Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Moneypack


  • Please log in to reply
3 replies to this topic

#1 hammerstone

hammerstone

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 15 February 2013 - 12:33 AM

Hi,

 

I've been infected with the FBI moneypack virus for a week now.  I have a windows box running XP, SP3.

 

I had this virus once before and removed it using malwarebytes.  it came back, and i updated malwarebytes by booting into safe mode with networking and ran the malwarebytes software.  it did not find any virus but did have a few quarantined files.  I removed those, but still had the virus.  I then uninstalled malwarebytes and reinstalled it, paid for the Pro version, and tried again with the same results.

 

for several days now, i've been getting help from someone at malwarebytes, but haven't had success so far.  Mostly, i can only work on this at night when i'm home from work, so i only get one response per day from malwarebytes, and only try one thing per day.  so far, he had me run combosoft and send him the log.  it removed a few files, so he then had me run malwarebytes, which found no problems.  They thought the problem was solved and closed the ticket, but next night when I booted up in normal mode i still got the FBI screen.  I was running as administrator, (instead of my normal login) and was in safe mode with networking, and I wonder if that could have contributed to the problem.  

 

I re-contacted Malwarebytes, and they told me to run TDSSKill, which I did, and sent them the log.  that software also didn't advise me of any problems.  Tonight i decided to do some more looking on the web, and came across the post on Bleeping Computer by Lawrence Abrams.  I used a clean laptop, and per the Abrams instructions downloaded iExplore.exe and emsisoft.exe to a thumb drive.  I then booted into the infected computer in safe mode with networking and logged on as the infected user.  When i run iexplore.exe, it goes through checking windows services to stop, and finds no malware services to stop.  next it goes to check for process to terminate, and hangs there forever.  Interestingly, i tried booting in safe mode WITHOUT networking, and the software ran to completion.  I also tried downloading rkill.exe from bleepingcomputer, and get the same result with that.

 

So, if i need to run emsisoft with networking on, but I can only run the rkill with networking off, is there a solution to this dilemma?  I appreciate any response.  thanks.



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:03 PM

Posted 15 February 2013 - 05:45 AM

Do  not run any other tools when you are being assisted.Please boot into safemode with networking

 


  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 


Edited by narenxp, 15 February 2013 - 05:47 AM.


#3 hammerstone

hammerstone
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 19 February 2013 - 12:50 AM

Hi Narenxp,

 

before i got your reply, i ran emsisoft in safe mode without networking, just using the installed setup (no update, since I did not have networking).  this seems to have worked; it quarantined several files, and I can now boot the computer normally without getting the FBI screen.  I appreciate your help though.

 

moving forward, i have attached the quarantine logfile generated by emsisoft.  I used the software to delete all these files after the software was done.  Do you suggest I still run through the 3 that you gave me (TDSSKiller, aswMBR, and ESET)?

 

As I mentioned in my first email, i had already run TDSSKiller at the direction of the Malwarebytes support desk, and sent the log, which i've pasted below for your review.  Below that, i pasted the information from the emisisoft quarantine logfile.

 

let me know what you suggest.

 

