800 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:36:11.0296 1800 WUDFRd - ok
08:36:11.0343 1800 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:36:11.0343 1800 wudfsvc - ok
08:36:11.0406 1800 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:36:11.0406 1800 WwanSvc - ok
08:36:11.0468 1800 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
08:36:11.0468 1800 XAudio - ok
08:36:11.0531 1800 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:36:11.0781 1800 \Device\Harddisk0\DR0 - ok
08:36:11.0781 1800 Boot (0x1200) (84061b272dd23b65fdcbb9318e3807b2) \Device\Harddisk0\DR0\Partition0
08:36:11.0796 1800 \Device\Harddisk0\DR0\Partition0 - ok
08:36:11.0812 1800 Boot (0x1200) (d660e64c10143ec96343bd4bf761e961) \Device\Harddisk0\DR0\Partition1
08:36:11.0812 1800 \Device\Harddisk0\DR0\Partition1 - ok
08:36:11.0812 1800 ============================================================
08:36:11.0812 1800 Scan finished
08:36:11.0812 1800 ============================================================
08:36:11.0828 0508 Detected object count: 0
08:36:11.0828 0508 Actual detected object count: 0
08:36:28.0937 1224 ============================================================
08:36:28.0937 1224 Scan started
08:36:28.0937 1224 Mode: Manual; TDLFS;
08:36:28.0937 1224 ============================================================
08:36:29.0484 1224 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:36:29.0484 1224 1394ohci - ok
08:36:29.0546 1224 44674880 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\44674880.sys
08:36:29.0562 1224 44674880 - ok
08:36:29.0609 1224 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:36:29.0625 1224 ACPI - ok
08:36:29.0671 1224 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:36:29.0671 1224 AcpiPmi - ok
08:36:29.0750 1224 AdobeARMservice - ok
08:36:29.0828 1224 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:36:29.0828 1224 adp94xx - ok
08:36:29.0875 1224 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:36:29.0875 1224 adpahci - ok
08:36:29.0906 1224 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:36:29.0906 1224 adpu320 - ok
08:36:29.0953 1224 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:36:29.0953 1224 AeLookupSvc - ok
08:36:30.0015 1224 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
08:36:30.0015 1224 AFD - ok
08:36:30.0062 1224 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:36:30.0062 1224 agp440 - ok
08:36:30.0093 1224 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:36:30.0093 1224 ALG - ok
08:36:30.0109 1224 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:36:30.0109 1224 aliide - ok
08:36:30.0156 1224 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:36:30.0156 1224 amdide - ok
08:36:30.0187 1224 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:36:30.0187 1224 AmdK8 - ok
08:36:30.0218 1224 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:36:30.0218 1224 AmdPPM - ok
08:36:30.0250 1224 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:36:30.0250 1224 amdsata - ok
08:36:30.0281 1224 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:36:30.0281 1224 amdsbs - ok
08:36:30.0312 1224 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:36:30.0312 1224 amdxata - ok
08:36:30.0359 1224 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:36:30.0359 1224 AppID - ok
08:36:30.0406 1224 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:36:30.0406 1224 AppIDSvc - ok
08:36:30.0453 1224 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:36:30.0453 1224 Appinfo - ok
08:36:30.0562 1224 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:36:30.0562 1224 Apple Mobile Device - ok
08:36:30.0625 1224 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:36:30.0625 1224 arc - ok
08:36:30.0640 1224 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:36:30.0640 1224 arcsas - ok
08:36:30.0687 1224 aswFsBlk (5d0fcd12a43e92409eb2ac88c6cf7d48) C:\Windows\system32\drivers\aswFsBlk.sys
08:36:30.0687 1224 aswFsBlk - ok
08:36:30.0734 1224 aswMonFlt (d51d963c2357b02a862f99bc0802aabb) C:\Windows\system32\drivers\aswMonFlt.sys
08:36:30.0734 1224 aswMonFlt - ok
08:36:30.0750 1224 aswRdr (f2a846c15ea4e35d0a8e53891abdf528) C:\Windows\System32\Drivers\aswrdr2.sys
08:36:30.0750 1224 aswRdr - ok
08:36:30.0828 1224 aswSnx (87542057e699eed8d1a545c75cef4547) C:\Windows\system32\drivers\aswSnx.sys
08:36:30.0828 1224 aswSnx - ok
08:36:30.0875 1224 aswSP (58143f82d886e10bafe33dc57eee53f9) C:\Windows\system32\drivers\aswSP.sys
08:36:30.0875 1224 aswSP - ok
08:36:30.0906 1224 aswTdi (c944767bd5e69bf3f49a6562abd4eaea) C:\Windows\system32\drivers\aswTdi.sys
08:36:30.0906 1224 aswTdi - ok
08:36:30.0921 1224 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:36:30.0921 1224 AsyncMac - ok
08:36:30.0953 1224 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:36:30.0953 1224 atapi - ok
08:36:31.0015 1224 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
08:36:31.0015 1224 atksgt - ok
08:36:31.0093 1224 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:36:31.0093 1224 AudioEndpointBuilder - ok
08:36:31.0109 1224 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:36:31.0109 1224 AudioSrv - ok
08:36:31.0250 1224 avast! Antivirus (b31f785751157aa8e2a33ea1cb4dc5be) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:36:31.0250 1224 avast! Antivirus - ok
08:36:31.0671 1224 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
08:36:31.0703 1224 AVGIDSAgent - ok
08:36:31.0875 1224 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
08:36:31.0875 1224 AVGIDSDriver - ok
08:36:31.0921 1224 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
08:36:31.0921 1224 AVGIDSFilter - ok
08:36:31.0937 1224 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
08:36:31.0937 1224 AVGIDSHA - ok
08:36:32.0000 1224 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
08:36:32.0015 1224 Avgldx64 - ok
08:36:32.0046 1224 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
08:36:32.0046 1224 Avgmfx64 - ok
08:36:32.0078 1224 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
08:36:32.0078 1224 Avgrkx64 - ok
08:36:32.0109 1224 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
08:36:32.0109 1224 Avgtdia - ok
08:36:32.0250 1224 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
08:36:32.0250 1224 avgwd - ok
08:36:32.0296 1224 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:36:32.0296 1224 AxInstSV - ok
08:36:32.0375 1224 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:36:32.0375 1224 b06bdrv - ok
08:36:32.0437 1224 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:36:32.0437 1224 b57nd60a - ok
08:36:32.0546 1224 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
08:36:32.0546 1224 BBSvc - ok
08:36:32.0546 1224 BBUpdate - ok
08:36:32.0609 1224 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:36:32.0609 1224 BDESVC - ok
08:36:32.0609 1224 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:36:32.0609 1224 Beep - ok
08:36:32.0703 1224 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
08:36:32.0718 1224 BITS - ok
08:36:32.0765 1224 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:36:32.0765 1224 blbdrive - ok
08:36:32.0875 1224 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
08:36:32.0875 1224 Bonjour Service - ok
08:36:32.0921 1224 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:36:32.0921 1224 bowser - ok
08:36:32.0937 1224 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:36:32.0937 1224 BrFiltLo - ok
08:36:32.0953 1224 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:36:32.0953 1224 BrFiltUp - ok
08:36:33.0046 1224 Brother XP spl Service (c711ed965009bdcff9aa62ceb6ff1aad) C:\Windows\SysWOW64\brsvc01a.exe
08:36:33.0046 1224 Brother XP spl Service - ok
08:36:33.0109 1224 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:36:33.0109 1224 Browser - ok
08:36:33.0140 1224 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
08:36:33.0140 1224 Brserid - ok
08:36:33.0156 1224 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:36:33.0156 1224 BrSerWdm - ok
08:36:33.0171 1224 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:36:33.0171 1224 BrUsbMdm - ok
08:36:33.0203 1224 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
08:36:33.0203 1224 BrUsbSer - ok
08:36:33.0218 1224 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:36:33.0234 1224 BTHMODEM - ok
08:36:33.0281 1224 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:36:33.0281 1224 bthserv - ok
08:36:33.0359 1224 CAXHWBS2 (46f088d1247e825b313200254edd9e5b) C:\Windows\system32\DRIVERS\CAXHWBS2.sys
08:36:33.0359 1224 CAXHWBS2 - ok
08:36:33.0390 1224 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:36:33.0390 1224 cdfs - ok
08:36:33.0437 1224 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
08:36:33.0437 1224 cdrom - ok
08:36:33.0484 1224 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:36:33.0484 1224 CertPropSvc - ok
08:36:33.0515 1224 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:36:33.0515 1224 circlass - ok
08:36:33.0578 1224 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:36:33.0578 1224 CLFS - ok
08:36:33.0656 1224 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:36:33.0656 1224 clr_optimization_v2.0.50727_32 - ok
