Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New Member in need of help.


  • Please log in to reply
23 replies to this topic

#1 Muttley54

Muttley54

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 26 April 2012 - 07:38 PM

Hello, My name is Joe and I'm a new member here at bleepingcomputer. Recently I was requested to help "fix" a friends computer. While I am by no means a professional(truck driver by trade) over the years, and with quite a bit of help from friends, I've learned the basics of running a fairly clean machine. I've had to "fix" more than a couple friends computers over the years, and as I'm sure you can guess, normally the problem is nothing more than lack of regular maintenance in the way of updates, running an up to date anti-virus, and programs to clean/remove adware, spyware and the like. This particular computer is running windows 7. I have installed and run AVG(free), ad-aware(free), and Ccleaner. There was a ton of stuff that needed cleaned and removed. AVG found a trojan. I still can't get windows defender to turn on. I tried finding a remedy online and one of the suggestions was to uninstall and reinstall defender. When I looked, defender didn't appear in the programs list. When I try to start it manually it either times out or I get an error message. I installed and ran hijackthis, I'm not a regular user of this program, but for some reason it won't allow me to save a logfile, and it seems like I should be able to. When I try to save it says it cannot find the file path. It also tells me I'm denied access to the hosts file. Maybe I'm doing something wrong trying to save the log but it seems like it should be as easy as clicking save log and naming a file. I'm not selecting anything to be fixed with hijackthis till I can let someone in the know look at it, but I'd love to know what I'm doing wrong and where to begin. When I run hijackthis it show well over 50 if not 100 items. Anyone have any ideas? Thank you in advance.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:01 PM

Posted 26 April 2012 - 08:49 PM

EDIT: I moved this from WIN7 to Am I Infected.

Hello Muttley,
Do not run a Temp file or Registry cleaner now,

Use Inherit.exe to fix inappropriate permissions.
Use this fix, when you see a box that states “Windows cannot not access the specified device, path, or file. You may have inappropriate permissions to access the item”.

Download This File
Save it next to mbam.exe (this file is located in the Malwarebytes Anti-malware home folder). Once done, drag and drop mbam.exe into Inherit.exe. Click OK and attempt to run Malwarebytes Anti-malware once again.


MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).





Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Edited by boopme, 26 April 2012 - 08:50 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Muttley54

Muttley54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 01 May 2012 - 09:24 PM

Awesome, Thank you, I will be back at this computer this Thursday, so I will try the suggested and post the logfile ASAP. Thank you again!

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:01 PM

Posted 01 May 2012 - 09:35 PM

You're welcome.. I'll look backwhen you reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Muttley54

Muttley54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 03 May 2012 - 07:24 PM

Malwarebytes Log:


Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.04.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
candjmcgowan :: CANDJMCGOWAN-PC [administrator]

Protection: Enabled

5/3/2012 8:15:03 PM
mbam-log-2012-05-03 (20-15-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 195388
Time elapsed: 3 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 10
HKCR\Typelib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TotalRecipeSearch_14.ToolbarPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TotalRecipeSearch_14.ToolbarPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\TotalRecipeSearch_14 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MozillaPlugins\@TotalRecipeSearch_14.com/Plugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 6
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{8a7d2060-824d-4b17-b00a-759b1b5f30d9} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{8a7d2060-824d-4b17-b00a-759b1b5f30d9} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{a0154e07-2b48-475c-a82a-80efd84ea33e} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{a0154e07-2b48-475c-a82a-80efd84ea33e} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|14ffxtbr@TotalRecipeSearch_14.com (PUP.MyWebSearch) -> Data: C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Program Files (x86)\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Files Detected: 8
C:\Program Files (x86)\I Want This\I Want This.ini (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want This.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want This.ico (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want ThisGui.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\Uninstall.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\candjmcgowan\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\candjmcgowan\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.

(end)

#6 Muttley54

Muttley54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 03 May 2012 - 07:49 PM

Apparently I got ahead of myself, and when I saved Malwarebytes the first time I forgot to rename it, and it didn't seem to want to update. I re-saved/re-installed changed the name, got it to update, and here is the new logfile. I have not yet had to use the inherit.exe file to get it to run.


Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.03.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
candjmcgowan :: CANDJMCGOWAN-PC [administrator]

Protection: Disabled

5/3/2012 8:44:02 PM
mbam-log-2012-05-03 (20-44-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 199962
Time elapsed: 3 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCR\Interface\{66666666-6666-6666-6666-660066226658} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 4
C:\Users\candjmcgowan\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\candjmcgowan\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\candjmcgowan\AppData\Local\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\candjmcgowan\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Files Detected: 0
(No malicious items detected)

(end)

#7 Muttley54

Muttley54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 03 May 2012 - 07:54 PM

TDSSKILLER Logfile results:


20:50:10.0364 2636 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:50:11.0004 2636 ============================================================
20:50:11.0004 2636 Current date / time: 2012/05/03 20:50:11.0004
20:50:11.0004 2636 SystemInfo:
20:50:11.0004 2636
20:50:11.0004 2636 OS Version: 6.1.7601 ServicePack: 1.0
20:50:11.0004 2636 Product type: Workstation
20:50:11.0004 2636 ComputerName: CANDJMCGOWAN-PC
20:50:11.0004 2636 UserName: candjmcgowan
20:50:11.0004 2636 Windows directory: C:\windows
20:50:11.0004 2636 System windows directory: C:\windows
20:50:11.0004 2636 Running under WOW64
20:50:11.0004 2636 Processor architecture: Intel x64
20:50:11.0004 2636 Number of processors: 2
20:50:11.0004 2636 Page size: 0x1000
20:50:11.0004 2636 Boot type: Normal boot
20:50:11.0004 2636 ============================================================
20:50:12.0236 2636 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:50:12.0252 2636 Drive \Device\Harddisk1\DR1 - Size: 0x3BB000000 (14.92 Gb), SectorSize: 0x200, Cylinders: 0x79B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:50:12.0252 2636 ============================================================
20:50:12.0252 2636 \Device\Harddisk0\DR0:
20:50:12.0267 2636 MBR partitions:
20:50:12.0267 2636 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38C86000
20:50:12.0267 2636 \Device\Harddisk1\DR1:
20:50:12.0267 2636 MBR partitions:
20:50:12.0267 2636 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x1DD6080
20:50:12.0267 2636 ============================================================
20:50:12.0298 2636 C: <-> \Device\Harddisk0\DR0\Partition0
20:50:12.0298 2636 ============================================================
20:50:12.0298 2636 Initialize success
20:50:12.0298 2636 ============================================================
20:50:25.0980 1128 ============================================================
20:50:25.0980 1128 Scan started
20:50:25.0980 1128 Mode: Manual; TDLFS;
20:50:25.0980 1128 ============================================================
20:50:26.0682 1128 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
20:50:26.0697 1128 1394ohci - ok
20:50:26.0744 1128 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
20:50:26.0744 1128 ACPI - ok
20:50:26.0775 1128 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
20:50:26.0775 1128 AcpiPmi - ok
20:50:26.0900 1128 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:50:26.0916 1128 AdobeFlashPlayerUpdateSvc - ok
20:50:26.0994 1128 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
20:50:27.0025 1128 adp94xx - ok
20:50:27.0087 1128 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
20:50:27.0103 1128 adpahci - ok
20:50:27.0134 1128 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
20:50:27.0150 1128 adpu320 - ok
20:50:27.0196 1128 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
20:50:27.0196 1128 AeLookupSvc - ok
20:50:27.0274 1128 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
20:50:27.0306 1128 AFD - ok
20:50:27.0415 1128 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys
20:50:27.0446 1128 AgereSoftModem - ok
20:50:27.0508 1128 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
20:50:27.0524 1128 agp440 - ok
20:50:27.0571 1128 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
20:50:27.0571 1128 ALG - ok
20:50:27.0633 1128 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
20:50:27.0633 1128 aliide - ok
20:50:27.0664 1128 AMD External Events Utility (57b773d82e8cc3c6d7e02cc8a6632043) C:\windows\system32\atiesrxx.exe
20:50:27.0680 1128 AMD External Events Utility - ok
20:50:27.0680 1128 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
20:50:27.0680 1128 amdide - ok
20:50:27.0727 1128 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
20:50:27.0727 1128 AmdK8 - ok
20:50:28.0132 1128 amdkmdag (aefaf27f1b7e52c705df4fb6c96732f6) C:\windows\system32\DRIVERS\atipmdag.sys
20:50:28.0304 1128 amdkmdag - ok
20:50:28.0476 1128 amdkmdap (8149db73be27950ec72767a1193153a6) C:\windows\system32\DRIVERS\atikmpag.sys
20:50:28.0491 1128 amdkmdap - ok
20:50:28.0538 1128 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
20:50:28.0538 1128 AmdPPM - ok
20:50:28.0569 1128 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\windows\system32\DRIVERS\amdsata.sys
20:50:28.0569 1128 amdsata - ok
20:50:28.0616 1128 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
20:50:28.0616 1128 amdsbs - ok
20:50:28.0632 1128 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\windows\system32\DRIVERS\amdxata.sys
20:50:28.0647 1128 amdxata - ok
20:50:28.0694 1128 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
20:50:28.0694 1128 AppID - ok
20:50:28.0725 1128 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
20:50:28.0725 1128 AppIDSvc - ok
20:50:28.0756 1128 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
20:50:28.0756 1128 Appinfo - ok
20:50:28.0866 1128 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:50:28.0881 1128 Apple Mobile Device - ok
20:50:28.0928 1128 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
20:50:28.0944 1128 arc - ok
20:50:28.0959 1128 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
20:50:28.0975 1128 arcsas - ok
20:50:28.0990 1128 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
20:50:29.0006 1128 AsyncMac - ok
20:50:29.0053 1128 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
20:50:29.0053 1128 atapi - ok
20:50:29.0131 1128 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
20:50:29.0131 1128 AtiPcie - ok
20:50:29.0240 1128 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
20:50:29.0256 1128 AudioEndpointBuilder - ok
20:50:29.0271 1128 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
20:50:29.0271 1128 AudioSrv - ok
20:50:29.0755 1128 AVGIDSAgent (f5689fba4360be50839999882e0a9d99) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
20:50:29.0895 1128 AVGIDSAgent - ok
20:50:30.0020 1128 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys
20:50:30.0036 1128 AVGIDSDriver - ok
20:50:30.0067 1128 AVGIDSEH (9650578c511527e218328df6d311b4fa) C:\windows\system32\DRIVERS\avgidseha.sys
20:50:30.0067 1128 AVGIDSEH - ok
20:50:30.0098 1128 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys
20:50:30.0098 1128 AVGIDSFilter - ok
20:50:30.0129 1128 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
20:50:30.0129 1128 Avgldx64 - ok
20:50:30.0176 1128 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
20:50:30.0176 1128 Avgmfx64 - ok
20:50:30.0223 1128 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
20:50:30.0223 1128 Avgrkx64 - ok
20:50:30.0254 1128 Avgtdia (e601444168adfb78afa22a1e270d9253) C:\windows\system32\DRIVERS\avgtdia.sys
20:50:30.0270 1128 Avgtdia - ok
20:50:30.0348 1128 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
20:50:30.0363 1128 avgwd - ok
20:50:30.0441 1128 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
20:50:30.0457 1128 AxInstSV - ok
20:50:30.0535 1128 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
20:50:30.0550 1128 b06bdrv - ok
20:50:30.0597 1128 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
20:50:30.0597 1128 b57nd60a - ok
20:50:30.0644 1128 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
20:50:30.0660 1128 BDESVC - ok
20:50:30.0675 1128 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
20:50:30.0675 1128 Beep - ok
20:50:30.0753 1128 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
20:50:30.0769 1128 BFE - ok
20:50:30.0862 1128 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
20:50:30.0909 1128 BITS - ok
20:50:30.0972 1128 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
20:50:30.0972 1128 blbdrive - ok
20:50:31.0112 1128 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
20:50:31.0143 1128 Bonjour Service - ok
20:50:31.0190 1128 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
20:50:31.0190 1128 bowser - ok
20:50:31.0221 1128 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:50:31.0237 1128 BrFiltLo - ok
20:50:31.0252 1128 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:50:31.0252 1128 BrFiltUp - ok
20:50:31.0284 1128 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
20:50:31.0299 1128 Browser - ok
20:50:31.0330 1128 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
20:50:31.0330 1128 Brserid - ok
20:50:31.0362 1128 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
20:50:31.0362 1128 BrSerWdm - ok
20:50:31.0393 1128 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
20:50:31.0393 1128 BrUsbMdm - ok
20:50:31.0408 1128 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
20:50:31.0408 1128 BrUsbSer - ok
20:50:31.0408 1128 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
20:50:31.0424 1128 BTHMODEM - ok
20:50:31.0471 1128 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
20:50:31.0471 1128 bthserv - ok
20:50:31.0533 1128 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\windows\system32\DRIVERS\CAXHWAZL.sys
20:50:31.0549 1128 CAXHWAZL - ok
20:50:31.0596 1128 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
20:50:31.0611 1128 cdfs - ok
20:50:31.0674 1128 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
20:50:31.0689 1128 cdrom - ok
20:50:31.0736 1128 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
20:50:31.0752 1128 CertPropSvc - ok
20:50:31.0783 1128 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
20:50:31.0783 1128 circlass - ok
20:50:31.0814 1128 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
20:50:31.0830 1128 CLFS - ok
20:50:31.0876 1128 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:50:31.0876 1128 clr_optimization_v2.0.50727_32 - ok
20:50:31.0939 1128 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:50:31.0939 1128 clr_optimization_v2.0.50727_64 - ok
20:50:32.0017 1128 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:50:32.0017 1128 clr_optimization_v4.0.30319_32 - ok
20:50:32.0079 1128 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:50:32.0079 1128 clr_optimization_v4.0.30319_64 - ok
20:50:32.0110 1128 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
20:50:32.0110 1128 CmBatt - ok
20:50:32.0142 1128 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