20:25:46.0187 1432  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:25:46.0250 1432  ============================================================
20:25:46.0250 1432  Current date / time: 2013/02/14 20:25:46.0250
20:25:46.0250 1432  SystemInfo:
20:25:46.0250 1432  
20:25:46.0250 1432  OS Version: 5.1.2600 ServicePack: 3.0
20:25:46.0250 1432  Product type: Workstation
20:25:46.0250 1432  ComputerName: TECHBIAS
20:25:46.0250 1432  UserName: Administrator
20:25:46.0250 1432  Windows directory: C:\WINDOWS
20:25:46.0250 1432  System windows directory: C:\WINDOWS
20:25:46.0250 1432  Processor architecture: Intel x86
20:25:46.0250 1432  Number of processors: 1
20:25:46.0250 1432  Page size: 0x1000
20:25:46.0250 1432  Boot type: Safe boot
20:25:46.0250 1432  ============================================================
20:25:47.0984 1432  Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:25:48.0500 1432  Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:25:48.0515 1432  Drive \Device\Harddisk2\DR5 - Size: 0x3CE00000 (0.95 Gb), SectorSize: 0x200, Cylinders: 0x7C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:25:48.0515 1432  ============================================================
20:25:48.0515 1432  \Device\Harddisk0\DR0:
20:25:48.0515 1432  MBR partitions:
20:25:48.0515 1432  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x4A61E37
20:25:48.0515 1432  \Device\Harddisk1\DR1:
20:25:48.0515 1432  MBR partitions:
20:25:48.0515 1432  \Device\Harddisk2\DR5:
20:25:48.0515 1432  MBR partitions:
20:25:48.0515 1432  \Device\Harddisk2\DR5\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1E67E0
20:25:48.0515 1432  ============================================================
20:25:48.0562 1432  C: <-> \Device\Harddisk0\DR0\Partition1
20:25:48.0640 1432  ============================================================
20:25:48.0640 1432  Initialize success
20:25:48.0640 1432  ============================================================
20:25:56.0390 1448  ============================================================
20:25:56.0390 1448  Scan started
20:25:56.0390 1448  Mode: Manual;
20:25:56.0390 1448  ============================================================
20:25:56.0562 1448  ================ Scan system memory ========================
20:25:56.0562 1448  System memory - ok
20:25:56.0578 1448  ================ Scan services =============================
20:25:56.0765 1448  Abiosdsk - ok
20:25:56.0828 1448  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:25:56.0828 1448  abp480n5 - ok
20:25:56.0890 1448  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:25:56.0906 1448  ACPI - ok
20:25:56.0968 1448  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
20:25:56.0968 1448  ACPIEC - ok
20:25:57.0078 1448  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:25:57.0078 1448  AdobeFlashPlayerUpdateSvc - ok
20:25:57.0156 1448  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:25:57.0156 1448  adpu160m - ok
20:25:57.0250 1448  [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio         C:\WINDOWS\system32\drivers\aeaudio.sys
20:25:57.0250 1448  aeaudio - ok
20:25:57.0296 1448  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
20:25:57.0296 1448  aec - ok
20:25:57.0343 1448  [ 322D0E36693D6E24A2398BEE62A268CD ] AFD             C:\WINDOWS\System32\drivers\afd.sys
20:25:57.0343 1448  AFD - ok
20:25:57.0375 1448  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
20:25:57.0375 1448  agp440 - ok
20:25:57.0421 1448  [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:25:57.0421 1448  agpCPQ - ok
20:25:57.0437 1448  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:25:57.0437 1448  Aha154x - ok
20:25:57.0515 1448  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:25:57.0546 1448  aic78u2 - ok
20:25:57.0593 1448  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:25:57.0593 1448  aic78xx - ok
20:25:57.0656 1448  [ B06B591532BD85B1BA68F40E2F1AF8AB ] aksusb          C:\WINDOWS\system32\DRIVERS\aksusb.sys
20:25:57.0656 1448  aksusb - ok
20:25:57.0718 1448  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
20:25:57.0718 1448  Alerter - ok
20:25:57.0765 1448  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
20:25:57.0781 1448  ALG - ok
20:25:57.0843 1448  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
20:25:57.0843 1448  AliIde - ok
20:25:57.0875 1448  [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:25:57.0875 1448  alim1541 - ok
20:25:57.0906 1448  [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:25:57.0906 1448  amdagp - ok
20:25:57.0937 1448  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
20:25:57.0937 1448  amsint - ok
20:25:58.0109 1448  [ 5AA788D5A2C6737BB9C45933985BC1B8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:25:58.0109 1448  Apple Mobile Device - ok
20:25:58.0171 1448  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
20:25:58.0171 1448  AppMgmt - ok
20:25:58.0234 1448  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
20:25:58.0234 1448  asc - ok
20:25:58.0250 1448  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:25:58.0265 1448  asc3350p - ok
20:25:58.0281 1448  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:25:58.0281 1448  asc3550 - ok
20:25:58.0468 1448  [ D33C507942299753868204CC7642FA27 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:25:58.0500 1448  aspnet_state - ok
20:25:58.0562 1448  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:25:58.0562 1448  AsyncMac - ok
20:25:58.0640 1448  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
20:25:58.0640 1448  atapi - ok
20:25:58.0656 1448  Atdisk - ok
20:25:58.0734 1448  [ B2009A7EAF0747B32832331E7E72682A ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
20:25:58.0750 1448  Ati HotKey Poller - ok
20:25:58.0859 1448  [ 1F8D3B944B2FE229E13F4D3A493F8E85 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:25:58.0937 1448  ati2mtag - ok
20:25:59.0000 1448  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:25:59.0015 1448  Atmarpc - ok
20:25:59.0046 1448  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
20:25:59.0046 1448  AudioSrv - ok
20:25:59.0109 1448  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
20:25:59.0125 1448  audstub - ok
20:25:59.0171 1448  [ F3D2D8D48E3B0CA83D70A420240E509B ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
20:25:59.0171 1448  avgtp - ok
20:25:59.0250 1448  [ 4826FCF97C47B361A2E2F68CD487A19E ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
20:25:59.0250 1448  b57w2k - ok
20:25:59.0296 1448  [ BDD5538B859DBEB3ECAF09B3D027553A ] BAsfIpM         C:\WINDOWS\system32\basfipm.exe
20:25:59.0296 1448  BAsfIpM - ok
20:25:59.0375 1448  [ 3D87B0484BE1093C6614062701F375C5 ] BASFND          C:\WINDOWS\system32\Drivers\BASFND.sys
20:25:59.0375 1448  BASFND - ok
20:25:59.0484 1448  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:25:59.0484 1448  Beep - ok
20:25:59.0562 1448  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
20:25:59.0609 1448  BITS - ok
20:25:59.0718 1448  [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser         C:\WINDOWS\System32\browser.dll
20:25:59.0718 1448  Browser - ok
20:25:59.0781 1448  [ AC491EB706C48B89A638B239DC3BCFCB ] C-DillaCdaC11BA C:\WINDOWS\system32\drivers\CDAC11BA.EXE
20:25:59.0781 1448  C-DillaCdaC11BA - ok
20:25:59.0906 1448  catchme - ok
20:25:59.0953 1448  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:25:59.0953 1448  cbidf - ok
20:25:59.0968 1448  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
20:25:59.0968 1448  cbidf2k - ok
20:26:00.0031 1448  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:26:00.0031 1448  cd20xrnt - ok
20:26:00.0078 1448  [ 69419792390122EEFD84E598D896715B ] CdaC15BA        C:\WINDOWS\system32\drivers\CdaC15BA.SYS
20:26:00.0078 1448  CdaC15BA - ok
20:26:00.0093 1448  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
20:26:00.0109 1448  Cdaudio - ok
20:26:00.0125 1448  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
20:26:00.0125 1448  Cdfs - ok
20:26:00.0187 1448  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:26:00.0187 1448  Cdrom - ok
20:26:00.0187 1448  Changer - ok
20:26:00.0250 1448  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
20:26:00.0250 1448  CiSvc - ok
20:26:00.0265 1448  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
20:26:00.0265 1448  ClipSrv - ok
20:26:00.0328 1448  [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:26:00.0421 1448  clr_optimization_v2.0.50727_32 - ok
20:26:00.0468 1448  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:26:00.0468 1448  CmdIde - ok
20:26:00.0500 1448  COMSysApp - ok
20:26:00.0546 1448  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:26:00.0546 1448  Cpqarray - ok
20:26:00.0593 1448  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
20:26:00.0593 1448  CryptSvc - ok
20:26:00.0640 1448  [ CAB213D4681FCFAC9BF4E6D3B1EE4BFC ] cvintdrv        C:\WINDOWS\system32\drivers\cvintdrv.sys
20:26:00.0640 1448  cvintdrv - ok
20:26:00.0703 1448  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:26:00.0718 1448  dac2w2k - ok
20:26:00.0734 1448  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:26:00.0734 1448  dac960nt - ok
20:26:00.0796 1448  [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:26:00.0828 1448  DcomLaunch - ok
20:26:00.0875 1448  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
20:26:00.0875 1448  Dhcp - ok
20:26:00.0921 1448  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
20:26:00.0921 1448  Disk - ok
20:26:00.0953 1448  dmadmin - ok
20:26:01.0015 1448  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
20:26:01.0046 1448  dmboot - ok
20:26:01.0093 1448  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
20:26:01.0093 1448  dmio - ok
20:26:01.0140 1448  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
20:26:01.0140 1448  dmload - ok