08:36:33.0734 1224 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:36:33.0734 1224 clr_optimization_v2.0.50727_64 - ok
08:36:33.0843 1224 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:36:33.0843 1224 clr_optimization_v4.0.30319_32 - ok
08:36:33.0937 1224 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:36:33.0937 1224 clr_optimization_v4.0.30319_64 - ok
08:36:33.0984 1224 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:36:33.0984 1224 CmBatt - ok
08:36:34.0015 1224 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:36:34.0015 1224 cmdide - ok
08:36:34.0078 1224 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
08:36:34.0093 1224 CNG - ok
08:36:34.0109 1224 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:36:34.0109 1224 Compbatt - ok
08:36:34.0156 1224 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:36:34.0156 1224 CompositeBus - ok
08:36:34.0156 1224 COMSysApp - ok
08:36:34.0187 1224 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:36:34.0187 1224 crcdisk - ok
08:36:34.0250 1224 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
08:36:34.0250 1224 CryptSvc - ok
08:36:34.0328 1224 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:36:34.0328 1224 DcomLaunch - ok
08:36:34.0390 1224 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:36:34.0406 1224 defragsvc - ok
08:36:34.0453 1224 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:36:34.0453 1224 DfsC - ok
08:36:34.0515 1224 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:36:34.0515 1224 Dhcp - ok
08:36:34.0562 1224 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:36:34.0562 1224 discache - ok
08:36:34.0578 1224 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:36:34.0578 1224 Disk - ok
08:36:34.0640 1224 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:36:34.0640 1224 Dnscache - ok
08:36:34.0703 1224 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:36:34.0703 1224 dot3svc - ok
08:36:34.0750 1224 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:36:34.0750 1224 DPS - ok
08:36:34.0796 1224 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:36:34.0796 1224 drmkaud - ok
08:36:34.0906 1224 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:36:34.0906 1224 DXGKrnl - ok
08:36:34.0968 1224 e1express (099e01a94167ca8bda2cf72037ad0e28) C:\Windows\system32\DRIVERS\e1e6232e.sys
08:36:34.0968 1224 e1express - ok
08:36:35.0031 1224 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:36:35.0031 1224 EapHost - ok
08:36:35.0265 1224 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:36:35.0281 1224 ebdrv - ok
08:36:35.0437 1224 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
08:36:35.0437 1224 EFS - ok
08:36:35.0515 1224 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:36:35.0531 1224 ehRecvr - ok
08:36:35.0578 1224 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:36:35.0578 1224 ehSched - ok
08:36:35.0687 1224 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:36:35.0687 1224 elxstor - ok
08:36:35.0734 1224 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:36:35.0734 1224 ErrDev - ok
08:36:35.0812 1224 esgiguard - ok
08:36:35.0890 1224 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:36:35.0890 1224 EventSystem - ok
08:36:35.0906 1224 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:36:35.0921 1224 exfat - ok
08:36:35.0937 1224 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:36:35.0937 1224 fastfat - ok
08:36:36.0031 1224 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:36:36.0031 1224 Fax - ok
08:36:36.0046 1224 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:36:36.0046 1224 fdc - ok
08:36:36.0078 1224 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:36:36.0078 1224 fdPHost - ok
08:36:36.0093 1224 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:36:36.0093 1224 FDResPub - ok
08:36:36.0109 1224 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:36:36.0109 1224 FileInfo - ok
08:36:36.0125 1224 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:36:36.0125 1224 Filetrace - ok
08:36:36.0265 1224 FlipShare Service (869bde240b7fe9c7b25bd80df85641c8) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
08:36:36.0265 1224 FlipShare Service - ok
08:36:36.0406 1224 FlipShareServer (9c330b7ddee9492373041e75da01f80c) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
08:36:36.0406 1224 FlipShareServer - ok
08:36:36.0578 1224 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:36:36.0578 1224 flpydisk - ok
08:36:36.0640 1224 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:36:36.0640 1224 FltMgr - ok
08:36:36.0750 1224 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:36:36.0765 1224 FontCache - ok
08:36:36.0859 1224 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:36:36.0875 1224 FontCache3.0.0.0 - ok
08:36:36.0890 1224 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:36:36.0890 1224 FsDepends - ok
08:36:36.0937 1224 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
08:36:36.0937 1224 Fs_Rec - ok
08:36:37.0000 1224 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:36:37.0000 1224 fvevol - ok
08:36:37.0031 1224 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:36:37.0031 1224 gagp30kx - ok
08:36:37.0078 1224 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:36:37.0078 1224 GEARAspiWDM - ok
08:36:37.0171 1224 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:36:37.0171 1224 gpsvc - ok
08:36:37.0234 1224 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys
08:36:37.0234 1224 grmnusb - ok
08:36:37.0375 1224 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:36:37.0390 1224 gupdate - ok
08:36:37.0390 1224 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:36:37.0390 1224 gupdatem - ok
08:36:37.0453 1224 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:36:37.0453 1224 gusvc - ok
08:36:37.0500 1224 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:36:37.0500 1224 hcw85cir - ok
08:36:37.0562 1224 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:36:37.0578 1224 HdAudAddService - ok
08:36:37.0609 1224 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:36:37.0609 1224 HDAudBus - ok
08:36:37.0625 1224 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:36:37.0625 1224 HidBatt - ok
08:36:37.0640 1224 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:36:37.0640 1224 HidBth - ok
08:36:37.0687 1224 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:36:37.0687 1224 HidIr - ok
08:36:37.0734 1224 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
08:36:37.0734 1224 hidserv - ok
08:36:37.0750 1224 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:36:37.0765 1224 HidUsb - ok
08:36:37.0812 1224 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:36:37.0812 1224 hkmsvc - ok
08:36:37.0875 1224 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:36:37.0875 1224 HomeGroupListener - ok
08:36:37.0937 1224 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:36:37.0937 1224 HomeGroupProvider - ok
08:36:37.0968 1224 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:36:37.0968 1224 HpSAMD - ok
08:36:38.0093 1224 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
08:36:38.0093 1224 HsfXAudioService - ok
08:36:38.0203 1224 HSF_DP (64667d9808fd09fabedccf62e8f52662) C:\Windows\system32\DRIVERS\CAX_DP.sys
08:36:38.0203 1224 HSF_DP - ok
08:36:38.0406 1224 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:36:38.0406 1224 HTTP - ok
08:36:38.0453 1224 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:36:38.0453 1224 hwpolicy - ok
08:36:38.0515 1224 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:36:38.0515 1224 i8042prt - ok
08:36:38.0562 1224 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:36:38.0562 1224 iaStorV - ok
08:36:38.0703 1224 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:36:38.0703 1224 idsvc - ok
08:36:39.0093 1224 igfx (89b99e3e988dfa20abb58ff1930add21) C:\Windows\system32\DRIVERS\igdkmd64.sys
08:36:39.0140 1224 igfx - ok
08:36:39.0312 1224 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:36:39.0312 1224 iirsp - ok
08:36:39.0406 1224 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:36:39.0406 1224 IKEEXT - ok
08:36:39.0578 1224 IntcAzAudAddService (bfbabcb231628a4551dbb10d0ea25d62) C:\Windows\system32\drivers\RTKVHD64.sys
08:36:39.0593 1224 IntcAzAudAddService - ok
08:36:39.0687 1224 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:36:39.0687 1224 intelide - ok
08:36:39.0718 1224 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:36:39.0718 1224 intelppm - ok
08:36:39.0765 1224 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:36:39.0765 1224 IPBusEnum - ok
08:36:39.0812 1224 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:36:39.0812 1224 IpFilterDriver - ok
08:36:39.0875 1224 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:36:39.0875 1224 IPMIDRV - ok
08:36:39.0906 1224 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:36:39.0906 1224 IPNAT - ok
08:36:40.0031 1224 iPod Service (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe
08:36:40.0046 1224 iPod Service - ok
08:36:40.0062 1224 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:36:40.0062 1224 IRENUM - ok
08:36:40.0093 1224 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:36:40.0093 1224 isapnp - ok