20:50:32.0142 1128 cmdide - ok
20:50:32.0220 1128 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
20:50:32.0251 1128 CNG - ok
20:50:32.0282 1128 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
20:50:32.0282 1128 Compbatt - ok
20:50:32.0344 1128 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
20:50:32.0344 1128 CompositeBus - ok
20:50:32.0360 1128 COMSysApp - ok
20:50:32.0376 1128 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
20:50:32.0391 1128 crcdisk - ok
20:50:32.0438 1128 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
20:50:32.0438 1128 CryptSvc - ok
20:50:32.0485 1128 dc3d (1ca90212a99db6975c344826d11055c9) C:\windows\system32\DRIVERS\dc3d.sys
20:50:32.0485 1128 dc3d - ok
20:50:32.0578 1128 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
20:50:32.0594 1128 DcomLaunch - ok
20:50:32.0641 1128 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
20:50:32.0656 1128 defragsvc - ok
20:50:32.0688 1128 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
20:50:32.0688 1128 DfsC - ok
20:50:32.0766 1128 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
20:50:32.0766 1128 Dhcp - ok
20:50:32.0781 1128 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
20:50:32.0797 1128 discache - ok
20:50:32.0828 1128 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
20:50:32.0828 1128 Disk - ok
20:50:32.0859 1128 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
20:50:32.0875 1128 Dnscache - ok
20:50:32.0937 1128 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
20:50:32.0968 1128 dot3svc - ok
20:50:33.0000 1128 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
20:50:33.0000 1128 DPS - ok
20:50:33.0031 1128 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
20:50:33.0031 1128 drmkaud - ok
20:50:33.0140 1128 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
20:50:33.0171 1128 DXGKrnl - ok
20:50:33.0218 1128 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
20:50:33.0218 1128 EapHost - ok
20:50:33.0483 1128 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
20:50:33.0561 1128 ebdrv - ok
20:50:33.0686 1128 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
20:50:33.0686 1128 EFS - ok
20:50:33.0780 1128 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
20:50:33.0811 1128 ehRecvr - ok
20:50:33.0842 1128 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
20:50:33.0842 1128 ehSched - ok
20:50:33.0951 1128 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
20:50:33.0982 1128 elxstor - ok
20:50:34.0029 1128 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
20:50:34.0029 1128 ErrDev - ok
20:50:34.0092 1128 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
20:50:34.0107 1128 EventSystem - ok
20:50:34.0138 1128 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
20:50:34.0138 1128 exfat - ok
20:50:34.0170 1128 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
20:50:34.0170 1128 fastfat - ok
20:50:34.0263 1128 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
20:50:34.0294 1128 Fax - ok
20:50:34.0341 1128 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
20:50:34.0357 1128 fdc - ok
20:50:34.0372 1128 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
20:50:34.0372 1128 fdPHost - ok
20:50:34.0388 1128 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
20:50:34.0388 1128 FDResPub - ok
20:50:34.0404 1128 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
20:50:34.0404 1128 FileInfo - ok
20:50:34.0419 1128 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
20:50:34.0419 1128 Filetrace - ok
20:50:34.0435 1128 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
20:50:34.0435 1128 flpydisk - ok
20:50:34.0497 1128 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
20:50:34.0497 1128 FltMgr - ok
20:50:34.0622 1128 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
20:50:34.0653 1128 FontCache - ok
20:50:34.0731 1128 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:50:34.0731 1128 FontCache3.0.0.0 - ok
20:50:34.0778 1128 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
20:50:34.0778 1128 FsDepends - ok
20:50:34.0825 1128 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
20:50:34.0825 1128 Fs_Rec - ok
20:50:34.0887 1128 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
20:50:34.0887 1128 fvevol - ok
20:50:34.0934 1128 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
20:50:34.0934 1128 gagp30kx - ok
20:50:35.0043 1128 GameConsoleService (1a0b9d84beb3306f728bc3009d432f5c) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
20:50:35.0043 1128 GameConsoleService - ok
20:50:35.0074 1128 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:50:35.0074 1128 GEARAspiWDM - ok
20:50:35.0184 1128 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
20:50:35.0215 1128 gpsvc - ok
20:50:35.0324 1128 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:50:35.0324 1128 gupdate - ok
20:50:35.0340 1128 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:50:35.0355 1128 gupdatem - ok
20:50:35.0386 1128 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
20:50:35.0402 1128 hcw85cir - ok
20:50:35.0464 1128 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
20:50:35.0480 1128 HdAudAddService - ok
20:50:35.0542 1128 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
20:50:35.0542 1128 HDAudBus - ok
20:50:35.0574 1128 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
20:50:35.0574 1128 HidBatt - ok
20:50:35.0605 1128 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
20:50:35.0605 1128 HidBth - ok
20:50:35.0620 1128 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
20:50:35.0620 1128 HidIr - ok
20:50:35.0667 1128 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
20:50:35.0667 1128 hidserv - ok
20:50:35.0730 1128 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
20:50:35.0730 1128 HidUsb - ok
20:50:35.0776 1128 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
20:50:35.0792 1128 hkmsvc - ok
20:50:35.0823 1128 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
20:50:35.0839 1128 HomeGroupListener - ok
20:50:35.0901 1128 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
20:50:35.0901 1128 HomeGroupProvider - ok
20:50:35.0964 1128 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
20:50:35.0964 1128 HpSAMD - ok
20:50:36.0073 1128 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\windows\SysWOW64\XAudio64.dll
20:50:36.0088 1128 HsfXAudioService - ok
20:50:36.0198 1128 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\windows\system32\DRIVERS\CAX_DPV.sys
20:50:36.0229 1128 HSF_DPV - ok
20:50:36.0400 1128 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
20:50:36.0416 1128 HTTP - ok
20:50:36.0447 1128 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
20:50:36.0447 1128 hwpolicy - ok
20:50:36.0525 1128 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
20:50:36.0541 1128 i8042prt - ok
20:50:36.0588 1128 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
20:50:36.0619 1128 iaStorV - ok
20:50:36.0744 1128 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:50:36.0775 1128 idsvc - ok
20:50:36.0822 1128 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
20:50:36.0822 1128 iirsp - ok
20:50:36.0900 1128 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
20:50:36.0915 1128 IKEEXT - ok
20:50:37.0102 1128 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\windows\system32\drivers\RTKVHD64.sys
20:50:37.0180 1128 IntcAzAudAddService - ok
20:50:37.0305 1128 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
20:50:37.0305 1128 intelide - ok
20:50:37.0336 1128 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
20:50:37.0336 1128 intelppm - ok
20:50:37.0383 1128 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
20:50:37.0399 1128 IPBusEnum - ok
20:50:37.0430 1128 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:50:37.0430 1128 IpFilterDriver - ok
20:50:37.0477 1128 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
20:50:37.0492 1128 iphlpsvc - ok
20:50:37.0539 1128 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
20:50:37.0539 1128 IPMIDRV - ok
20:50:37.0586 1128 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
20:50:37.0586 1128 IPNAT - ok
20:50:37.0742 1128 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
20:50:37.0758 1128 iPod Service - ok
20:50:37.0804 1128 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
20:50:37.0804 1128 IRENUM - ok
20:50:37.0851 1128 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
20:50:37.0851 1128 isapnp - ok
20:50:37.0882 1128 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
20:50:37.0898 1128 iScsiPrt - ok
20:50:37.0960 1128 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:50:37.0960 1128 IviRegMgr - ok
20:50:38.0007 1128 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
20:50:38.0023 1128 kbdclass - ok
20:50:38.0054 1128 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
20:50:38.0054 1128 kbdhid - ok
20:50:38.0085 1128 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:50:38.0085 1128 KeyIso - ok
20:50:38.0132 1128 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
20:50:38.0132 1128 KSecDD - ok
20:50:38.0148 1128 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
20:50:38.0163 1128 KSecPkg - ok
20:50:38.0210 1128 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
20:50:38.0210 1128 ksthunk - ok
20:50:38.0241 1128 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
20:50:38.0272 1128 KtmRm - ok
20:50:38.0335 1128 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
20:50:38.0350 1128 LanmanServer - ok
20:50:38.0397 1128 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
20:50:38.0397 1128 LanmanWorkstation - ok
20:50:38.0616 1128 Lavasoft Ad-Aware Service (ea38136981c61c571d52c380daad46ef) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
20:50:38.0631 1128 Lavasoft Ad-Aware Service - ok
20:50:38.0694 1128 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
20:50:38.0694 1128 Lavasoft Kernexplorer - ok
20:50:38.0850 1128 Lbd (c8b3131857931ae76798a741cc52b021) C:\windows\system32\DRIVERS\Lbd.sys
20:50:38.0850 1128 Lbd - ok
20:50:38.0881 1128 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