20:26:01.0218 1448  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
20:26:01.0218 1448  dmserver - ok
20:26:01.0250 1448  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
20:26:01.0250 1448  DMusic - ok
20:26:01.0312 1448  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:26:01.0312 1448  Dnscache - ok
20:26:01.0359 1448  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:26:01.0359 1448  Dot3svc - ok
20:26:01.0421 1448  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:26:01.0421 1448  dpti2o - ok
20:26:01.0468 1448  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:26:01.0468 1448  drmkaud - ok
20:26:01.0531 1448  [ 01DD1DB0156D0CA545EB779FBFAEC6FA ] DS1410D         C:\WINDOWS\system32\drivers\DS1410D.SYS
20:26:01.0531 1448  DS1410D - ok
20:26:01.0562 1448  [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:26:01.0578 1448  E100B - ok
20:26:01.0640 1448  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:26:01.0640 1448  EapHost - ok
20:26:01.0703 1448  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
20:26:01.0703 1448  ERSvc - ok
20:26:01.0765 1448  [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog        C:\WINDOWS\system32\services.exe
20:26:01.0765 1448  Eventlog - ok
20:26:01.0828 1448  [ 19A799805B24990867B00C120D300C3A ] EventSystem     C:\WINDOWS\system32\es.dll
20:26:01.0843 1448  EventSystem - ok
20:26:01.0875 1448  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
20:26:01.0875 1448  Fastfat - ok
20:26:01.0921 1448  [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:26:01.0937 1448  FastUserSwitchingCompatibility - ok
20:26:02.0000 1448  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:26:02.0015 1448  Fax - ok
20:26:02.0062 1448  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
20:26:02.0062 1448  Fdc - ok
20:26:02.0078 1448  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
20:26:02.0093 1448  Fips - ok
20:26:02.0109 1448  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:26:02.0109 1448  Flpydisk - ok
20:26:02.0156 1448  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:26:02.0156 1448  FltMgr - ok
20:26:02.0187 1448  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:26:02.0187 1448  Fs_Rec - ok
20:26:02.0250 1448  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:26:02.0265 1448  Ftdisk - ok
20:26:02.0312 1448  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:26:02.0312 1448  Gpc - ok
20:26:02.0468 1448  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:26:02.0468 1448  gupdate - ok
20:26:02.0484 1448  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:26:02.0484 1448  gupdatem - ok
20:26:02.0546 1448  [ 408DDD80EEDE47175F6844817B90213E ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:26:02.0546 1448  gusvc - ok
20:26:02.0625 1448  [ F3E34776D8B8AB665D051A8674FDF4CC ] hardlock        C:\WINDOWS\system32\drivers\hardlock.sys
20:26:02.0656 1448  hardlock - ok
20:26:02.0703 1448  [ 2DD25F060DC9F79B5CDF33D90ED93669 ] Haspnt          C:\WINDOWS\system32\drivers\Haspnt.sys
20:26:02.0703 1448  Haspnt - ok
20:26:02.0796 1448  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:26:02.0812 1448  helpsvc - ok
20:26:02.0859 1448  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
20:26:02.0859 1448  HidServ - ok
20:26:02.0890 1448  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:26:02.0890 1448  HidUsb - ok
20:26:02.0937 1448  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
20:26:02.0937 1448  hkmsvc - ok
20:26:02.0984 1448  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
20:26:02.0984 1448  hpn - ok
20:26:03.0046 1448  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
20:26:03.0062 1448  HTTP - ok
20:26:03.0093 1448  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
20:26:03.0140 1448  HTTPFilter - ok
20:26:03.0187 1448  [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
20:26:03.0187 1448  i2omgmt - ok
20:26:03.0218 1448  [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:26:03.0218 1448  i2omp - ok
20:26:03.0281 1448  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:26:03.0281 1448  i8042prt - ok
20:26:03.0359 1448  [ A38BF37FD0795382655F756DD4446FA0 ] IAANTMon        C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
20:26:03.0359 1448  IAANTMon - ok
20:26:03.0437 1448  [ D7731536E183B4397402CA6F9E1D52F7 ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
20:26:03.0437 1448  iaStor - ok
20:26:03.0500 1448  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
20:26:03.0500 1448  Imapi - ok
20:26:03.0578 1448  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:26:03.0578 1448  ImapiService - ok
20:26:03.0640 1448  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:26:03.0640 1448  ini910u - ok
20:26:03.0671 1448  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
20:26:03.0671 1448  IntelIde - ok
20:26:03.0750 1448  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:26:03.0750 1448  intelppm - ok
20:26:03.0828 1448  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
20:26:03.0828 1448  Ip6Fw - ok
20:26:03.0890 1448  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:26:03.0890 1448  IpFilterDriver - ok
20:26:03.0921 1448  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:26:03.0921 1448  IpInIp - ok
20:26:03.0984 1448  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:26:03.0984 1448  IpNat - ok
20:26:04.0015 1448  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:26:04.0015 1448  IPSec - ok
20:26:04.0046 1448  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
20:26:04.0046 1448  IRENUM - ok
20:26:04.0078 1448  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:26:04.0078 1448  isapnp - ok
20:26:04.0171 1448  [ 33112D12B95BD1DE18AF409D865DF10C ] ISWKL           C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
20:26:04.0171 1448  ISWKL - ok
20:26:04.0265 1448  [ CFF1CD2C1CC8F5271967AA268982E878 ] IswSvc          C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
20:26:04.0281 1448  IswSvc - ok
20:26:04.0406 1448  [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:26:04.0406 1448  JavaQuickStarterService - ok
20:26:04.0453 1448  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:26:04.0453 1448  Kbdclass - ok
20:26:04.0515 1448  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:26:04.0515 1448  kbdhid - ok
20:26:04.0593 1448  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
20:26:04.0593 1448  kmixer - ok
20:26:04.0640 1448  [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
20:26:04.0640 1448  KSecDD - ok
20:26:04.0718 1448  [ F385F4B02C535BFFE1D70CAB80838123 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
20:26:04.0718 1448  lanmanserver - ok
20:26:04.0765 1448  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:26:04.0781 1448  lanmanworkstation - ok
20:26:04.0796 1448  lbrtfdc - ok
20:26:04.0890 1448  [ 20CDB07017497C94A0BAD253C4BAFCBC ] LkCitadelServer C:\WINDOWS\system32\lkcitdl.exe
20:26:04.0921 1448  LkCitadelServer - ok
20:26:04.0953 1448  [ B07D786736E7B1719A90365911BC2D0A ] lkClassAds      C:\WINDOWS\system32\lkads.exe
20:26:04.0953 1448  lkClassAds - ok
20:26:04.0984 1448  [ AB1FAA47332EC2EE43BBFED7A6F0EA09 ] lkTimeSync      C:\WINDOWS\system32\lktsrv.exe
20:26:04.0984 1448  lkTimeSync - ok
20:26:05.0062 1448  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
20:26:05.0062 1448  LmHosts - ok
20:26:05.0125 1448  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
20:26:05.0125 1448  MBAMProtector - ok
20:26:05.0234 1448  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:26:05.0250 1448  MBAMScheduler - ok
20:26:05.0312 1448  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:26:05.0343 1448  MBAMService - ok
20:26:05.0390 1448  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
20:26:05.0406 1448  Messenger - ok
20:26:05.0500 1448  Microsoft SharePoint Workspace Audit Service - ok
20:26:05.0531 1448  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
20:26:05.0531 1448  mnmdd - ok
20:26:05.0609 1448  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:26:05.0609 1448  mnmsrvc - ok
20:26:05.0671 1448  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
20:26:05.0671 1448  Modem - ok
20:26:05.0703 1448  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:26:05.0718 1448  Mouclass - ok
20:26:05.0734 1448  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:26:05.0734 1448  mouhid - ok
20:26:05.0796 1448  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
20:26:05.0796 1448  MountMgr - ok
20:26:05.0890 1448  [ 6380FF81DD4D78B23398752D2F46EA43 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:26:05.0890 1448  MozillaMaintenance - ok
20:26:05.0937 1448  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:26:05.0937 1448  mraid35x - ok
20:26:06.0000 1448  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:26:06.0000 1448  MRxDAV - ok
20:26:06.0046 1448  [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:26:06.0062 1448  MRxSmb - ok
20:26:06.0109 1448  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
20:26:06.0109 1448  MSDTC - ok
20:26:06.0156 1448  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:26:06.0156 1448  Msfs - ok
20:26:06.0171 1448  MSIServer - ok
20:26:06.0218 1448  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:26:06.0218 1448  MSKSSRV - ok
20:26:06.0234 1448  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:26:06.0234 1448  MSPCLOCK - ok
20:26:06.0265 1448  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:26:06.0265 1448  MSPQM - ok
20:26:06.0296 1448  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:26:06.0296 1448  mssmbios - ok
20:26:06.0328 1448  [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
20:26:06.0328 1448  Mup - ok
20:26:06.0390 1448  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
20:26:06.0406 1448  napagent - ok
20:26:06.0453 1448  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