08:36:40.0125 1224 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:36:40.0125 1224 iScsiPrt - ok
08:36:40.0156 1224 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
08:36:40.0156 1224 kbdclass - ok
08:36:40.0171 1224 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
08:36:40.0171 1224 kbdhid - ok
08:36:40.0218 1224 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:36:40.0218 1224 KeyIso - ok
08:36:40.0234 1224 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
08:36:40.0234 1224 KSecDD - ok
08:36:40.0265 1224 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
08:36:40.0265 1224 KSecPkg - ok
08:36:40.0312 1224 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:36:40.0312 1224 ksthunk - ok
08:36:40.0390 1224 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:36:40.0390 1224 KtmRm - ok
08:36:40.0453 1224 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
08:36:40.0453 1224 LanmanServer - ok
08:36:40.0500 1224 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:36:40.0515 1224 LanmanWorkstation - ok
08:36:40.0562 1224 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
08:36:40.0562 1224 lirsgt - ok
08:36:40.0562 1224 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:36:40.0578 1224 lltdio - ok
08:36:40.0640 1224 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:36:40.0640 1224 lltdsvc - ok
08:36:40.0656 1224 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:36:40.0656 1224 lmhosts - ok
08:36:40.0718 1224 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:36:40.0718 1224 LSI_FC - ok
08:36:40.0734 1224 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:36:40.0734 1224 LSI_SAS - ok
08:36:40.0765 1224 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:36:40.0765 1224 LSI_SAS2 - ok
08:36:40.0781 1224 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:36:40.0796 1224 LSI_SCSI - ok
08:36:40.0828 1224 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:36:40.0828 1224 luafv - ok
08:36:40.0875 1224 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:36:40.0875 1224 Mcx2Svc - ok
08:36:40.0921 1224 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
08:36:40.0921 1224 mdmxsdk - ok
08:36:40.0937 1224 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:36:40.0937 1224 megasas - ok
08:36:40.0968 1224 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:36:40.0984 1224 MegaSR - ok
08:36:41.0015 1224 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:36:41.0031 1224 MMCSS - ok
08:36:41.0031 1224 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:36:41.0031 1224 Modem - ok
08:36:41.0078 1224 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:36:41.0078 1224 monitor - ok
08:36:41.0125 1224 motmodem (db83dc223b9133da3e41afcbdecc46b5) C:\Windows\system32\DRIVERS\motmodem.sys
08:36:41.0125 1224 motmodem - ok
08:36:41.0375 1224 MotoConnect Service (9b2923c59d49672d1205c391a1296525) C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
08:36:41.0375 1224 MotoConnect Service - ok
08:36:41.0421 1224 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
08:36:41.0421 1224 mouclass - ok
08:36:41.0453 1224 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:36:41.0468 1224 mouhid - ok
08:36:41.0500 1224 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:36:41.0500 1224 mountmgr - ok
08:36:41.0609 1224 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:36:41.0609 1224 MozillaMaintenance - ok
08:36:41.0734 1224 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
08:36:41.0734 1224 MpFilter - ok
08:36:41.0781 1224 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:36:41.0796 1224 mpio - ok
08:36:41.0843 1224 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:36:41.0843 1224 mpsdrv - ok
08:36:41.0906 1224 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:36:41.0906 1224 MRxDAV - ok
08:36:41.0953 1224 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:36:41.0968 1224 mrxsmb - ok
08:36:42.0015 1224 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:36:42.0015 1224 mrxsmb10 - ok
08:36:42.0046 1224 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:36:42.0046 1224 mrxsmb20 - ok
08:36:42.0093 1224 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:36:42.0093 1224 msahci - ok
08:36:42.0140 1224 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:36:42.0140 1224 msdsm - ok
08:36:42.0187 1224 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:36:42.0187 1224 MSDTC - ok
08:36:42.0234 1224 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:36:42.0234 1224 Msfs - ok
08:36:42.0250 1224 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:36:42.0250 1224 mshidkmdf - ok
08:36:42.0265 1224 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:36:42.0265 1224 msisadrv - ok
08:36:42.0328 1224 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:36:42.0328 1224 MSiSCSI - ok
08:36:42.0328 1224 msiserver - ok
08:36:42.0343 1224 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:36:42.0343 1224 MSKSSRV - ok
08:36:42.0468 1224 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:36:42.0468 1224 MsMpSvc - ok
08:36:42.0500 1224 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:36:42.0500 1224 MSPCLOCK - ok
08:36:42.0515 1224 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:36:42.0515 1224 MSPQM - ok
08:36:42.0578 1224 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:36:42.0593 1224 MsRPC - ok
08:36:42.0640 1224 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:36:42.0640 1224 mssmbios - ok
08:36:42.0656 1224 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:36:42.0656 1224 MSTEE - ok
08:36:42.0671 1224 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:36:42.0671 1224 MTConfig - ok
08:36:42.0703 1224 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:36:42.0703 1224 Mup - ok
08:36:42.0781 1224 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:36:42.0781 1224 napagent - ok
08:36:42.0828 1224 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:36:42.0828 1224 NativeWifiP - ok
08:36:42.0906 1224 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:36:42.0921 1224 NDIS - ok
08:36:42.0937 1224 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:36:42.0937 1224 NdisCap - ok
08:36:42.0953 1224 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:36:42.0953 1224 NdisTapi - ok
08:36:43.0000 1224 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:36:43.0000 1224 Ndisuio - ok
08:36:43.0046 1224 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:36:43.0046 1224 NdisWan - ok
08:36:43.0093 1224 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:36:43.0093 1224 NDProxy - ok
08:36:43.0109 1224 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:36:43.0109 1224 NetBIOS - ok
08:36:43.0140 1224 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:36:43.0140 1224 NetBT - ok
08:36:43.0187 1224 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:36:43.0187 1224 Netlogon - ok
08:36:43.0265 1224 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:36:43.0265 1224 Netman - ok
08:36:43.0296 1224 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:36:43.0312 1224 netprofm - ok
08:36:43.0421 1224 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:36:43.0421 1224 NetTcpPortSharing - ok
08:36:43.0468 1224 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:36:43.0468 1224 nfrd960 - ok
08:36:43.0515 1224 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:36:43.0515 1224 NisDrv - ok
08:36:43.0625 1224 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
08:36:43.0625 1224 NisSrv - ok
08:36:43.0703 1224 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:36:43.0703 1224 NlaSvc - ok
08:36:43.0718 1224 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:36:43.0718 1224 Npfs - ok
08:36:43.0781 1224 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:36:43.0781 1224 nsi - ok
08:36:43.0796 1224 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:36:43.0796 1224 nsiproxy - ok
08:36:43.0953 1224 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:36:43.0953 1224 Ntfs - ok
08:36:44.0093 1224 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:36:44.0093 1224 Null - ok
08:36:44.0140 1224 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:36:44.0156 1224 nvraid - ok
08:36:44.0171 1224 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:36:44.0171 1224 nvstor - ok
08:36:44.0218 1224 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:36:44.0218 1224 nv_agp - ok
08:36:44.0265 1224 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:36:44.0265 1224 ohci1394 - ok
08:36:44.0359 1224 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:36:44.0359 1224 ose - ok
08:36:44.0796 1224 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:36:44.0828 1224 osppsvc - ok
08:36:45.0000 1224 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:36:45.0000 1224 p2pimsvc - ok
08:36:45.0062 1224 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:36:45.0078 1224 p2psvc - ok
08:36:45.0156 1224 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:36:45.0156 1224 Parport - ok
08:36:45.0203 1224 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
08:36:45.0203 1224 partmgr - ok
08:36:45.0234 1224 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:36:45.0234 1224 PcaSvc - ok