20:50:38.0881 1128 lltdio - ok
20:50:38.0928 1128 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
20:50:38.0943 1128 lltdsvc - ok
20:50:38.0959 1128 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
20:50:38.0959 1128 lmhosts - ok
20:50:39.0006 1128 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys
20:50:39.0006 1128 LPCFilter - ok
20:50:39.0052 1128 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
20:50:39.0068 1128 LSI_FC - ok
20:50:39.0084 1128 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
20:50:39.0084 1128 LSI_SAS - ok
20:50:39.0099 1128 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:50:39.0115 1128 LSI_SAS2 - ok
20:50:39.0146 1128 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:50:39.0146 1128 LSI_SCSI - ok
20:50:39.0193 1128 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
20:50:39.0193 1128 luafv - ok
20:50:39.0240 1128 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
20:50:39.0240 1128 Mcx2Svc - ok
20:50:39.0271 1128 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\windows\system32\DRIVERS\mdmxsdk.sys
20:50:39.0271 1128 mdmxsdk - ok
20:50:39.0302 1128 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
20:50:39.0302 1128 megasas - ok
20:50:39.0349 1128 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
20:50:39.0349 1128 MegaSR - ok
20:50:39.0396 1128 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:50:39.0396 1128 MMCSS - ok
20:50:39.0411 1128 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
20:50:39.0411 1128 Modem - ok
20:50:39.0442 1128 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
20:50:39.0442 1128 monitor - ok
20:50:39.0474 1128 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
20:50:39.0474 1128 mouclass - ok
20:50:39.0489 1128 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
20:50:39.0489 1128 mouhid - ok
20:50:39.0536 1128 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
20:50:39.0552 1128 mountmgr - ok
20:50:39.0630 1128 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\windows\system32\DRIVERS\MpFilter.sys
20:50:39.0630 1128 MpFilter - ok
20:50:39.0692 1128 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
20:50:39.0708 1128 mpio - ok
20:50:39.0739 1128 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
20:50:39.0739 1128 mpsdrv - ok
20:50:39.0832 1128 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
20:50:39.0848 1128 MpsSvc - ok
20:50:39.0895 1128 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
20:50:39.0895 1128 MRxDAV - ok
20:50:39.0926 1128 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
20:50:39.0926 1128 mrxsmb - ok
20:50:39.0957 1128 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:50:39.0957 1128 mrxsmb10 - ok
20:50:39.0988 1128 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:50:39.0988 1128 mrxsmb20 - ok
20:50:40.0020 1128 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
20:50:40.0020 1128 msahci - ok
20:50:40.0066 1128 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
20:50:40.0082 1128 msdsm - ok
20:50:40.0113 1128 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
20:50:40.0129 1128 MSDTC - ok
20:50:40.0160 1128 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
20:50:40.0176 1128 Msfs - ok
20:50:40.0176 1128 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
20:50:40.0176 1128 mshidkmdf - ok
20:50:40.0191 1128 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
20:50:40.0191 1128 msisadrv - ok
20:50:40.0222 1128 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
20:50:40.0238 1128 MSiSCSI - ok
20:50:40.0238 1128 msiserver - ok
20:50:40.0285 1128 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
20:50:40.0285 1128 MSKSSRV - ok
20:50:40.0378 1128 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:50:40.0378 1128 MsMpSvc - ok
20:50:40.0425 1128 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
20:50:40.0425 1128 MSPCLOCK - ok
20:50:40.0441 1128 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
20:50:40.0441 1128 MSPQM - ok
20:50:40.0503 1128 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
20:50:40.0519 1128 MsRPC - ok
20:50:40.0566 1128 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
20:50:40.0566 1128 mssmbios - ok
20:50:40.0612 1128 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
20:50:40.0612 1128 MSTEE - ok
20:50:40.0644 1128 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
20:50:40.0644 1128 MTConfig - ok
20:50:40.0675 1128 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
20:50:40.0675 1128 Mup - ok
20:50:40.0753 1128 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
20:50:40.0768 1128 napagent - ok
20:50:40.0831 1128 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
20:50:40.0846 1128 NativeWifiP - ok
20:50:40.0971 1128 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
20:50:41.0002 1128 NDIS - ok
20:50:41.0034 1128 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
20:50:41.0049 1128 NdisCap - ok
20:50:41.0080 1128 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
20:50:41.0080 1128 NdisTapi - ok
20:50:41.0127 1128 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
20:50:41.0127 1128 Ndisuio - ok
20:50:41.0158 1128 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
20:50:41.0174 1128 NdisWan - ok
20:50:41.0221 1128 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
20:50:41.0221 1128 NDProxy - ok
20:50:41.0268 1128 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
20:50:41.0268 1128 NetBIOS - ok
20:50:41.0314 1128 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
20:50:41.0330 1128 NetBT - ok
20:50:41.0361 1128 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:50:41.0361 1128 Netlogon - ok
20:50:41.0424 1128 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
20:50:41.0439 1128 Netman - ok
20:50:41.0486 1128 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
20:50:41.0486 1128 netprofm - ok
20:50:41.0548 1128 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:50:41.0548 1128 NetTcpPortSharing - ok
20:50:41.0595 1128 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
20:50:41.0611 1128 nfrd960 - ok
20:50:41.0689 1128 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\windows\system32\DRIVERS\NisDrvWFP.sys
20:50:41.0704 1128 NisDrv - ok
20:50:41.0814 1128 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
20:50:41.0829 1128 NisSrv - ok
20:50:41.0892 1128 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
20:50:41.0907 1128 NlaSvc - ok
20:50:41.0970 1128 Norton PC Checkup Application Launcher - ok
20:50:41.0985 1128 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
20:50:42.0001 1128 Npfs - ok
20:50:42.0032 1128 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
20:50:42.0032 1128 nsi - ok
20:50:42.0032 1128 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
20:50:42.0048 1128 nsiproxy - ok
20:50:42.0204 1128 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
20:50:42.0235 1128 Ntfs - ok
20:50:42.0360 1128 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
20:50:42.0360 1128 Null - ok
20:50:42.0422 1128 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
20:50:42.0438 1128 nvraid - ok
20:50:42.0484 1128 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
20:50:42.0500 1128 nvstor - ok
20:50:42.0547 1128 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
20:50:42.0547 1128 nv_agp - ok
20:50:42.0672 1128 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:50:42.0687 1128 odserv - ok
20:50:42.0734 1128 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
20:50:42.0734 1128 ohci1394 - ok
20:50:42.0781 1128 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:50:42.0796 1128 ose - ok
20:50:42.0859 1128 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:50:42.0874 1128 p2pimsvc - ok
20:50:42.0921 1128 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
20:50:42.0937 1128 p2psvc - ok
20:50:42.0968 1128 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
20:50:42.0984 1128 Parport - ok
20:50:43.0015 1128 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
20:50:43.0015 1128 partmgr - ok
20:50:43.0062 1128 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
20:50:43.0062 1128 PcaSvc - ok
20:50:43.0155 1128 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
20:50:43.0171 1128 PCCUJobMgr - ok
20:50:43.0218 1128 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
20:50:43.0218 1128 pci - ok
20:50:43.0233 1128 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
20:50:43.0233 1128 pciide - ok
20:50:43.0280 1128 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
20:50:43.0296 1128 pcmcia - ok
20:50:43.0327 1128 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\windows\system32\Drivers\pcouffin.sys
20:50:43.0327 1128 pcouffin - ok
20:50:43.0358 1128 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
20:50:43.0358 1128 pcw - ok
20:50:43.0405 1128 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
20:50:43.0405 1128 PEAUTH - ok
20:50:43.0483 1128 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
20:50:43.0483 1128 PerfHost - ok
20:50:43.0530 1128 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
20:50:43.0530 1128 PGEffect - ok
20:50:43.0670 1128 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
20:50:43.0732 1128 pla - ok
20:50:43.0810 1128 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
20:50:43.0826 1128 PlugPlay - ok
20:50:43.0857 1128 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
20:50:43.0873 1128 PNRPAutoReg - ok
20:50:43.0920 1128 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:50:43.0935 1128 PNRPsvc - ok
20:50:44.0013 1128 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\windows\system32\DRIVERS\point64.sys
20:50:44.0013 1128 Point64 - ok
20:50:44.0091 1128 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
20:50:44.0107 1128 PolicyAgent - ok
20:50:44.0138 1128 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
20:50:44.0154 1128 Power - ok
20:50:44.0200 1128 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
20:50:44.0200 1128 PptpMiniport - ok
20:50:44.0247 1128 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
20:50:44.0247 1128 Processor - ok