20:26:06.0453 1448  NDIS - ok
20:26:06.0500 1448  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:26:06.0500 1448  NdisTapi - ok
20:26:06.0515 1448  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:26:06.0515 1448  Ndisuio - ok
20:26:06.0562 1448  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:26:06.0562 1448  NdisWan - ok
20:26:06.0609 1448  [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:26:06.0609 1448  NDProxy - ok
20:26:06.0671 1448  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:26:06.0671 1448  NetBIOS - ok
20:26:06.0687 1448  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:26:06.0703 1448  NetBT - ok
20:26:06.0765 1448  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
20:26:06.0765 1448  NetDDE - ok
20:26:06.0796 1448  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
20:26:06.0796 1448  NetDDEdsdm - ok
20:26:06.0859 1448  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:26:06.0859 1448  Netlogon - ok
20:26:06.0937 1448  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
20:26:06.0953 1448  Netman - ok
20:26:07.0046 1448  [ 704907A9FD8E3BC86D20453863507331 ] NIApplicationWebServer C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
20:26:07.0046 1448  NIApplicationWebServer - ok
20:26:07.0125 1448  [ 908B9667F2FD7453CBCF3A2A0444DCC1 ] NIDomainService C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
20:26:07.0156 1448  NIDomainService - ok
20:26:07.0281 1448  [ AA8896BCD689851665EFC02DC41181AC ] NILM License Manager C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
20:26:07.0328 1448  NILM License Manager - ok
20:26:07.0406 1448  [ 8FED4893CB017F81CD1769448AD567E5 ] nimDNSResponder C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
20:26:07.0406 1448  nimDNSResponder - ok
20:26:07.0453 1448  [ 0B5406E008570C0C4B4159E33716422E ] niSvcLoc        C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe
20:26:07.0453 1448  niSvcLoc - ok
20:26:07.0515 1448  [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla             C:\WINDOWS\System32\mswsock.dll
20:26:07.0531 1448  Nla - ok
20:26:07.0609 1448  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess       C:\Program Files\CDBurnerXP\NMSAccessU.exe
20:26:07.0609 1448  NMSAccess - ok
20:26:07.0687 1448  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:26:07.0687 1448  Npfs - ok
20:26:07.0750 1448  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:26:07.0765 1448  Ntfs - ok
20:26:07.0812 1448  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
20:26:07.0812 1448  NtLmSsp - ok
20:26:07.0906 1448  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
20:26:07.0937 1448  NtmsSvc - ok
20:26:07.0968 1448  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:26:07.0968 1448  Null - ok
20:26:08.0093 1448  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:26:08.0156 1448  nv - ok
20:26:08.0218 1448  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:26:08.0218 1448  NwlnkFlt - ok
20:26:08.0250 1448  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:26:08.0250 1448  NwlnkFwd - ok
20:26:08.0265 1448  OCDE - ok
20:26:08.0328 1448  [ 53D5F1278D9EDB21689BBBCECC09108D ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
20:26:08.0328 1448  omci - ok
20:26:08.0453 1448  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:26:08.0468 1448  ose - ok
20:26:08.0671 1448  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:26:08.0828 1448  osppsvc - ok
20:26:08.0890 1448  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
20:26:08.0890 1448  Parport - ok
20:26:08.0937 1448  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
20:26:08.0937 1448  PartMgr - ok
20:26:09.0000 1448  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
20:26:09.0000 1448  ParVdm - ok
20:26:09.0015 1448  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
20:26:09.0015 1448  PCI - ok
20:26:09.0062 1448  PCIDump - ok
20:26:09.0093 1448  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
20:26:09.0093 1448  PCIIde - ok
20:26:09.0140 1448  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
20:26:09.0140 1448  Pcmcia - ok
20:26:09.0156 1448  PDCOMP - ok
20:26:09.0187 1448  PDFRAME - ok
20:26:09.0203 1448  PDRELI - ok
20:26:09.0234 1448  PDRFRAME - ok
20:26:09.0250 1448  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
20:26:09.0265 1448  perc2 - ok
20:26:09.0296 1448  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:26:09.0296 1448  perc2hib - ok
20:26:09.0406 1448  [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay        C:\WINDOWS\system32\services.exe
20:26:09.0406 1448  PlugPlay - ok
20:26:09.0437 1448  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
20:26:09.0437 1448  PolicyAgent - ok
20:26:09.0468 1448  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:26:09.0468 1448  PptpMiniport - ok
20:26:09.0500 1448  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:26:09.0500 1448  ProtectedStorage - ok
20:26:09.0531 1448  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
20:26:09.0531 1448  PSched - ok
20:26:09.0609 1448  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:26:09.0609 1448  Ptilink - ok
20:26:09.0671 1448  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:26:09.0671 1448  PxHelp20 - ok
20:26:09.0703 1448  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:26:09.0718 1448  ql1080 - ok
20:26:09.0734 1448  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:26:09.0734 1448  Ql10wnt - ok
20:26:09.0765 1448  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:26:09.0765 1448  ql12160 - ok
20:26:09.0812 1448  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:26:09.0812 1448  ql1240 - ok
20:26:09.0828 1448  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:26:09.0843 1448  ql1280 - ok
20:26:09.0906 1448  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:26:09.0906 1448  RasAcd - ok
20:26:09.0968 1448  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:26:09.0968 1448  RasAuto - ok
20:26:10.0015 1448  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:26:10.0015 1448  Rasl2tp - ok
20:26:10.0093 1448  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:26:10.0093 1448  RasMan - ok
20:26:10.0125 1448  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:26:10.0125 1448  RasPppoe - ok
20:26:10.0156 1448  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
20:26:10.0156 1448  Raspti - ok
20:26:10.0203 1448  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:26:10.0203 1448  Rdbss - ok
20:26:10.0218 1448  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:26:10.0234 1448  RDPCDD - ok
20:26:10.0281 1448  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:26:10.0281 1448  rdpdr - ok
20:26:10.0343 1448  [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
20:26:10.0343 1448  RDPWD - ok
20:26:10.0390 1448  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:26:10.0390 1448  RDSessMgr - ok
20:26:10.0437 1448  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
20:26:10.0453 1448  redbook - ok
20:26:10.0578 1448  [ A91B22E179D77F1F753C692CC7FAD1DD ] Remote Solver for COSMOSFloWorks 2005 C:\Program Files\COSMOS Applications\FloWorks\bin\StandAloneSlv.exe
20:26:10.0609 1448  Remote Solver for COSMOSFloWorks 2005 - ok
20:26:10.0687 1448  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:26:10.0687 1448  RemoteAccess - ok
20:26:10.0750 1448  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:26:10.0750 1448  RemoteRegistry - ok
20:26:10.0812 1448  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:26:10.0828 1448  RpcLocator - ok
20:26:10.0859 1448  [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
20:26:10.0859 1448  RpcSs - ok
20:26:10.0906 1448  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
20:26:10.0906 1448  RSVP - ok
20:26:10.0953 1448  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:26:10.0953 1448  SamSs - ok
20:26:11.0015 1448  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
20:26:11.0015 1448  SCardSvr - ok
20:26:11.0046 1448  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:26:11.0062 1448  Schedule - ok
20:26:11.0125 1448  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:26:11.0125 1448  Secdrv - ok
20:26:11.0187 1448  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
20:26:11.0187 1448  seclogon - ok
20:26:11.0234 1448  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
20:26:11.0234 1448  SENS - ok
20:26:11.0296 1448  [ AEBBA7428A6C40CCE3C5ABDE45190B24 ] Sentinel        C:\WINDOWS\System32\Drivers\SENTINEL.SYS
20:26:11.0296 1448  Sentinel - ok
20:26:11.0328 1448  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
20:26:11.0328 1448  serenum - ok
20:26:11.0359 1448  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
20:26:11.0359 1448  Serial - ok
20:26:11.0421 1448  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
20:26:11.0421 1448  Sfloppy - ok
20:26:11.0484 1448  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:26:11.0500 1448  SharedAccess - ok
20:26:11.0531 1448  [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:26:11.0531 1448  ShellHWDetection - ok
20:26:11.0562 1448  Simbad - ok
20:26:11.0625 1448  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:26:11.0625 1448  sisagp - ok
20:26:11.0703 1448  [ 4AA922332433CDEB8B82C072C212E32E ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
20:26:11.0718 1448  smwdm - ok
20:26:11.0781 1448  [ A1FF7D99B199CEA1F3DF371BA70D2780 ] SNTNLUSB        C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
20:26:11.0781 1448  SNTNLUSB - ok
20:26:11.0843 1448  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:26:11.0843 1448  Sparrow - ok
20:26:11.0890 1448  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
20:26:11.0890 1448  splitter - ok
20:26:11.0937 1448  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler         C:\WINDOWS\system32\spoolsv.exe