08:36:45.0281 1224 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:36:45.0281 1224 pci - ok
08:36:45.0328 1224 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:36:45.0328 1224 pciide - ok
08:36:45.0359 1224 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:36:45.0359 1224 pcmcia - ok
08:36:45.0390 1224 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:36:45.0390 1224 pcw - ok
08:36:45.0437 1224 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:36:45.0437 1224 PEAUTH - ok
08:36:45.0546 1224 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:36:45.0546 1224 PerfHost - ok
08:36:45.0687 1224 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:36:45.0687 1224 pla - ok
08:36:45.0765 1224 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:36:45.0765 1224 PlugPlay - ok
08:36:45.0812 1224 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:36:45.0812 1224 PNRPAutoReg - ok
08:36:45.0843 1224 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:36:45.0859 1224 PNRPsvc - ok
08:36:45.0906 1224 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:36:45.0906 1224 PolicyAgent - ok
08:36:45.0968 1224 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:36:45.0968 1224 Power - ok
08:36:46.0046 1224 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:36:46.0046 1224 PptpMiniport - ok
08:36:46.0093 1224 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:36:46.0093 1224 Processor - ok
08:36:46.0156 1224 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
08:36:46.0156 1224 ProfSvc - ok
08:36:46.0203 1224 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:36:46.0203 1224 ProtectedStorage - ok
08:36:46.0250 1224 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:36:46.0250 1224 Psched - ok
08:36:46.0359 1224 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:36:46.0375 1224 ql2300 - ok
08:36:46.0500 1224 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:36:46.0500 1224 ql40xx - ok
08:36:46.0562 1224 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:36:46.0562 1224 QWAVE - ok
08:36:46.0578 1224 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:36:46.0578 1224 QWAVEdrv - ok
08:36:46.0593 1224 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:36:46.0593 1224 RasAcd - ok
08:36:46.0640 1224 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:36:46.0640 1224 RasAgileVpn - ok
08:36:46.0656 1224 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:36:46.0656 1224 RasAuto - ok
08:36:46.0718 1224 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:36:46.0718 1224 Rasl2tp - ok
08:36:46.0781 1224 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:36:46.0781 1224 RasMan - ok
08:36:46.0796 1224 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:36:46.0796 1224 RasPppoe - ok
08:36:46.0812 1224 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:36:46.0828 1224 RasSstp - ok
08:36:46.0890 1224 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:36:46.0890 1224 rdbss - ok
08:36:46.0906 1224 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:36:46.0906 1224 rdpbus - ok
08:36:46.0937 1224 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:36:46.0937 1224 RDPCDD - ok
08:36:46.0937 1224 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:36:46.0937 1224 RDPENCDD - ok
08:36:46.0953 1224 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:36:46.0968 1224 RDPREFMP - ok
08:36:47.0015 1224 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
08:36:47.0031 1224 RDPWD - ok
08:36:47.0078 1224 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:36:47.0078 1224 rdyboost - ok
08:36:47.0125 1224 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:36:47.0125 1224 RemoteAccess - ok
08:36:47.0187 1224 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:36:47.0187 1224 RemoteRegistry - ok
08:36:47.0203 1224 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:36:47.0203 1224 RpcEptMapper - ok
08:36:47.0250 1224 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:36:47.0250 1224 RpcLocator - ok
08:36:47.0328 1224 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:36:47.0328 1224 RpcSs - ok
08:36:47.0375 1224 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:36:47.0375 1224 rspndr - ok
08:36:47.0421 1224 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:36:47.0421 1224 SamSs - ok
08:36:47.0468 1224 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:36:47.0468 1224 sbp2port - ok
08:36:47.0484 1224 SBRE - ok
08:36:47.0640 1224 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
08:36:47.0640 1224 SBSDWSCService - ok
08:36:47.0687 1224 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:36:47.0703 1224 SCardSvr - ok
08:36:47.0765 1224 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:36:47.0765 1224 scfilter - ok
08:36:47.0875 1224 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:36:47.0890 1224 Schedule - ok
08:36:47.0921 1224 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:36:47.0937 1224 SCPolicySvc - ok
08:36:47.0984 1224 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:36:47.0984 1224 SDRSVC - ok
08:36:48.0015 1224 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:36:48.0015 1224 secdrv - ok
08:36:48.0062 1224 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:36:48.0062 1224 seclogon - ok
08:36:48.0078 1224 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
08:36:48.0078 1224 SENS - ok
08:36:48.0093 1224 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:36:48.0093 1224 SensrSvc - ok
08:36:48.0125 1224 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:36:48.0125 1224 Serenum - ok
08:36:48.0140 1224 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:36:48.0140 1224 Serial - ok
08:36:48.0187 1224 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:36:48.0187 1224 sermouse - ok
08:36:48.0250 1224 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:36:48.0250 1224 SessionEnv - ok
08:36:48.0296 1224 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:36:48.0296 1224 sffdisk - ok
08:36:48.0312 1224 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:36:48.0312 1224 sffp_mmc - ok
08:36:48.0312 1224 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:36:48.0328 1224 sffp_sd - ok
08:36:48.0343 1224 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:36:48.0343 1224 sfloppy - ok
08:36:48.0406 1224 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
08:36:48.0406 1224 SharedAccess - ok
08:36:48.0453 1224 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:36:48.0453 1224 ShellHWDetection - ok
08:36:48.0468 1224 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:36:48.0484 1224 SiSRaid2 - ok
08:36:48.0500 1224 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:36:48.0500 1224 SiSRaid4 - ok
08:36:48.0515 1224 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:36:48.0515 1224 Smb - ok
08:36:48.0593 1224 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:36:48.0593 1224 SNMPTRAP - ok
08:36:48.0625 1224 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:36:48.0625 1224 spldr - ok
08:36:48.0671 1224 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:36:48.0687 1224 Spooler - ok
08:36:48.0953 1224 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:36:48.0968 1224 sppsvc - ok
08:36:49.0093 1224 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:36:49.0093 1224 sppuinotify - ok
08:36:49.0156 1224 sprtlisten - ok
08:36:49.0265 1224 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:36:49.0265 1224 srv - ok
08:36:49.0312 1224 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:36:49.0312 1224 srv2 - ok
08:36:49.0359 1224 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:36:49.0359 1224 srvnet - ok
08:36:49.0375 1224 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:36:49.0390 1224 SSDPSRV - ok
08:36:49.0406 1224 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:36:49.0406 1224 SstpSvc - ok
08:36:49.0453 1224 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:36:49.0453 1224 stexstor - ok
08:36:49.0531 1224 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:36:49.0531 1224 stisvc - ok
08:36:49.0640 1224 SupportSoft RemoteAssist (2e5586392cdfbd1d73badb20e9ed6386) C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
08:36:49.0640 1224 SupportSoft RemoteAssist - ok
08:36:49.0687 1224 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:36:49.0687 1224 swenum - ok
08:36:49.0765 1224 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:36:49.0765 1224 swprv - ok
08:36:49.0921 1224 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:36:49.0937 1224 SysMain - ok
08:36:50.0078 1224 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:36:50.0078 1224 TabletInputService - ok
08:36:50.0140 1224 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:36:50.0140 1224 TapiSrv - ok
08:36:50.0187 1224 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:36:50.0187 1224 TBS - ok
08:36:50.0359 1224 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
08:36:50.0375 1224 Tcpip - ok
08:36:50.0609 1224 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
08:36:50.0625 1224 TCPIP6 - ok
08:36:50.0703 1224 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:36:50.0703 1224 tcpipreg - ok