20:50:44.0278 1128 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
20:50:44.0294 1128 ProfSvc - ok
20:50:44.0325 1128 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:50:44.0341 1128 ProtectedStorage - ok
20:50:44.0388 1128 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
20:50:44.0388 1128 Psched - ok
20:50:44.0466 1128 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
20:50:44.0481 1128 PSI_SVC_2 - ok
20:50:44.0622 1128 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
20:50:44.0684 1128 ql2300 - ok
20:50:44.0824 1128 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
20:50:44.0840 1128 ql40xx - ok
20:50:44.0887 1128 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
20:50:44.0902 1128 QWAVE - ok
20:50:44.0918 1128 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
20:50:44.0934 1128 QWAVEdrv - ok
20:50:44.0949 1128 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
20:50:44.0965 1128 RasAcd - ok
20:50:44.0996 1128 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
20:50:44.0996 1128 RasAgileVpn - ok
20:50:45.0027 1128 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
20:50:45.0043 1128 RasAuto - ok
20:50:45.0074 1128 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
20:50:45.0090 1128 Rasl2tp - ok
20:50:45.0168 1128 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
20:50:45.0183 1128 RasMan - ok
20:50:45.0246 1128 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
20:50:45.0246 1128 RasPppoe - ok
20:50:45.0261 1128 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
20:50:45.0277 1128 RasSstp - ok
20:50:45.0324 1128 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
20:50:45.0355 1128 rdbss - ok
20:50:45.0386 1128 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
20:50:45.0386 1128 rdpbus - ok
20:50:45.0417 1128 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
20:50:45.0417 1128 RDPCDD - ok
20:50:45.0448 1128 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
20:50:45.0448 1128 RDPENCDD - ok
20:50:45.0480 1128 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
20:50:45.0480 1128 RDPREFMP - ok
20:50:45.0526 1128 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
20:50:45.0542 1128 RDPWD - ok
20:50:45.0604 1128 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
20:50:45.0604 1128 rdyboost - ok
20:50:45.0729 1128 Realtek11nSU (ea569d48b2e755af6d96f03f3335d98a) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
20:50:45.0729 1128 Realtek11nSU - ok
20:50:45.0760 1128 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\windows\system32\drivers\regi.sys
20:50:45.0760 1128 regi - ok
20:50:45.0792 1128 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
20:50:45.0807 1128 RemoteAccess - ok
20:50:45.0854 1128 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
20:50:45.0870 1128 RemoteRegistry - ok
20:50:45.0885 1128 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
20:50:45.0885 1128 RpcEptMapper - ok
20:50:45.0916 1128 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
20:50:45.0916 1128 RpcLocator - ok
20:50:45.0979 1128 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
20:50:45.0994 1128 RpcSs - ok
20:50:46.0010 1128 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
20:50:46.0026 1128 rspndr - ok
20:50:46.0057 1128 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\windows\system32\Drivers\RtsUStor.sys
20:50:46.0072 1128 RSUSBSTOR - ok
20:50:46.0104 1128 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\windows\system32\drivers\RtHDMIVX.sys
20:50:46.0135 1128 RTHDMIAzAudService - ok
20:50:46.0182 1128 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\windows\system32\DRIVERS\Rt64win7.sys
20:50:46.0197 1128 RTL8167 - ok
20:50:46.0291 1128 rtl8192se (7475548b0ba58eba4d12414fc9e9dfe6) C:\windows\system32\DRIVERS\rtl8192se.sys
20:50:46.0338 1128 rtl8192se - ok
20:50:46.0369 1128 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:50:46.0369 1128 SamSs - ok
20:50:46.0400 1128 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
20:50:46.0416 1128 sbp2port - ok
20:50:46.0462 1128 SBRE (fd833bee2fd9befdc0afd1941a306d9e) C:\windows\system32\drivers\SBREdrv.sys
20:50:46.0478 1128 SBRE - ok
20:50:46.0509 1128 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
20:50:46.0525 1128 SCardSvr - ok
20:50:46.0572 1128 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
20:50:46.0587 1128 scfilter - ok
20:50:46.0696 1128 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
20:50:46.0728 1128 Schedule - ok
20:50:46.0774 1128 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
20:50:46.0774 1128 SCPolicySvc - ok
20:50:46.0806 1128 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
20:50:46.0821 1128 SDRSVC - ok
20:50:46.0977 1128 SDScannerService (8dcd2c2aa1debe7edaac90e398765976) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
20:50:47.0008 1128 SDScannerService - ok
20:50:47.0102 1128 SDUpdateService (5de1be0423c8cc00e8c47dbf4f987dd4) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
20:50:47.0133 1128 SDUpdateService - ok
20:50:47.0180 1128 SDWSCService (92c58389ecab46b7a47c7fb6a8cf5526) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
20:50:47.0180 1128 SDWSCService - ok
20:50:47.0289 1128 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
20:50:47.0305 1128 secdrv - ok
20:50:47.0336 1128 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
20:50:47.0336 1128 seclogon - ok
20:50:47.0383 1128 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
20:50:47.0383 1128 SENS - ok
20:50:47.0398 1128 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
20:50:47.0414 1128 SensrSvc - ok
20:50:47.0461 1128 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
20:50:47.0461 1128 Serenum - ok
20:50:47.0492 1128 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
20:50:47.0492 1128 Serial - ok
20:50:47.0523 1128 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
20:50:47.0523 1128 sermouse - ok
20:50:47.0570 1128 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
20:50:47.0586 1128 SessionEnv - ok
20:50:47.0601 1128 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
20:50:47.0601 1128 sffdisk - ok
20:50:47.0617 1128 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
20:50:47.0617 1128 sffp_mmc - ok
20:50:47.0632 1128 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
20:50:47.0632 1128 sffp_sd - ok
20:50:47.0679 1128 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
20:50:47.0679 1128 sfloppy - ok
20:50:47.0726 1128 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
20:50:47.0742 1128 SharedAccess - ok
20:50:47.0804 1128 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
20:50:47.0804 1128 ShellHWDetection - ok
20:50:47.0835 1128 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:50:47.0835 1128 SiSRaid2 - ok
20:50:47.0866 1128 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
20:50:47.0866 1128 SiSRaid4 - ok
20:50:47.0898 1128 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
20:50:47.0913 1128 Smb - ok
20:50:47.0960 1128 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
20:50:47.0960 1128 SNMPTRAP - ok
20:50:47.0991 1128 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
20:50:48.0007 1128 spldr - ok
20:50:48.0069 1128 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
20:50:48.0069 1128 Spooler - ok
20:50:48.0366 1128 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
20:50:48.0381 1128 sppsvc - ok
20:50:48.0490 1128 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
20:50:48.0490 1128 sppuinotify - ok
20:50:48.0568 1128 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
20:50:48.0584 1128 srv - ok
20:50:48.0631 1128 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
20:50:48.0646 1128 srv2 - ok
20:50:48.0693 1128 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\windows\system32\DRIVERS\VSTAZL6.SYS
20:50:48.0709 1128 SrvHsfHDA - ok
20:50:48.0818 1128 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\windows\system32\DRIVERS\VSTDPV6.SYS
20:50:48.0849 1128 SrvHsfV92 - ok
20:50:49.0036 1128 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\windows\system32\DRIVERS\VSTCNXT6.SYS
20:50:49.0068 1128 SrvHsfWinac - ok
20:50:49.0114 1128 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
20:50:49.0130 1128 srvnet - ok
20:50:49.0177 1128 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
20:50:49.0192 1128 SSDPSRV - ok
20:50:49.0208 1128 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
20:50:49.0224 1128 SstpSvc - ok
20:50:49.0239 1128 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
20:50:49.0239 1128 stexstor - ok
20:50:49.0333 1128 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
20:50:49.0348 1128 stisvc - ok
20:50:49.0380 1128 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
20:50:49.0380 1128 swenum - ok
20:50:49.0458 1128 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
20:50:49.0473 1128 swprv - ok
20:50:49.0582 1128 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
20:50:49.0598 1128 SynTP - ok
20:50:49.0770 1128 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
20:50:49.0801 1128 SysMain - ok
20:50:49.0957 1128 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
20:50:49.0972 1128 TabletInputService - ok
20:50:50.0004 1128 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
20:50:50.0019 1128 TapiSrv - ok
20:50:50.0050 1128 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
20:50:50.0050 1128 TBS - ok
20:50:50.0222 1128 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
20:50:50.0269 1128 Tcpip - ok
20:50:50.0534 1128 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
20:50:50.0550 1128 TCPIP6 - ok
20:50:50.0659 1128 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
20:50:50.0659 1128 tcpipreg - ok
20:50:50.0706 1128 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
20:50:50.0706 1128 tdcmdpst - ok
20:50:50.0737 1128 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
20:50:50.0737 1128 TDPIPE - ok
20:50:50.0768 1128 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
20:50:50.0784 1128 TDTCP - ok
20:50:50.0830 1128 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
20:50:50.0846 1128 tdx - ok
20:50:50.0893 1128 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