20:26:11.0953 1448  Spooler - ok
20:26:12.0015 1448  sprtlisten - ok
20:26:12.0046 1448  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
20:26:12.0046 1448  sr - ok
20:26:12.0078 1448  srescan - ok
20:26:12.0140 1448  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
20:26:12.0140 1448  srservice - ok
20:26:12.0187 1448  [ 5252605079810904E31C332E241CD59B ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:26:12.0203 1448  Srv - ok
20:26:12.0250 1448  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:26:12.0250 1448  SSDPSRV - ok
20:26:12.0296 1448  [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
20:26:12.0296 1448  StarOpen - ok
20:26:12.0359 1448  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
20:26:12.0375 1448  stisvc - ok
20:26:12.0437 1448  [ 2E5586392CDFBD1D73BADB20E9ED6386 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
20:26:12.0500 1448  SupportSoft RemoteAssist - ok
20:26:12.0546 1448  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
20:26:12.0546 1448  swenum - ok
20:26:12.0593 1448  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
20:26:12.0593 1448  swmidi - ok
20:26:12.0609 1448  SwPrv - ok
20:26:12.0656 1448  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
20:26:12.0656 1448  symc810 - ok
20:26:12.0687 1448  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:26:12.0687 1448  symc8xx - ok
20:26:12.0703 1448  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:26:12.0718 1448  sym_hi - ok
20:26:12.0718 1448  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:26:12.0734 1448  sym_u3 - ok
20:26:12.0765 1448  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
20:26:12.0765 1448  sysaudio - ok
20:26:12.0812 1448  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
20:26:12.0812 1448  SysmonLog - ok
20:26:12.0890 1448  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:26:12.0906 1448  TapiSrv - ok
20:26:12.0953 1448  [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:26:12.0968 1448  Tcpip - ok
20:26:13.0046 1448  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
20:26:13.0046 1448  TDPIPE - ok
20:26:13.0078 1448  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
20:26:13.0078 1448  TDTCP - ok
20:26:13.0109 1448  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
20:26:13.0109 1448  TermDD - ok
20:26:13.0156 1448  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
20:26:13.0187 1448  TermService - ok
20:26:13.0218 1448  [ 1926899BF9FFE2602B63074971700412 ] Themes          C:\WINDOWS\System32\shsvcs.dll
20:26:13.0218 1448  Themes - ok
20:26:13.0281 1448  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
20:26:13.0281 1448  TlntSvr - ok
20:26:13.0312 1448  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
20:26:13.0312 1448  TosIde - ok
20:26:13.0375 1448  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
20:26:13.0375 1448  TrkWks - ok
20:26:13.0421 1448  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
20:26:13.0437 1448  Udfs - ok
20:26:13.0453 1448  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
20:26:13.0468 1448  ultra - ok
20:26:13.0531 1448  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
20:26:13.0546 1448  Update - ok
20:26:13.0609 1448  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:26:13.0609 1448  upnphost - ok
20:26:13.0687 1448  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
20:26:13.0687 1448  UPS - ok
20:26:13.0765 1448  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:26:13.0765 1448  usbccgp - ok
20:26:13.0796 1448  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:26:13.0796 1448  usbehci - ok
20:26:13.0875 1448  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:26:13.0875 1448  usbhub - ok
20:26:13.0937 1448  [ 87DA0C8162DD39F96AEA602F45CC0F7E ] Usblink         C:\WINDOWS\system32\Drivers\ulink.sys
20:26:13.0937 1448  Usblink - ok
20:26:13.0968 1448  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:26:13.0968 1448  usbscan - ok
20:26:14.0015 1448  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:26:14.0015 1448  USBSTOR - ok
20:26:14.0031 1448  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:26:14.0031 1448  usbuhci - ok
20:26:14.0078 1448  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
20:26:14.0078 1448  VgaSave - ok
20:26:14.0093 1448  [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:26:14.0109 1448  viaagp - ok
20:26:14.0125 1448  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
20:26:14.0125 1448  ViaIde - ok
20:26:14.0171 1448  VMnetAdapter - ok
20:26:14.0187 1448  vmwvusb - ok
20:26:14.0218 1448  VNic - ok
20:26:14.0250 1448  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
20:26:14.0250 1448  VolSnap - ok
20:26:14.0312 1448  [ E0743BBE28AD2C310698148C75333729 ] Vsdatant        C:\WINDOWS\system32\vsdatant.sys
20:26:14.0328 1448  Vsdatant - ok
20:26:14.0390 1448  vsmon - ok
20:26:14.0437 1448  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
20:26:14.0468 1448  VSS - ok
20:26:14.0609 1448  [ 87C57CBE385E00726A2113614F6C6BD2 ] vToolbarUpdater14.1.7 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe
20:26:14.0640 1448  vToolbarUpdater14.1.7 - ok
20:26:14.0703 1448  [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time         C:\WINDOWS\system32\w32time.dll
20:26:14.0703 1448  w32time - ok
20:26:14.0750 1448  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:26:14.0750 1448  Wanarp - ok
20:26:14.0828 1448  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
20:26:14.0859 1448  Wdf01000 - ok
20:26:14.0875 1448  WDICA - ok
20:26:14.0937 1448  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
20:26:14.0937 1448  wdmaud - ok
20:26:14.0984 1448  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:26:15.0000 1448  WebClient - ok
20:26:15.0078 1448  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:26:15.0078 1448  winmgmt - ok
20:26:15.0171 1448  [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
20:26:15.0171 1448  WinUSB - ok
20:26:15.0203 1448  [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
20:26:15.0203 1448  WmdmPmSN - ok
20:26:15.0281 1448  [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi             C:\WINDOWS\System32\advapi32.dll
20:26:15.0312 1448  Wmi - ok
20:26:15.0390 1448  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:26:15.0390 1448  WmiApSrv - ok
20:26:15.0515 1448  [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
20:26:15.0531 1448  WMPNetworkSvc - ok
20:26:15.0593 1448  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:26:15.0593 1448  WS2IFSL - ok
20:26:15.0671 1448  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
20:26:15.0671 1448  wscsvc - ok
20:26:15.0718 1448  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:26:15.0750 1448  wuauserv - ok
20:26:15.0796 1448  [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:26:15.0796 1448  WudfPf - ok
20:26:15.0843 1448  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:26:15.0843 1448  WudfRd - ok
20:26:15.0906 1448  [ 575A4190D989F64732119E4114045A4F ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
20:26:15.0906 1448  WudfSvc - ok
20:26:15.0984 1448  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
20:26:16.0015 1448  WZCSVC - ok
20:26:16.0078 1448  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
20:26:16.0109 1448  xmlprov - ok
20:26:16.0156 1448  ================ Scan global ===============================
20:26:16.0187 1448  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:26:16.0234 1448  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
20:26:16.0265 1448  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
20:26:16.0296 1448  [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
20:26:16.0296 1448  [Global] - ok
20:26:16.0312 1448  ================ Scan MBR ==================================
20:26:16.0343 1448  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:26:16.0515 1448  \Device\Harddisk0\DR0 - ok
20:26:17.0015 1448  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:26:17.0015 1448  \Device\Harddisk1\DR1 - ok
20:26:17.0046 1448  [ A0C039530DB9EE7A3B5C5460DBE04A7E ] \Device\Harddisk2\DR5
20:26:17.0062 1448  \Device\Harddisk2\DR5 - ok
20:26:17.0062 1448  ================ Scan VBR ==================================
20:26:17.0078 1448  [ 25FB966EE60E6669BE807B2A9433F274 ] \Device\Harddisk0\DR0\Partition1
20:26:17.0078 1448  \Device\Harddisk0\DR0\Partition1 - ok
20:26:17.0093 1448  [ 55E9AF2A80256D968528023AC116E37A ] \Device\Harddisk2\DR5\Partition1
20:26:17.0093 1448  \Device\Harddisk2\DR5\Partition1 - ok
20:26:17.0109 1448  ============================================================
20:26:17.0109 1448  Scan finished
20:26:17.0109 1448  ============================================================
20:26:17.0125 1440  Detected object count: 0
20:26:17.0125 1440  Actual detected object count: 0
20:27:44.0343 1472  ============================================================
20:27:44.0343 1472  Scan started
20:27:44.0343 1472  Mode: Manual;
20:27:44.0343 1472  ============================================================
20:27:44.0406 1472  ================ Scan system memory ========================
20:27:44.0406 1472  System memory - ok
20:27:44.0421 1472  ================ Scan services =============================
20:27:44.0562 1472  Abiosdsk - ok
20:27:44.0625 1472  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:27:44.0625 1472  abp480n5 - ok
20:27:44.0687 1472  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:27:44.0687 1472  ACPI - ok
20:27:44.0750 1472  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
20:27:44.0750 1472  ACPIEC - ok
20:27:44.0859 1472  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:27:44.0859 1472  AdobeFlashPlayerUpdateSvc - ok
20:27:44.0890 1472  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:27:44.0890 1472  adpu160m - ok