08:36:50.0750 1224 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:36:50.0750 1224 TDPIPE - ok
08:36:50.0796 1224 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
08:36:50.0796 1224 TDTCP - ok
08:36:50.0843 1224 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:36:50.0843 1224 tdx - ok
08:36:50.0890 1224 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:36:50.0890 1224 TermDD - ok
08:36:50.0984 1224 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:36:51.0000 1224 TermService - ok
08:36:51.0046 1224 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:36:51.0046 1224 Themes - ok
08:36:51.0093 1224 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:36:51.0093 1224 THREADORDER - ok
08:36:51.0109 1224 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:36:51.0125 1224 TrkWks - ok
08:36:51.0203 1224 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:36:51.0203 1224 TrustedInstaller - ok
08:36:51.0250 1224 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:36:51.0250 1224 tssecsrv - ok
08:36:51.0296 1224 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:36:51.0296 1224 TsUsbFlt - ok
08:36:51.0343 1224 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:36:51.0343 1224 tunnel - ok
08:36:51.0390 1224 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:36:51.0406 1224 uagp35 - ok
08:36:51.0468 1224 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:36:51.0468 1224 udfs - ok
08:36:51.0515 1224 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:36:51.0515 1224 UI0Detect - ok
08:36:51.0562 1224 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:36:51.0562 1224 uliagpkx - ok
08:36:51.0609 1224 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
08:36:51.0609 1224 umbus - ok
08:36:51.0625 1224 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:36:51.0625 1224 UmPass - ok
08:36:51.0671 1224 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:36:51.0671 1224 upnphost - ok
08:36:51.0718 1224 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
08:36:51.0718 1224 USBAAPL64 - ok
08:36:51.0765 1224 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:36:51.0765 1224 usbccgp - ok
08:36:51.0796 1224 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:36:51.0796 1224 usbcir - ok
08:36:51.0812 1224 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
08:36:51.0812 1224 usbehci - ok
08:36:51.0859 1224 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:36:51.0859 1224 usbhub - ok
08:36:51.0875 1224 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
08:36:51.0875 1224 usbohci - ok
08:36:51.0906 1224 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:36:51.0906 1224 usbprint - ok
08:36:51.0968 1224 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
08:36:51.0968 1224 usbscan - ok
08:36:51.0984 1224 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:36:51.0984 1224 USBSTOR - ok
08:36:51.0984 1224 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
08:36:51.0984 1224 usbuhci - ok
08:36:52.0046 1224 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:36:52.0046 1224 UxSms - ok
08:36:52.0093 1224 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:36:52.0093 1224 VaultSvc - ok
08:36:52.0140 1224 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:36:52.0140 1224 vdrvroot - ok
08:36:52.0718 1224 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:36:52.0734 1224 vds - ok
08:36:52.0843 1224 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:36:52.0843 1224 vga - ok
08:36:52.0875 1224 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:36:52.0875 1224 VgaSave - ok
08:36:52.0921 1224 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:36:52.0937 1224 vhdmp - ok
08:36:53.0000 1224 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:36:53.0000 1224 viaide - ok
08:36:53.0031 1224 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:36:53.0031 1224 volmgr - ok
08:36:53.0109 1224 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:36:53.0109 1224 volmgrx - ok
08:36:53.0125 1224 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:36:53.0140 1224 volsnap - ok
08:36:53.0187 1224 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:36:53.0187 1224 vsmraid - ok
08:36:53.0328 1224 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:36:53.0343 1224 VSS - ok
08:36:53.0578 1224 VST64HWBS2 (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS
08:36:53.0593 1224 VST64HWBS2 - ok
08:36:53.0687 1224 VST64_DPV (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
08:36:53.0703 1224 VST64_DPV - ok
08:36:53.0796 1224 vToolbarUpdater11.1.0 - ok
08:36:53.0906 1224 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
08:36:53.0921 1224 vwifibus - ok
08:36:53.0984 1224 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:36:53.0984 1224 W32Time - ok
08:36:54.0015 1224 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:36:54.0015 1224 WacomPen - ok
08:36:54.0062 1224 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:36:54.0062 1224 WANARP - ok
08:36:54.0062 1224 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:36:54.0062 1224 Wanarpv6 - ok
08:36:54.0187 1224 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:36:54.0203 1224 WatAdminSvc - ok
08:36:54.0328 1224 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:36:54.0328 1224 wbengine - ok
08:36:54.0437 1224 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:36:54.0437 1224 WbioSrvc - ok
08:36:54.0515 1224 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:36:54.0515 1224 wcncsvc - ok
08:36:54.0546 1224 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:36:54.0546 1224 WcsPlugInService - ok
08:36:54.0625 1224 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:36:54.0625 1224 Wd - ok
08:36:54.0671 1224 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:36:54.0687 1224 Wdf01000 - ok
08:36:54.0703 1224 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:36:54.0703 1224 WdiServiceHost - ok
08:36:54.0703 1224 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:36:54.0718 1224 WdiSystemHost - ok
08:36:54.0781 1224 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:36:54.0781 1224 WebClient - ok
08:36:54.0812 1224 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:36:54.0812 1224 Wecsvc - ok
08:36:54.0828 1224 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:36:54.0828 1224 wercplsupport - ok
08:36:54.0843 1224 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:36:54.0843 1224 WerSvc - ok
08:36:54.0921 1224 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:36:54.0921 1224 WfpLwf - ok
08:36:54.0953 1224 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:36:54.0953 1224 WIMMount - ok
08:36:55.0046 1224 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
08:36:55.0046 1224 winachsf - ok
08:36:55.0062 1224 WinHttpAutoProxySvc - ok
08:36:55.0156 1224 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:36:55.0156 1224 Winmgmt - ok
08:36:55.0328 1224 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:36:55.0343 1224 WinRM - ok
08:36:55.0515 1224 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
08:36:55.0515 1224 WinUsb - ok
08:36:55.0625 1224 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:36:55.0625 1224 Wlansvc - ok
08:36:55.0906 1224 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:36:55.0921 1224 wlidsvc - ok
08:36:56.0046 1224 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:36:56.0046 1224 WmiAcpi - ok
08:36:56.0140 1224 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:36:56.0140 1224 wmiApSrv - ok
08:36:56.0203 1224 WMPNetworkSvc - ok
08:36:56.0250 1224 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:36:56.0250 1224 WPCSvc - ok
08:36:56.0312 1224 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:36:56.0312 1224 WPDBusEnum - ok
08:36:56.0359 1224 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:36:56.0359 1224 ws2ifsl - ok
08:36:56.0359 1224 WSearch - ok
08:36:56.0578 1224 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
08:36:56.0593 1224 wuauserv - ok
08:36:56.0875 1224 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:36:56.0875 1224 WudfPf - ok
08:36:56.0906 1224 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:36:56.0906 1224 WUDFRd - ok
08:36:56.0953 1224 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:36:56.0953 1224 wudfsvc - ok
08:36:57.0015 1224 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:36:57.0015 1224 WwanSvc - ok
08:36:57.0062 1224 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
08:36:57.0062 1224 XAudio - ok
08:36:57.0078 1224 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:36:57.0453 1224 \Device\Harddisk0\DR0 - ok
08:36:57.0453 1224 Boot (0x1200) (84061b272dd23b65fdcbb9318e3807b2) \Device\Harddisk0\DR0\Partition0
08:36:57.0453 1224 \Device\Harddisk0\DR0\Partition0 - ok
08:36:57.0468 1224 Boot (0x1200) (d660e64c10143ec96343bd4bf761e961) \Device\Harddisk0\DR0\Partition1
08:36:57.0468 1224 \Device\Harddisk0\DR0\Partition1 - ok
08:36:57.0468 1224 ============================================================
08:36:57.0468 1224 Scan finished
08:36:57.0468 1224 ============================================================
08:36:57.0484 1252 Detected object count: 0
08:36:57.0484 1252 Actual detected object count: 0