20:50:50.0893 1128 TermDD - ok
20:50:50.0986 1128 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
20:50:51.0018 1128 TermService - ok
20:50:51.0049 1128 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
20:50:51.0049 1128 Themes - ok
20:50:51.0080 1128 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:50:51.0080 1128 THREADORDER - ok
20:50:51.0158 1128 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:50:51.0158 1128 TMachInfo - ok
20:50:51.0220 1128 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
20:50:51.0220 1128 TODDSrv - ok
20:50:51.0330 1128 TosCoSrv (98c864481d62f86ec8af65be3419a95b) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:50:51.0361 1128 TosCoSrv - ok
20:50:51.0423 1128 TOSHIBA eco Utility Service (2ab7a4697462edb0c9dfafc529746ba9) C:\Program Files\TOSHIBA\TECO\TecoService.exe
20:50:51.0439 1128 TOSHIBA eco Utility Service - ok
20:50:51.0501 1128 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:50:51.0517 1128 TOSHIBA HDD SSD Alert Service - ok
20:50:51.0610 1128 TPCHSrv (97687d094aa597da366e1194b218cc6c) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
20:50:51.0642 1128 TPCHSrv - ok
20:50:51.0766 1128 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
20:50:51.0782 1128 TrkWks - ok
20:50:51.0844 1128 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
20:50:51.0844 1128 TrustedInstaller - ok
20:50:51.0907 1128 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
20:50:51.0922 1128 tssecsrv - ok
20:50:51.0954 1128 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
20:50:51.0969 1128 TsUsbFlt - ok
20:50:52.0032 1128 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
20:50:52.0047 1128 tunnel - ok
20:50:52.0078 1128 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:50:52.0078 1128 TVALZ - ok
20:50:52.0094 1128 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
20:50:52.0110 1128 TVALZFL - ok
20:50:52.0141 1128 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
20:50:52.0141 1128 uagp35 - ok
20:50:52.0203 1128 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
20:50:52.0219 1128 udfs - ok
20:50:52.0250 1128 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
20:50:52.0250 1128 UI0Detect - ok
20:50:52.0297 1128 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
20:50:52.0312 1128 uliagpkx - ok
20:50:52.0344 1128 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
20:50:52.0344 1128 umbus - ok
20:50:52.0375 1128 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
20:50:52.0375 1128 UmPass - ok
20:50:52.0437 1128 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
20:50:52.0453 1128 upnphost - ok
20:50:52.0500 1128 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
20:50:52.0515 1128 usbccgp - ok
20:50:52.0531 1128 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
20:50:52.0546 1128 usbcir - ok
20:50:52.0578 1128 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
20:50:52.0578 1128 usbehci - ok
20:50:52.0609 1128 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
20:50:52.0624 1128 usbhub - ok
20:50:52.0640 1128 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
20:50:52.0640 1128 usbohci - ok
20:50:52.0656 1128 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
20:50:52.0656 1128 usbprint - ok
20:50:52.0687 1128 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
20:50:52.0702 1128 USBSTOR - ok
20:50:52.0734 1128 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
20:50:52.0734 1128 usbuhci - ok
20:50:52.0780 1128 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
20:50:52.0796 1128 usbvideo - ok
20:50:52.0812 1128 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
20:50:52.0827 1128 UxSms - ok
20:50:52.0858 1128 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:50:52.0858 1128 VaultSvc - ok
20:50:52.0890 1128 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
20:50:52.0890 1128 vdrvroot - ok
20:50:52.0983 1128 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
20:50:52.0999 1128 vds - ok
20:50:53.0046 1128 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
20:50:53.0046 1128 vga - ok
20:50:53.0061 1128 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
20:50:53.0077 1128 VgaSave - ok
20:50:53.0108 1128 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
20:50:53.0124 1128 vhdmp - ok
20:50:53.0155 1128 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
20:50:53.0170 1128 viaide - ok
20:50:53.0186 1128 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
20:50:53.0186 1128 volmgr - ok
20:50:53.0248 1128 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
20:50:53.0248 1128 volmgrx - ok
20:50:53.0295 1128 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
20:50:53.0295 1128 volsnap - ok
20:50:53.0342 1128 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
20:50:53.0358 1128 vsmraid - ok
20:50:53.0514 1128 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
20:50:53.0576 1128 VSS - ok
20:50:53.0701 1128 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
20:50:53.0701 1128 vwifibus - ok
20:50:53.0732 1128 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
20:50:53.0748 1128 vwififlt - ok
20:50:53.0779 1128 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
20:50:53.0779 1128 vwifimp - ok
20:50:53.0826 1128 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
20:50:53.0857 1128 W32Time - ok
20:50:53.0872 1128 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
20:50:53.0872 1128 WacomPen - ok
20:50:53.0919 1128 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
20:50:53.0935 1128 WANARP - ok
20:50:53.0935 1128 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
20:50:53.0935 1128 Wanarpv6 - ok
20:50:54.0091 1128 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
20:50:54.0138 1128 WatAdminSvc - ok
20:50:54.0262 1128 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
20:50:54.0294 1128 wbengine - ok
20:50:54.0403 1128 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
20:50:54.0418 1128 WbioSrvc - ok
20:50:54.0465 1128 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
20:50:54.0481 1128 wcncsvc - ok
20:50:54.0496 1128 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
20:50:54.0496 1128 WcsPlugInService - ok
20:50:54.0543 1128 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
20:50:54.0543 1128 Wd - ok
20:50:54.0621 1128 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
20:50:54.0621 1128 Wdf01000 - ok
20:50:54.0637 1128 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:50:54.0652 1128 WdiServiceHost - ok
20:50:54.0652 1128 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:50:54.0652 1128 WdiSystemHost - ok
20:50:54.0699 1128 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
20:50:54.0715 1128 WebClient - ok
20:50:54.0762 1128 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
20:50:54.0762 1128 Wecsvc - ok
20:50:54.0793 1128 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
20:50:54.0793 1128 wercplsupport - ok
20:50:54.0808 1128 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
20:50:54.0824 1128 WerSvc - ok
20:50:54.0871 1128 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
20:50:54.0886 1128 WfpLwf - ok
20:50:54.0949 1128 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
20:50:54.0949 1128 WIMMount - ok
20:50:55.0214 1128 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\windows\system32\DRIVERS\CAX_CNXT.sys
20:50:55.0245 1128 winachsf - ok
20:50:55.0276 1128 WinDefend - ok
20:50:55.0292 1128 WinHttpAutoProxySvc - ok
20:50:55.0370 1128 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
20:50:55.0370 1128 Winmgmt - ok
20:50:55.0526 1128 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
20:50:55.0588 1128 WinRM - ok
20:50:55.0744 1128 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
20:50:55.0776 1128 Wlansvc - ok
20:50:55.0838 1128 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
20:50:55.0838 1128 WmiAcpi - ok
20:50:55.0900 1128 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
20:50:55.0916 1128 wmiApSrv - ok
20:50:55.0978 1128 WMPNetworkSvc - ok
20:50:56.0010 1128 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
20:50:56.0025 1128 WPCSvc - ok
20:50:56.0072 1128 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
20:50:56.0088 1128 WPDBusEnum - ok
20:50:56.0103 1128 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
20:50:56.0119 1128 ws2ifsl - ok
20:50:56.0150 1128 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
20:50:56.0166 1128 wscsvc - ok
20:50:56.0166 1128 WSearch - ok
20:50:56.0353 1128 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
20:50:56.0400 1128 wuauserv - ok
20:50:56.0540 1128 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
20:50:56.0540 1128 WudfPf - ok
20:50:56.0587 1128 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
20:50:56.0602 1128 WUDFRd - ok
20:50:56.0634 1128 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
20:50:56.0649 1128 wudfsvc - ok
20:50:56.0680 1128 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
20:50:56.0696 1128 WwanSvc - ok
20:50:56.0727 1128 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\windows\system32\DRIVERS\XAudio64.sys
20:50:56.0727 1128 XAudio - ok
20:50:56.0868 1128 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
20:50:56.0883 1128 YahooAUService - ok
20:50:56.0946 1128 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
20:50:57.0102 1128 \Device\Harddisk0\DR0 - ok
20:50:57.0117 1128 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR1
20:51:00.0393 1128 \Device\Harddisk1\DR1 - ok
20:51:00.0425 1128 Boot (0x1200) (08edd16c6ebf5b536592590045e9da13) \Device\Harddisk0\DR0\Partition0
20:51:00.0425 1128 \Device\Harddisk0\DR0\Partition0 - ok
20:51:00.0425 1128 Boot (0x1200) (94652b07f5903cdb75c71fda5de6b199) \Device\Harddisk1\DR1\Partition0
20:51:00.0440 1128 \Device\Harddisk1\DR1\Partition0 - ok
20:51:00.0440 1128 ============================================================
20:51:00.0440 1128 Scan finished
20:51:00.0440 1128 ============================================================
20:51:00.0440 4076 Detected object count: 0
20:51:00.0440 4076 Actual detected object count: 0