20:27:44.0953 1472  [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio         C:\WINDOWS\system32\drivers\aeaudio.sys
20:27:44.0953 1472  aeaudio - ok
20:27:44.0984 1472  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
20:27:44.0984 1472  aec - ok
20:27:45.0031 1472  [ 322D0E36693D6E24A2398BEE62A268CD ] AFD             C:\WINDOWS\System32\drivers\afd.sys
20:27:45.0031 1472  AFD - ok
20:27:45.0078 1472  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
20:27:45.0078 1472  agp440 - ok
20:27:45.0109 1472  [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:27:45.0109 1472  agpCPQ - ok
20:27:45.0140 1472  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:27:45.0140 1472  Aha154x - ok
20:27:45.0171 1472  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:27:45.0171 1472  aic78u2 - ok
20:27:45.0218 1472  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:27:45.0218 1472  aic78xx - ok
20:27:45.0281 1472  [ B06B591532BD85B1BA68F40E2F1AF8AB ] aksusb          C:\WINDOWS\system32\DRIVERS\aksusb.sys
20:27:45.0281 1472  aksusb - ok
20:27:45.0328 1472  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
20:27:45.0328 1472  Alerter - ok
20:27:45.0375 1472  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
20:27:45.0375 1472  ALG - ok
20:27:45.0437 1472  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
20:27:45.0437 1472  AliIde - ok
20:27:45.0484 1472  [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:27:45.0484 1472  alim1541 - ok
20:27:45.0500 1472  [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:27:45.0500 1472  amdagp - ok
20:27:45.0531 1472  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
20:27:45.0531 1472  amsint - ok
20:27:45.0687 1472  [ 5AA788D5A2C6737BB9C45933985BC1B8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:27:45.0703 1472  Apple Mobile Device - ok
20:27:45.0750 1472  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
20:27:45.0750 1472  AppMgmt - ok
20:27:45.0828 1472  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
20:27:45.0828 1472  asc - ok
20:27:45.0859 1472  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:27:45.0859 1472  asc3350p - ok
20:27:45.0890 1472  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:27:45.0890 1472  asc3550 - ok
20:27:46.0062 1472  [ D33C507942299753868204CC7642FA27 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:27:46.0062 1472  aspnet_state - ok
20:27:46.0125 1472  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:27:46.0125 1472  AsyncMac - ok
20:27:46.0156 1472  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
20:27:46.0156 1472  atapi - ok
20:27:46.0187 1472  Atdisk - ok
20:27:46.0250 1472  [ B2009A7EAF0747B32832331E7E72682A ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
20:27:46.0250 1472  Ati HotKey Poller - ok
20:27:46.0359 1472  [ 1F8D3B944B2FE229E13F4D3A493F8E85 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:27:46.0359 1472  ati2mtag - ok
20:27:46.0437 1472  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:27:46.0437 1472  Atmarpc - ok
20:27:46.0484 1472  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
20:27:46.0484 1472  AudioSrv - ok
20:27:46.0546 1472  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
20:27:46.0546 1472  audstub - ok
20:27:46.0609 1472  [ F3D2D8D48E3B0CA83D70A420240E509B ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
20:27:46.0609 1472  avgtp - ok
20:27:46.0671 1472  [ 4826FCF97C47B361A2E2F68CD487A19E ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
20:27:46.0671 1472  b57w2k - ok
20:27:46.0718 1472  [ BDD5538B859DBEB3ECAF09B3D027553A ] BAsfIpM         C:\WINDOWS\system32\basfipm.exe
20:27:46.0718 1472  BAsfIpM - ok
20:27:46.0781 1472  [ 3D87B0484BE1093C6614062701F375C5 ] BASFND          C:\WINDOWS\system32\Drivers\BASFND.sys
20:27:46.0796 1472  BASFND - ok
20:27:46.0859 1472  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:27:46.0859 1472  Beep - ok
20:27:46.0921 1472  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
20:27:46.0921 1472  BITS - ok
20:27:46.0984 1472  [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser         C:\WINDOWS\System32\browser.dll
20:27:46.0984 1472  Browser - ok
20:27:47.0046 1472  [ AC491EB706C48B89A638B239DC3BCFCB ] C-DillaCdaC11BA C:\WINDOWS\system32\drivers\CDAC11BA.EXE
20:27:47.0046 1472  C-DillaCdaC11BA - ok
20:27:47.0171 1472  catchme - ok
20:27:47.0218 1472  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:27:47.0218 1472  cbidf - ok
20:27:47.0234 1472  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
20:27:47.0234 1472  cbidf2k - ok
20:27:47.0281 1472  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:27:47.0281 1472  cd20xrnt - ok
20:27:47.0312 1472  [ 69419792390122EEFD84E598D896715B ] CdaC15BA        C:\WINDOWS\system32\drivers\CdaC15BA.SYS
20:27:47.0312 1472  CdaC15BA - ok
20:27:47.0359 1472  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
20:27:47.0359 1472  Cdaudio - ok
20:27:47.0421 1472  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
20:27:47.0421 1472  Cdfs - ok
20:27:47.0468 1472  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:27:47.0468 1472  Cdrom - ok
20:27:47.0500 1472  Changer - ok
20:27:47.0546 1472  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
20:27:47.0546 1472  CiSvc - ok
20:27:47.0593 1472  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
20:27:47.0593 1472  ClipSrv - ok
20:27:47.0625 1472  [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:27:47.0625 1472  clr_optimization_v2.0.50727_32 - ok
20:27:47.0687 1472  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:27:47.0687 1472  CmdIde - ok
20:27:47.0703 1472  COMSysApp - ok
20:27:47.0750 1472  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:27:47.0750 1472  Cpqarray - ok
20:27:47.0812 1472  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
20:27:47.0812 1472  CryptSvc - ok
20:27:47.0859 1472  [ CAB213D4681FCFAC9BF4E6D3B1EE4BFC ] cvintdrv        C:\WINDOWS\system32\drivers\cvintdrv.sys
20:27:47.0859 1472  cvintdrv - ok
20:27:47.0921 1472  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:27:47.0921 1472  dac2w2k - ok
20:27:47.0953 1472  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:27:47.0953 1472  dac960nt - ok
20:27:48.0000 1472  [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:27:48.0015 1472  DcomLaunch - ok
20:27:48.0062 1472  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
20:27:48.0062 1472  Dhcp - ok
20:27:48.0093 1472  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
20:27:48.0093 1472  Disk - ok
20:27:48.0109 1472  dmadmin - ok
20:27:48.0187 1472  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
20:27:48.0187 1472  dmboot - ok
20:27:48.0234 1472  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
20:27:48.0234 1472  dmio - ok
20:27:48.0265 1472  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
20:27:48.0265 1472  dmload - ok
20:27:48.0312 1472  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
20:27:48.0312 1472  dmserver - ok
20:27:48.0359 1472  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
20:27:48.0359 1472  DMusic - ok
20:27:48.0437 1472  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:27:48.0437 1472  Dnscache - ok
20:27:48.0484 1472  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:27:48.0484 1472  Dot3svc - ok
20:27:48.0515 1472  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:27:48.0515 1472  dpti2o - ok
20:27:48.0562 1472  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:27:48.0562 1472  drmkaud - ok
20:27:48.0625 1472  [ 01DD1DB0156D0CA545EB779FBFAEC6FA ] DS1410D         C:\WINDOWS\system32\drivers\DS1410D.SYS
20:27:48.0640 1472  DS1410D - ok
20:27:48.0671 1472  [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:27:48.0671 1472  E100B - ok
20:27:48.0718 1472  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:27:48.0718 1472  EapHost - ok
20:27:48.0765 1472  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
20:27:48.0765 1472  ERSvc - ok
20:27:48.0828 1472  [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog        C:\WINDOWS\system32\services.exe
20:27:48.0828 1472  Eventlog - ok
20:27:48.0875 1472  [ 19A799805B24990867B00C120D300C3A ] EventSystem     C:\WINDOWS\system32\es.dll
20:27:48.0890 1472  EventSystem - ok
20:27:48.0921 1472  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
20:27:48.0921 1472  Fastfat - ok
20:27:48.0984 1472  [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:27:48.0984 1472  FastUserSwitchingCompatibility - ok
20:27:49.0031 1472  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:27:49.0046 1472  Fax - ok
20:27:49.0093 1472  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
20:27:49.0093 1472  Fdc - ok
20:27:49.0109 1472  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
20:27:49.0109 1472  Fips - ok
20:27:49.0140 1472  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:27:49.0140 1472  Flpydisk - ok
20:27:49.0187 1472  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:27:49.0187 1472  FltMgr - ok
20:27:49.0218 1472  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:27:49.0218 1472  Fs_Rec - ok
20:27:49.0250 1472  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:27:49.0250 1472  Ftdisk - ok
20:27:49.0312 1472  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:27:49.0312 1472  Gpc - ok
20:27:49.0437 1472  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:27:49.0437 1472  gupdate - ok
20:27:49.0468 1472  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:27:49.0468 1472  gupdatem - ok
20:27:49.0531 1472  [ 408DDD80EEDE47175F6844817B90213E ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:27:49.0531 1472  gusvc - ok
20:27:49.0609 1472  [ F3E34776D8B8AB665D051A8674FDF4CC ] hardlock        C:\WINDOWS\system32\drivers\hardlock.sys
20:27:49.0609 1472  hardlock - ok
20:27:49.0671 1472  [ 2DD25F060DC9F79B5CDF33D90ED93669 ] Haspnt          C:\WINDOWS\system32\drivers\Haspnt.sys