aswMBR Log (scanned C:)

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-01 08:35:59
-----------------------------
08:35:59.312 OS Version: Windows x64 6.1.7601 Service Pack 1
08:35:59.312 Number of processors: 2 586 0xF06
08:35:59.312 ComputerName: CHAMPYHP06-PC UserName: Hedgehog
08:36:01.500 Initialize success
08:36:04.140 AVAST engine defs: 12070100
08:40:20.562 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:40:20.562 Disk 0 Vendor: SAMSUNG_ VT10 Size: 238475MB BusType: 8
08:40:20.578 Disk 0 MBR read successfully
08:40:20.578 Disk 0 MBR scan
08:40:21.093 Disk 0 Windows 7 default MBR code
08:40:21.125 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 229804 MB offset 63
08:40:21.546 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 8660 MB offset 470656305
08:40:22.062 Disk 0 scanning C:\Windows\system32\drivers
08:40:37.500 Service scanning
08:40:59.703 Modules scanning
08:40:59.703 Disk 0 trace - called modules:
08:40:59.718 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorV.sys hal.dll
08:40:59.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800515f790]
08:40:59.750 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800416f050]
08:41:00.359 AVAST engine scan C:\
08:52:04.140 File: C:\Program Files (x86)\Online Services\Aol\Canada\comps\rp\rp9codec.exe **INFECTED** Win32:Hrupka-D [Cryp]
08:52:09.390 File: C:\Program Files (x86)\Online Services\Aol\United States\AOL90\COMPS\RP\RP9CODEC.EXE **INFECTED** Win32:Hrupka-D [Cryp]
08:52:23.031 File: C:\Program Files (x86)\Online Services\Canada\KOL\comps\rp\rp9codec.exe **INFECTED** Win32:Hrupka-D [Cryp]
12:26:51.718 File: C:\Windows.old\Program Files\Online Services\Aol\Canada\comps\rp\rp9codec.exe **INFECTED** Win32:Hrupka-D [Cryp]
12:26:59.343 File: C:\Windows.old\Program Files\Online Services\Aol\United States\AOL90\COMPS\RP\RP9CODEC.EXE **INFECTED** Win32:Hrupka-D [Cryp]
12:27:05.265 File: C:\Windows.old\Program Files\Online Services\Canada\KOL\comps\rp\rp9codec.exe **INFECTED** Win32:Hrupka-D [Cryp]
13:15:52.812 Scan finished successfully
13:41:27.406 Disk 0 MBR has been saved successfully to "C:\Users\Hedgehog.ChampyHP06-PC\Desktop\MBR.dat"
13:41:27.406 The log file has been saved successfully to "C:\Users\Hedgehog.ChampyHP06-PC\Desktop\aswMBR.07.01.12.txt"