#8 Muttley54

Muttley54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 03 May 2012 - 07:58 PM

Minitoolbox Lof results:


MiniToolBox by Farbar Version: 18-01-2012
Ran by candjmcgowan (administrator) on 03-05-2012 at 20:56:37
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : candjmcgowan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-26-4D-E2-DB-E7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 00-26-4D-E2-DB-E7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f584:7b76:2940:9ee7%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.43.165(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, May 03, 2012 8:36:41 PM
Lease Expires . . . . . . . . . . : Thursday, May 03, 2012 9:36:41 PM
Default Gateway . . . . . . . . . : 192.168.43.1
DHCP Server . . . . . . . . . . . : 192.168.43.1
DHCPv6 IAID . . . . . . . . . . . : 318776909
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-B1-5A-DC-88-AE-1D-48-93-E1
DNS Servers . . . . . . . . . . . : 192.168.43.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 88-AE-1D-48-93-E1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{DFB317F2-6414-4047-979F-D6211D666B88}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2441:6ad:3f57:d45a(Preferred)
Link-local IPv6 Address . . . . . : fe80::2441:6ad:3f57:d45a%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.43.1

Name: google.com
Addresses: 74.125.225.128
74.125.225.137
74.125.225.142
74.125.225.129
74.125.225.135
74.125.225.133
74.125.225.134
74.125.225.130
74.125.225.132
74.125.225.136
74.125.225.131


Pinging google.com [74.125.225.131] with 32 bytes of data:
Reply from 74.125.225.131: bytes=32 time=88ms TTL=49
Reply from 74.125.225.131: bytes=32 time=106ms TTL=49

Ping statistics for 74.125.225.131:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 88ms, Maximum = 106ms, Average = 97ms
Server: UnKnown
Address: 192.168.43.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=161ms TTL=45
Reply from 98.139.183.24: bytes=32 time=94ms TTL=45

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 94ms, Maximum = 161ms, Average = 127ms
Server: UnKnown
Address: 192.168.43.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...00 26 4d e2 db e7 ......Microsoft Virtual WiFi Miniport Adapter
12...00 26 4d e2 db e7 ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
10...88 ae 1d 48 93 e1 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.43.1 192.168.43.165 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.43.0 255.255.255.0 On-link 192.168.43.165 281
192.168.43.165 255.255.255.255 On-link 192.168.43.165 281
192.168.43.255 255.255.255.255 On-link 192.168.43.165 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.43.165 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.43.165 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:4137:9e76:2441:6ad:3f57:d45a/128
On-link
12 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::2441:6ad:3f57:d45a/128
On-link
12 281 fe80::f584:7b76:2940:9ee7/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/03/2012 07:49:58 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (05/03/2012 00:33:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (05/03/2012 00:32:53 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (05/02/2012 08:11:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1155

Error: (05/02/2012 08:11:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1155

Error: (05/02/2012 08:11:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/02/2012 05:37:54 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (05/01/2012 11:57:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (05/01/2012 02:56:14 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (04/30/2012 07:43:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (05/02/2012 09:43:14 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.125.1021.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (04/28/2012 07:17:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.125.760.0).

Error: (04/28/2012 07:16:56 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.125.708.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (04/28/2012 07:04:50 PM) (Source: Service Control Manager) (User: )
Description: The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s).