20:27:49.0671 1472  Haspnt - ok
20:27:49.0765 1472  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:27:49.0765 1472  helpsvc - ok
20:27:49.0812 1472  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
20:27:49.0812 1472  HidServ - ok
20:27:49.0859 1472  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:27:49.0859 1472  HidUsb - ok
20:27:49.0906 1472  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
20:27:49.0906 1472  hkmsvc - ok
20:27:49.0953 1472  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
20:27:49.0953 1472  hpn - ok
20:27:50.0000 1472  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
20:27:50.0000 1472  HTTP - ok
20:27:50.0046 1472  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
20:27:50.0046 1472  HTTPFilter - ok
20:27:50.0093 1472  [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
20:27:50.0093 1472  i2omgmt - ok
20:27:50.0109 1472  [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:27:50.0109 1472  i2omp - ok
20:27:50.0156 1472  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:27:50.0156 1472  i8042prt - ok
20:27:50.0250 1472  [ A38BF37FD0795382655F756DD4446FA0 ] IAANTMon        C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
20:27:50.0250 1472  IAANTMon - ok
20:27:50.0296 1472  [ D7731536E183B4397402CA6F9E1D52F7 ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
20:27:50.0296 1472  iaStor - ok
20:27:50.0328 1472  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
20:27:50.0328 1472  Imapi - ok
20:27:50.0390 1472  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:27:50.0390 1472  ImapiService - ok
20:27:50.0421 1472  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:27:50.0421 1472  ini910u - ok
20:27:50.0453 1472  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
20:27:50.0453 1472  IntelIde - ok
20:27:50.0500 1472  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:27:50.0500 1472  intelppm - ok
20:27:50.0546 1472  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
20:27:50.0546 1472  Ip6Fw - ok
20:27:50.0609 1472  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:27:50.0609 1472  IpFilterDriver - ok
20:27:50.0640 1472  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:27:50.0640 1472  IpInIp - ok
20:27:50.0703 1472  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:27:50.0703 1472  IpNat - ok
20:27:50.0734 1472  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:27:50.0734 1472  IPSec - ok
20:27:50.0781 1472  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
20:27:50.0781 1472  IRENUM - ok
20:27:50.0828 1472  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:27:50.0828 1472  isapnp - ok
20:27:50.0921 1472  [ 33112D12B95BD1DE18AF409D865DF10C ] ISWKL           C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
20:27:50.0921 1472  ISWKL - ok
20:27:50.0984 1472  [ CFF1CD2C1CC8F5271967AA268982E878 ] IswSvc          C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
20:27:51.0000 1472  IswSvc - ok
20:27:51.0109 1472  [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:27:51.0109 1472  JavaQuickStarterService - ok
20:27:51.0140 1472  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:27:51.0140 1472  Kbdclass - ok
20:27:51.0171 1472  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:27:51.0171 1472  kbdhid - ok
20:27:51.0203 1472  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
20:27:51.0203 1472  kmixer - ok
20:27:51.0265 1472  [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
20:27:51.0265 1472  KSecDD - ok
20:27:51.0328 1472  [ F385F4B02C535BFFE1D70CAB80838123 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
20:27:51.0328 1472  lanmanserver - ok
20:27:51.0359 1472  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:27:51.0359 1472  lanmanworkstation - ok
20:27:51.0390 1472  lbrtfdc - ok
20:27:51.0500 1472  [ 20CDB07017497C94A0BAD253C4BAFCBC ] LkCitadelServer C:\WINDOWS\system32\lkcitdl.exe
20:27:51.0500 1472  LkCitadelServer - ok
20:27:51.0531 1472  [ B07D786736E7B1719A90365911BC2D0A ] lkClassAds      C:\WINDOWS\system32\lkads.exe
20:27:51.0546 1472  lkClassAds - ok
20:27:51.0578 1472  [ AB1FAA47332EC2EE43BBFED7A6F0EA09 ] lkTimeSync      C:\WINDOWS\system32\lktsrv.exe
20:27:51.0578 1472  lkTimeSync - ok
20:27:51.0625 1472  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
20:27:51.0625 1472  LmHosts - ok
20:27:51.0687 1472  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
20:27:51.0687 1472  MBAMProtector - ok
20:27:51.0765 1472  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:27:51.0765 1472  MBAMScheduler - ok
20:27:51.0828 1472  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:27:51.0828 1472  MBAMService - ok
20:27:51.0875 1472  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
20:27:51.0875 1472  Messenger - ok
20:27:51.0984 1472  Microsoft SharePoint Workspace Audit Service - ok
20:27:52.0015 1472  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
20:27:52.0015 1472  mnmdd - ok
20:27:52.0062 1472  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:27:52.0062 1472  mnmsrvc - ok
20:27:52.0093 1472  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
20:27:52.0093 1472  Modem - ok
20:27:52.0125 1472  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:27:52.0125 1472  Mouclass - ok
20:27:52.0156 1472  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:27:52.0156 1472  mouhid - ok
20:27:52.0218 1472  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
20:27:52.0218 1472  MountMgr - ok
20:27:52.0296 1472  [ 6380FF81DD4D78B23398752D2F46EA43 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:27:52.0296 1472  MozillaMaintenance - ok
20:27:52.0343 1472  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:27:52.0343 1472  mraid35x - ok
20:27:52.0406 1472  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:27:52.0406 1472  MRxDAV - ok
20:27:52.0437 1472  [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:27:52.0453 1472  MRxSmb - ok
20:27:52.0500 1472  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
20:27:52.0500 1472  MSDTC - ok
20:27:52.0515 1472  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:27:52.0531 1472  Msfs - ok
20:27:52.0546 1472  MSIServer - ok
20:27:52.0578 1472  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:27:52.0578 1472  MSKSSRV - ok
20:27:52.0609 1472  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:27:52.0609 1472  MSPCLOCK - ok
20:27:52.0640 1472  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:27:52.0640 1472  MSPQM - ok
20:27:52.0671 1472  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:27:52.0671 1472  mssmbios - ok
20:27:52.0734 1472  [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
20:27:52.0734 1472  Mup - ok
20:27:52.0812 1472  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
20:27:52.0812 1472  napagent - ok
20:27:52.0859 1472  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
20:27:52.0859 1472  NDIS - ok
20:27:52.0890 1472  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:27:52.0890 1472  NdisTapi - ok
20:27:52.0921 1472  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:27:52.0921 1472  Ndisuio - ok
20:27:52.0984 1472  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:27:52.0984 1472  NdisWan - ok
20:27:53.0000 1472  [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:27:53.0000 1472  NDProxy - ok
20:27:53.0031 1472  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:27:53.0031 1472  NetBIOS - ok
20:27:53.0046 1472  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:27:53.0046 1472  NetBT - ok
20:27:53.0093 1472  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
20:27:53.0093 1472  NetDDE - ok
20:27:53.0109 1472  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
20:27:53.0109 1472  NetDDEdsdm - ok
20:27:53.0156 1472  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:27:53.0156 1472  Netlogon - ok
20:27:53.0234 1472  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
20:27:53.0234 1472  Netman - ok
20:27:53.0328 1472  [ 704907A9FD8E3BC86D20453863507331 ] NIApplicationWebServer C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
20:27:53.0328 1472  NIApplicationWebServer - ok
20:27:53.0406 1472  [ 908B9667F2FD7453CBCF3A2A0444DCC1 ] NIDomainService C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
20:27:53.0406 1472  NIDomainService - ok
20:27:53.0562 1472  [ AA8896BCD689851665EFC02DC41181AC ] NILM License Manager C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
20:27:53.0562 1472  NILM License Manager - ok
20:27:53.0640 1472  [ 8FED4893CB017F81CD1769448AD567E5 ] nimDNSResponder C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
20:27:53.0640 1472  nimDNSResponder - ok
20:27:53.0687 1472  [ 0B5406E008570C0C4B4159E33716422E ] niSvcLoc        C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe
20:27:53.0687 1472  niSvcLoc - ok
20:27:53.0734 1472  [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla             C:\WINDOWS\System32\mswsock.dll
20:27:53.0734 1472  Nla - ok
20:27:53.0812 1472  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess       C:\Program Files\CDBurnerXP\NMSAccessU.exe
20:27:53.0812 1472  NMSAccess - ok
20:27:53.0875 1472  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:27:53.0875 1472  Npfs - ok
20:27:53.0921 1472  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:27:53.0921 1472  Ntfs - ok
20:27:53.0953 1472  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
20:27:53.0953 1472  NtLmSsp - ok
20:27:54.0031 1472  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
20:27:54.0031 1472  NtmsSvc - ok
20:27:54.0062 1472  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:27:54.0062 1472  Null - ok
20:27:54.0156 1472  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:27:54.0171 1472  nv - ok
20:27:54.0234 1472  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:27:54.0234 1472  NwlnkFlt - ok