[b][u]ESET Log[u/][b/]

C:\hp\bin\wbug\HPPavillion_Spring06.exe a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\RegistryFix8\RegFix8.exe Win32/Adware.ErrorClean application cleaned by deleting - quarantined
C:\Program Files (x86)\RegistryFix8\UninstlDll.dll Win32/Adware.ErrorClean application cleaned by deleting - quarantined
D:\I386\APPS\APP19075\src\CompaqPresario_Spring06.exe a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
D:\I386\APPS\APP19075\src\HPPavillion_Spring06.exe a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined

Thanks for your help! Please let me know what next steps are.

#5 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 01 July 2012 - 06:36 PM

Reboot to normal mode

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#6 jmkearney

New Member

Members
14 posts

Posted 01 July 2012 - 06:49 PM

Re-boot into Normal mode put me at blank blue screens on my user AND on my wife's. Previously, it was only on mine. I re-booted again into Safe/Networking to correspond with you. Any workarounds before doing what your last reply suggested?

Thanks.

#7 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 01 July 2012 - 06:53 PM

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

copy the contents of text file and paste it here

#8 jmkearney

New Member

Members
14 posts

Posted 01 July 2012 - 07:07 PM

Thanks. Here's the Autoruns.txt:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgtray.exe"
+ "ControlCenter3" "ControlCenter Program" "Brother Industries, Ltd." "c:\program files (x86)\brother\controlcenter3\brctrcen.exe"
+ "Google Quick Search Box" "Google Quick Search Box" "Google Inc." "c:\program files (x86)\google\quick search box\googlequicksearchbox.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "Malwarebytes Anti-Malware (reboot)" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbam.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\hedgehog.champyhp06-pc\appdata\local\google\update\googleupdate.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgppa.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "" "" "File not found: C:\Users\Hedgehog.ChampyHP06-PC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll"
+ "DropboxExt2" "" "" "File not found: C:\Users\Hedgehog.ChampyHP06-PC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll"
+ "DropboxExt3" "" "" "File not found: C:\Users\Hedgehog.ChampyHP06-PC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssiea.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssie.dll"
+ "AVG Security Toolbar" "AVG Secure Search" "" "c:\program files (x86)\avg secure search\11.1.0.7\avg secure search_toolbar.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\5.7.7227.1100\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Toolbar Helper" "Windows Live Toolbar Core" "Microsoft Corporation" "c:\program files (x86)\windows live\toolbar\wltcore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&Windows Live Toolbar" "Windows Live Toolbar Core" "Microsoft Corporation" "c:\program files (x86)\windows live\toolbar\wltcore.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "AVG Security Toolbar" "AVG Secure Search" "" "c:\program files (x86)\avg secure search\11.1.0.7\avg secure search_toolbar.dll"
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "" "File not found: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgwdsvc.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "" "File not found: C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files (x86)\bonjour\mdnsresponder.exe"
+ "Brother XP spl Service" "brsvc01a" "brother Industries Ltd" "c:\windows\syswow64\brsvc01a.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HsfXAudioService" "User-mode gate for HSF Modem" "Conexant Systems, Inc." "c:\windows\syswow64\xaudio64.dll"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SupportSoft RemoteAssist" "ssrc Module" "SupportSoft, Inc." "c:\program files (x86)\common files\supportsoft\bin\ssrc.exe"
+ "vToolbarUpdater11.1.0" "" "" "File not found: C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "44674880" "44674880" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\44674880.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "atksgt" "" "" "c:\windows\system32\drivers\atksgt.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfiltera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "CAXHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\caxhwbs2.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6232e.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "esgiguard" "" "" "File not found: C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HSF_DP" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\cax_dp.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "lirsgt" "" "" "c:\windows\system32\drivers\lirsgt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "mdmxsdk" "Diagnostic Interface x64 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "motmodem" "Motorola USB Modem and Ports Driver" "Motorola" "c:\windows\system32\drivers\motmodem.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "SBRE" "" "" "File not found: C:\Windows\system32\drivers\SBREdrv.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "VST64_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "VST64HWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstbs26.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\cax_cnxt.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Flip Video Decoder" "FlipDSVideoDecoder" "MyCompanyName" "c:\program files (x86)\flip video\flipshare\flipdsvideodecoder.ax"
+ "Flip Video Decoder Mpeg4" "FlipDSVideoDecoder" "MyCompanyName" "c:\program files (x86)\flip video\flipshare\flipdsmpeg4decoder.ax"
+ "PDFrameGrabFilter" "FrameGrabFilter" "" "c:\program files (x86)\flip video\flipshare\framegrabfilter.ax"
+ "PDT IPP AAC Encoder" "" "" "c:\program files (x86)\flip video\flipshare\ipp6_0_aacencoder.ax"
+ "PDT IPP H264 Encoder" "IPPH264Encoder" "" "c:\program files (x86)\flip video\flipshare\ipph264encoder.ax"
+ "PDT IPP MP4 Muxer" "IPPMP4Muxer" "" "c:\program files (x86)\flip video\flipshare\ippmp4muxer.ax"
+ "PDT IPP MP4 Splitter" "IPPMp4Splitter" "" "c:\program files (x86)\flip video\flipshare\ippmp4splitter.ax"
+ "PDT IPP MPEG Audio Decoder" "IPPMPEGAudioDecoder" "" "c:\program files (x86)\flip video\flipshare\ippmpegaudiodecoder.ax"
+ "PDT Resize and Letterbox Filter" "PurpleComposite" "" "c:\program files (x86)\flip video\flipshare\purplecomposite.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "CutePDF Writer Monitor" "" "" "c:\windows\system32\cpwmon64.dll"
"C:\Users\Hedgehog.ChampyHP06-PC\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Avast! antivirus monitor" "Avast! antivirus sidebar gadget." "AVAST Software" "C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\Gadget.xml"

#9 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 01 July 2012 - 08:05 PM

I do not find any suspicious startup entries

Do you have FBI ransomware pop up or something else?

Press Windows+R key and type

msconfig and click ok

Check mark Selective startup

Uncheck load startup items

click on Services tab,checkmark Hide all microsoft services and then click on DISABLE ALL

Reboot to normal mode,let me know if that worked

Edited by narenxp, 01 July 2012 - 08:10 PM.

#10 jmkearney

New Member

Members
14 posts

Posted 01 July 2012 - 08:09 PM

Just did all those things. Will report back after reboot.

#11 jmkearney

New Member

Members
14 posts

Posted 01 July 2012 - 08:53 PM

That worked to get the icons back on the desktop, but IE now opens and has message Internet Explorer has stopped working and keeps trying to restore past sessions, so I'm on Chrome. We're inching there. Going forward, if you had a choice of Anti-virus, would you use Avast, AVG, neither, another?

#12 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 01 July 2012 - 11:51 PM

We are not yet finished,run these scans in normal mode

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#13 jmkearney

New Member

Members
14 posts

Posted 02 July 2012 - 04:33 AM

Did MBAM scan and no issues.

Re-booted and running MBAM again.

When it's done (probably tomorrow morning, as I'm on Los Angeles time), I will do the second scan.

Thank you again for all of your time and help.

#14 TheDoc46

New Member

Members
1 posts

Posted 02 July 2012 - 11:25 AM

Hi all,

1st post so better start off with a hi !!

Decided to register to these forums as they're fantastic. Anyway, about this MoneyPak virus. I had it this morning on a machine for one of my users. Except this wasn't an FBI one, it was they'd found illegal music and the machine was locked. Quite obviously a scam.

I just want to report that Malware Bytes (the latest database) didn't report any malicous findings.

I was unable to get on using the users profile, even in SAFE mode. :angry:

I had to login using a different profile, ran my scans etc, for it to come back with nothing. Tried a system restore to an earlier date and that failed. So in the end I just deleted the old profile (after copying the user directories to somewhere safe) then re-created the user profile, which fixed the problem

None of my usual tools or tricks worked. Most alarminly, task manager wasn't working, nor was safe mode. Luckily i had a 2nd profile on this machine.

Anyway I hope this helps.

#15 jmkearney

New Member

Members
14 posts

Posted 02 July 2012 - 09:12 PM

MBAM was clean.

Here's the MiniToolbox Log:

MiniToolBox by Farbar Version: 25-06-2012
Ran by Hedgehog (administrator) on 02-07-2012 at 19:05:20
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 14550 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® 82562V 10/100 Network Connection = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled dhcpmediasense=disabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.0.1 publish=Yes
add address name="Local Area Connection" address=192.168.0.99 mask=255.255.255.0

popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : ChampyHP06-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82562V 10/100 Network Connection
Physical Address. . . . . . . . . : 00-18-F3-57-63-2E
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::831:c7ba:83ad:922e%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.99(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 234887411
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-AF-A5-F3-00-18-F3-57-63-2E
DNS Servers . . . . . . . . . . . : 205.171.3.65
205.171.2.65
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{9D0AF5BB-6E26-41DE-809F-34221FD2EC27}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: resolver.qwest.net
Address: 205.171.3.65

Name: google.com
Addresses: 2607:f8b0:400a:800::1004
173.194.33.6
173.194.33.7
173.194.33.8
173.194.33.9
173.194.33.14
173.194.33.0
173.194.33.1
173.194.33.2
173.194.33.3
173.194.33.4
173.194.33.5

Pinging google.com [173.194.33.7] with 32 bytes of data:
Reply from 173.194.33.7: bytes=32 time=43ms TTL=57
Reply from 173.194.33.7: bytes=32 time=43ms TTL=57

Ping statistics for 173.194.33.7:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 43ms, Average = 43ms
Server: resolver.qwest.net
Address: 205.171.3.65

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=94ms TTL=55
Reply from 209.191.122.70: bytes=32 time=95ms TTL=55

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 94ms, Maximum = 95ms, Average = 94ms
Server: resolver.qwest.net
Address: 205.171.3.65

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 18 f3 57 63 2e ......Intel® 82562V 10/100 Network Connection
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.99 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.99 276
192.168.0.99 255.255.255.255 On-link 192.168.0.99 276
192.168.0.255 255.255.255.255 On-link 192.168.0.99 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.99 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.99 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::831:c7ba:83ad:922e/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/02/2012 10:12:52 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: aswWebRepIE.dll, version: 7.0.1451.402, time stamp: 0x4fec52d8
Exception code: 0xc0000417
Fault offset: 0x0004e087
Faulting process id: 0x990
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (07/02/2012 10:12:15 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 8.0.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8d4