Error: (04/27/2012 05:30:41 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (04/26/2012 06:52:24 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%32

Error: (04/26/2012 06:51:53 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%32

Error: (04/26/2012 06:51:24 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%32

Error: (04/26/2012 06:50:53 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%32

Error: (04/26/2012 06:50:23 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%32


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Ad-Aware (Version: 9.6.0)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Reader 9.5.0 (Version: 9.5.0)
Amazon Links (Version: 2.02)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.765.0)
AVG 2012 (Version: 12.0.2127)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.2127)
Bejeweled 2 Deluxe (Version: 2.2.0.82)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0315.1050.17562)
Catalyst Control Center Graphics Full Existing (Version: 2010.0315.1050.17562)
Catalyst Control Center Graphics Full New (Version: 2010.0315.1050.17562)
Catalyst Control Center Graphics Light (Version: 2010.0315.1050.17562)
Catalyst Control Center Graphics Previews Common (Version: 2010.0315.1050.17562)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0315.1050.17562)
Catalyst Control Center Localization All (Version: 2010.0315.1050.17562)
ccc-core-static (Version: 2010.0315.1050.17562)
ccc-utility64 (Version: 2010.0315.1050.17562)
CCC Help Chinese Standard (Version: 2010.0315.1049.17562)
CCC Help Chinese Traditional (Version: 2010.0315.1049.17562)
CCC Help Czech (Version: 2010.0315.1049.17562)
CCC Help Danish (Version: 2010.0315.1049.17562)
CCC Help Dutch (Version: 2010.0315.1049.17562)
CCC Help English (Version: 2010.0315.1049.17562)
CCC Help Finnish (Version: 2010.0315.1049.17562)
CCC Help French (Version: 2010.0315.1049.17562)
CCC Help German (Version: 2010.0315.1049.17562)
CCC Help Greek (Version: 2010.0315.1049.17562)
CCC Help Hungarian (Version: 2010.0315.1049.17562)
CCC Help Italian (Version: 2010.0315.1049.17562)
CCC Help Japanese (Version: 2010.0315.1049.17562)
CCC Help Korean (Version: 2010.0315.1049.17562)
CCC Help Norwegian (Version: 2010.0315.1049.17562)
CCC Help Polish (Version: 2010.0315.1049.17562)
CCC Help Portuguese (Version: 2010.0315.1049.17562)
CCC Help Russian (Version: 2010.0315.1049.17562)
CCC Help Spanish (Version: 2010.0315.1049.17562)
CCC Help Swedish (Version: 2010.0315.1049.17562)
CCC Help Thai (Version: 2010.0315.1049.17562)
CCC Help Turkish (Version: 2010.0315.1049.17562)
CCleaner (Version: 3.17)
Chuzzle Deluxe (Version: 2.2.0.82)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel WinDVD (Version: 10.0.5.349)
Defraggler (Version: 2.09)
DVDFab 6.2.1.8 (31/12/2009)
Escape Rosecliff Island (Version: 2.2.0.82)
FATE - The Traitor Soul (Version: 2.2.0.82)
FoxTab FLV Player
Google Chrome (Version: 18.0.1025.168)
Google Update Helper (Version: 1.3.21.111)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.50)
HiJackThis (Version: 1.0.0)
iCloud (Version: 1.1.0.40)
iTunes (Version: 10.6.0.40)
Java™ 6 Update 17 (Version: 6.0.170)
Jewel Quest 3 (Version: 2.2.0.82)
Junk Mail filter update (Version: 14.0.8089.726)
Label@Once 1.0 (Version: 1.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.0 (Version: 8.0.225.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
NetZero Launcher (Version: 2.01)
Penguins! (Version: 2.2.0.82)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.82)
Quickbooks Financial Center (Version: 2.02)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.5992)
Realtek High Definition Audio Driver (Version: 6.0.1.6069)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30111)
REALTEK Wireless LAN Driver and Utility (Version: 1.00.0182)
Realtek WLAN Driver (Version: 2.00.0012)
Safari (Version: 5.34.52.7)
Skype Launcher (Version: 2.01)
Spybot - Search & Destroy 2 (Version: 2.0.7)
SpywareBlaster 4.6 (Version: 4.6.0)
Sudoku (remove only)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
TOSHIBA Application Installer (Version: 9.0.1.0)
TOSHIBA Assist (Version: 3.00.10)
TOSHIBA Bulletin Board (Version: 1.6.07.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA eco Utility (Version: 1.2.11.64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.6C)
TOSHIBA Hardware Setup (Version: 1.63.0.21C)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
Toshiba Laptop Checkup (Version: 2.0.3.198)
TOSHIBA Media Controller (Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.5.10)
Toshiba Online Backup (Version: 1.2.0.38)
TOSHIBA PC Health Monitor (Version: 1.6.0.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.6.06.64)
TOSHIBA Service Station (Version: 2.1.40)
TOSHIBA Supervisor Password (Version: 1.63.0.9C)
TOSHIBA Value Added Package (Version: 1.3.3.64)
TOSHIBA Web Camera Application (Version: 1.1.1.15)
ToshibaRegistration (Version: 1.0.4)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver (Version: 1.0.52.1C)
V.92 Modem On Hold (Version: 2.5.70.0)
Virtual Families (Version: 2.2.0.82)
Virtual Villagers - The Secret City (Version: 2.2.0.82)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WildTangent Games (Version: 1.0.0.80)
WildTangent ORB Game Console
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Yahoo! Software Update
Zuma's Revenge (Version: 2.2.0.82)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 3835.68 MB
Available physical RAM: 2192.59 MB
Total Pagefile: 7669.56 MB
Available Pagefile: 5924.41 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.16 MB

========================= Partitions: =====================================

1 Drive c: (TI105838W0G) (Fixed) (Total:454.26 GB) (Free:391.78 GB) NTFS
3 Drive e: (PATRIOT) (Removable) (Total:14.91 GB) (Free:14.73 GB) FAT32

========================= Users: ========================================

User accounts for \\CANDJMCGOWAN-PC

Administrator candjmcgowan Guest


**** End of log ****

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:01 PM

Posted 03 May 2012 - 08:10 PM

Hello. by the way I forgot to say your version of HJT is outdated,we actually rarely use that app anymore. you may as well uninstall HJT ver1.

Now we need to run one more malware tool and see if Defender still fails.

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.



Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Muttley54

Muttley54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 03 May 2012 - 08:37 PM

I don't know if this is any help, or perhaps an indicator of a potential problem, but occasionally(about half the time) I refresh Chrome I get a message from Malwarebytes that it blocked access to a potentially malicious site. This is the info it gives. 204.137.28.82 type:outgoing port:56904, process :chrome.exe

#11 Muttley54

Muttley54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 03 May 2012 - 08:42 PM

Seems like the port changes, but not the IP.

#12 Muttley54

Muttley54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 03 May 2012 - 08:50 PM

FSS Logfile:

Farbar Service Scanner Version: 30-04-2012 01
Ran by candjmcgowan (administrator) on 03-05-2012 at 21:46:24
Running from "C:\Users\candjmcgowan\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

I know it says Defender is set to Demand, before posting here I tried looking up ways to fix defender and it took me through the process of setting it back to Auto.Once I changed it, and tried to open Defender, it still wouldn't start, and when I went back and checked, it had been set back to Demand.

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:01 PM

Posted 03 May 2012 - 08:50 PM

Well that is possibly a Chrome exe Virus, see if it still occurs after ESET scan.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Muttley54

Muttley54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 03 May 2012 - 10:18 PM

ESET Scan Results:


C:\Program Files (x86)\FoxTabFLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined

#15 Muttley54

Muttley54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 09 May 2012 - 10:52 PM

Ok, So I ran the Eset scan last week, and those were the results. Defender still wouldn't open afterwards. Ideas?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users