Start Time: 01cd587583bef1cf

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 0150f14b-c469-11e1-92eb-0018f357632e

Error: (07/02/2012 10:11:29 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: aswWebRepIE.dll, version: 7.0.1451.402, time stamp: 0x4fec52d8
Exception code: 0xc0000417
Fault offset: 0x0004e087
Faulting process id: 0xc6c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (07/02/2012 06:34:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/02/2012 06:34:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2012 06:34:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (07/02/2012 02:28:10 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: aswWebRepIE.dll, version: 7.0.1451.402, time stamp: 0x4fec52d8
Exception code: 0xc0000417
Fault offset: 0x0004e087
Faulting process id: 0x8a4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (07/02/2012 02:27:43 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: aswWebRepIE.dll, version: 7.0.1451.402, time stamp: 0x4fec52d8
Exception code: 0xc0000417
Fault offset: 0x0004e087
Faulting process id: 0xe00
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (07/02/2012 02:27:43 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: aswWebRepIE.dll, version: 7.0.1451.402, time stamp: 0x4fec52d8
Exception code: 0xc0000417
Fault offset: 0x0004e087
Faulting process id: 0xdf8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (07/01/2012 08:53:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: IEFRAME.dll, version: 8.0.7601.17824, time stamp: 0x4f90ea45
Exception code: 0xc0000005
Fault offset: 0x000518e1
Faulting process id: 0x118c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

System errors:
=============
Error: (07/02/2012 07:00:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (07/02/2012 01:11:15 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/02/2012 10:14:15 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (07/02/2012 10:10:58 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (07/02/2012 10:09:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/02/2012 10:09:16 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (07/02/2012 10:09:16 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater11.1.0 service failed to start due to the following error:
%%2

Error: (07/02/2012 10:09:15 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/02/2012 10:09:15 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (07/02/2012 10:09:15 AM) (Source: Service Control Manager) (User: )
Description: The BBUpdate service failed to start due to the following error:
%%2

Microsoft Office Sessions:
=========================
Error: (07/02/2012 10:12:52 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912aswWebRepIE.dll7.0.1451.4024fec52d8c00004170004e08799001cd5875d576d572C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files\AVAST Software\Avast\aswWebRepIE.dll27a4e8ff-c469-11e1-92eb-0018f357632e

Error: (07/02/2012 10:12:15 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.7601.175148d401cd587583bef1cf0C:\Program Files (x86)\Internet Explorer\iexplore.exe0150f14b-c469-11e1-92eb-0018f357632e

Error: (07/02/2012 10:11:29 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912aswWebRepIE.dll7.0.1451.4024fec52d8c00004170004e087c6c01cd58758a1abf56C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files\AVAST Software\Avast\aswWebRepIE.dllf60e29f4-c468-11e1-92eb-0018f357632e

Error: (07/02/2012 06:34:42 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (07/02/2012 06:34:05 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (07/02/2012 06:34:04 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/02/2012 02:28:10 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912aswWebRepIE.dll7.0.1451.4024fec52d8c00004170004e0878a401cd5834fbcd3bccC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files\AVAST Software\Avast\aswWebRepIE.dll3cc85099-c428-11e1-8b1c-0018f357632e

Error: (07/02/2012 02:27:43 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912aswWebRepIE.dll7.0.1451.4024fec52d8c00004170004e087e0001cd5834e6ad7403C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files\AVAST Software\Avast\aswWebRepIE.dll2cbe4cc4-c428-11e1-8b1c-0018f357632e

Error: (07/02/2012 02:27:43 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912aswWebRepIE.dll7.0.1451.4024fec52d8c00004170004e087df801cd5834e6abaa3fC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files\AVAST Software\Avast\aswWebRepIE.dll2c788ffc-c428-11e1-8b1c-0018f357632e

Error: (07/01/2012 08:53:12 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912IEFRAME.dll8.0.7601.178244f90ea45c0000005000518e1118c01cd58061d8ef427C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\IEFRAME.dll7120b887-c3f9-11e1-879f-0018f357632e

=========================== Installed Programs ============================

Acrobat.com (Version: 2.3.0)
Acrobat.com (Version: 2.3.0.0)
Adobe AIR (Version: 1.5.3.9120)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.1.116)
avast! Free Antivirus (Version: 7.0.1451.0)
Avery Wizard 4.0 (Version: 4.0.4)
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2180)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2180)
Big Fish Games: Game Manager (Version: 2.0.1.43)
Bing Bar (Version: 7.0.822.0)
Bonjour (Version: 2.0.5.0)
Brother MFL-Pro Suite MFC-8220 (Version: 1.0.1.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CutePDF Writer 2.8
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Online Scanner v3
FlipShare (Version: 5.10.25.0)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.4.2)
Google Chrome (Version: 20.0.1132.47)
Google Quick Search Box (Version: 1.2.1151.245)
Google Talk Plugin (Version: 3.1.4.8140)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1912)
IrfanView (remove only)
iTunes (Version: 10.2.2.12)
iWin Games (remove only)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (64-bit) (Version: 6.0.300)
Java™ 6 Update 30 (Version: 6.0.300)
Jing (Version: 2.4.10231)
Linksys Wireless-G PCI Adapter
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
MergeModules (Version: 1.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.1.5.0)
MotoConnect 1.1.31 (Version: 1.1.31)
Motorola Mobile Drivers Installation 4.7.1 (Version: 4.7.1)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mysteryville (remove only)
NVIDIA GAME System Software 2.8.1 (Version: 2.8.1)
OverDrive Media Console (Version: 3.2.5)
Picasa 3 (Version: 3.8)
Print Server Driver
QuickTime (Version: 7.69.80.9)
Qwest Installer (Version: 1.0)
Qwest Personal Digital Vault™ (Version: 1.0.0002)
Qwest QuickAssist Desktop Tools (Version: 23)
Qwest Windows Live Toolbar Buttons (Version: 2.0.0.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5910)
RegistryFix v8.0
Safari (Version: 5.33.21.1)
Sherlock Holmes - The Awakened - Remastered (Version: 1.00.0777)
Soft Data Fax Modem with SmartCP (Version: 7.80.4.50)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
TFP for 2009 (Version: Tax Year 2009)
TFP for 2010 (Version: Tax Year 2010)
TFP for 2011 (Version: 2011.08.31)
The Mystery of the Mummy (Version: 1.00.0000)
The Secret of the Silver Earring (Version: 0.0)
The Ultimate Troubleshooter
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VoiceOver Kit (Version: 1.40.128.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live OneCare safety scanner
Windows Live Photo Gallery (Version: 14.0.8064.206)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live Toolbar (Version: 14.0.8064.206)
WinUtilities 10.21 Free Edition
Xtranormal State - Showpak-Playgoz-Preview (Version: 1.2.8)
Xtranormal State - SoundPack-Starter Kit (Version: 1.0.2)
Xtranormal State - Voicepack-English-UK-Daniel (Version: 1.0.4)
Xtranormal State - Voicepack-English-UK-Serena (Version: 1.0.4)
Xtranormal State - Voicepack-English-US-Samantha (Version: 1.0.5)
Xtranormal State - Voicepack-English-US-Tom (Version: 1.0.4)
Xtranormal State (Version: 2.5.3854.0)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 4086.46 MB
Available physical RAM: 2938.86 MB
Total Pagefile: 8171.11 MB
Available Pagefile: 6242.19 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.53 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:224.42 GB) (Free:89.13 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:8.44 GB) (Free:1.22 GB) FAT32

========================= Users: ========================================

User accounts for \\CHAMPYHP06-PC

Administrator ChampyHP06 Guest
Hedgehog Phoebe

**** End of log ****