20:27:54.0281 1472  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:27:54.0281 1472  NwlnkFwd - ok
20:27:54.0296 1472  OCDE - ok
20:27:54.0359 1472  [ 53D5F1278D9EDB21689BBBCECC09108D ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
20:27:54.0359 1472  omci - ok
20:27:54.0484 1472  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:27:54.0484 1472  ose - ok
20:27:54.0718 1472  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:27:54.0750 1472  osppsvc - ok
20:27:54.0828 1472  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
20:27:54.0828 1472  Parport - ok
20:27:54.0859 1472  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
20:27:54.0859 1472  PartMgr - ok
20:27:54.0890 1472  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
20:27:54.0890 1472  ParVdm - ok
20:27:54.0921 1472  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
20:27:54.0921 1472  PCI - ok
20:27:54.0953 1472  PCIDump - ok
20:27:55.0000 1472  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
20:27:55.0000 1472  PCIIde - ok
20:27:55.0031 1472  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
20:27:55.0031 1472  Pcmcia - ok
20:27:55.0062 1472  PDCOMP - ok
20:27:55.0078 1472  PDFRAME - ok
20:27:55.0109 1472  PDRELI - ok
20:27:55.0140 1472  PDRFRAME - ok
20:27:55.0156 1472  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
20:27:55.0156 1472  perc2 - ok
20:27:55.0187 1472  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:27:55.0187 1472  perc2hib - ok
20:27:55.0281 1472  [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay        C:\WINDOWS\system32\services.exe
20:27:55.0281 1472  PlugPlay - ok
20:27:55.0312 1472  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
20:27:55.0312 1472  PolicyAgent - ok
20:27:55.0359 1472  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:27:55.0359 1472  PptpMiniport - ok
20:27:55.0375 1472  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:27:55.0375 1472  ProtectedStorage - ok
20:27:55.0406 1472  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
20:27:55.0406 1472  PSched - ok
20:27:55.0453 1472  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:27:55.0453 1472  Ptilink - ok
20:27:55.0515 1472  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:27:55.0515 1472  PxHelp20 - ok
20:27:55.0546 1472  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:27:55.0546 1472  ql1080 - ok
20:27:55.0578 1472  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:27:55.0578 1472  Ql10wnt - ok
20:27:55.0609 1472  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:27:55.0609 1472  ql12160 - ok
20:27:55.0656 1472  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:27:55.0656 1472  ql1240 - ok
20:27:55.0671 1472  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:27:55.0671 1472  ql1280 - ok
20:27:55.0703 1472  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:27:55.0703 1472  RasAcd - ok
20:27:55.0765 1472  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:27:55.0765 1472  RasAuto - ok
20:27:55.0812 1472  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:27:55.0812 1472  Rasl2tp - ok
20:27:55.0859 1472  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:27:55.0859 1472  RasMan - ok
20:27:55.0906 1472  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:27:55.0906 1472  RasPppoe - ok
20:27:55.0921 1472  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
20:27:55.0921 1472  Raspti - ok
20:27:55.0953 1472  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:27:55.0953 1472  Rdbss - ok
20:27:55.0984 1472  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:27:55.0984 1472  RDPCDD - ok
20:27:56.0046 1472  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:27:56.0046 1472  rdpdr - ok
20:27:56.0093 1472  [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
20:27:56.0093 1472  RDPWD - ok
20:27:56.0140 1472  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:27:56.0140 1472  RDSessMgr - ok
20:27:56.0171 1472  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
20:27:56.0187 1472  redbook - ok
20:27:56.0296 1472  [ A91B22E179D77F1F753C692CC7FAD1DD ] Remote Solver for COSMOSFloWorks 2005 C:\Program Files\COSMOS Applications\FloWorks\bin\StandAloneSlv.exe
20:27:56.0296 1472  Remote Solver for COSMOSFloWorks 2005 - ok
20:27:56.0359 1472  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:27:56.0359 1472  RemoteAccess - ok
20:27:56.0437 1472  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:27:56.0437 1472  RemoteRegistry - ok
20:27:56.0468 1472  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:27:56.0468 1472  RpcLocator - ok
20:27:56.0515 1472  [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
20:27:56.0515 1472  RpcSs - ok
20:27:56.0562 1472  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
20:27:56.0562 1472  RSVP - ok
20:27:56.0609 1472  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:27:56.0609 1472  SamSs - ok
20:27:56.0656 1472  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
20:27:56.0656 1472  SCardSvr - ok
20:27:56.0718 1472  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:27:56.0718 1472  Schedule - ok
20:27:56.0796 1472  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:27:56.0796 1472  Secdrv - ok
20:27:56.0843 1472  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
20:27:56.0859 1472  seclogon - ok
20:27:56.0906 1472  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
20:27:56.0906 1472  SENS - ok
20:27:56.0953 1472  [ AEBBA7428A6C40CCE3C5ABDE45190B24 ] Sentinel        C:\WINDOWS\System32\Drivers\SENTINEL.SYS
20:27:56.0953 1472  Sentinel - ok
20:27:56.0984 1472  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
20:27:56.0984 1472  serenum - ok
20:27:57.0031 1472  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
20:27:57.0031 1472  Serial - ok
20:27:57.0046 1472  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
20:27:57.0046 1472  Sfloppy - ok
20:27:57.0093 1472  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:27:57.0093 1472  SharedAccess - ok
20:27:57.0140 1472  [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:27:57.0140 1472  ShellHWDetection - ok
20:27:57.0156 1472  Simbad - ok
20:27:57.0203 1472  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:27:57.0203 1472  sisagp - ok
20:27:57.0250 1472  [ 4AA922332433CDEB8B82C072C212E32E ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
20:27:57.0265 1472  smwdm - ok
20:27:57.0312 1472  [ A1FF7D99B199CEA1F3DF371BA70D2780 ] SNTNLUSB        C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
20:27:57.0312 1472  SNTNLUSB - ok
20:27:57.0343 1472  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:27:57.0343 1472  Sparrow - ok
20:27:57.0421 1472  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
20:27:57.0421 1472  splitter - ok
20:27:57.0468 1472  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler         C:\WINDOWS\system32\spoolsv.exe
20:27:57.0468 1472  Spooler - ok
20:27:57.0531 1472  sprtlisten - ok
20:27:57.0562 1472  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
20:27:57.0562 1472  sr - ok
20:27:57.0593 1472  srescan - ok
20:27:57.0640 1472  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
20:27:57.0656 1472  srservice - ok
20:27:57.0687 1472  [ 5252605079810904E31C332E241CD59B ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:27:57.0687 1472  Srv - ok
20:27:57.0750 1472  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:27:57.0750 1472  SSDPSRV - ok
20:27:57.0796 1472  [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
20:27:57.0796 1472  StarOpen - ok
20:27:57.0843 1472  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
20:27:57.0843 1472  stisvc - ok
20:27:57.0890 1472  [ 2E5586392CDFBD1D73BADB20E9ED6386 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
20:27:57.0890 1472  SupportSoft RemoteAssist - ok
20:27:57.0937 1472  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
20:27:57.0937 1472  swenum - ok
20:27:57.0968 1472  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
20:27:57.0968 1472  swmidi - ok
20:27:57.0984 1472  SwPrv - ok
20:27:58.0015 1472  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
20:27:58.0015 1472  symc810 - ok
20:27:58.0031 1472  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:27:58.0031 1472  symc8xx - ok
20:27:58.0062 1472  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:27:58.0062 1472  sym_hi - ok
20:27:58.0078 1472  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:27:58.0078 1472  sym_u3 - ok
20:27:58.0109 1472  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
20:27:58.0109 1472  sysaudio - ok
20:27:58.0171 1472  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
20:27:58.0171 1472  SysmonLog - ok
20:27:58.0234 1472  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:27:58.0234 1472  TapiSrv - ok
20:27:58.0296 1472  [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:27:58.0296 1472  Tcpip - ok
20:27:58.0359 1472  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
20:27:58.0359 1472  TDPIPE - ok
20:27:58.0421 1472  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
20:27:58.0421 1472  TDTCP - ok
20:27:58.0453 1472  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
20:27:58.0468 1472  TermDD - ok
20:27:58.0515 1472  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
20:27:58.0531 1472  TermService - ok
20:27:58.0562 1472  [ 1926899BF9FFE2602B63074971700412 ] Themes          C:\WINDOWS\System32\shsvcs.dll
20:27:58.0562 1472  Themes - ok
20:27:58.0609 1472  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
20:27:58.0609 1472  TlntSvr - ok
20:27:58.0640 1472  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
20:27:58.0640 1472  TosIde - ok
20:27:58.0687 1472  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
20:27:58.0687 1472  TrkWks - ok
20:27:58.0718 1472  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
20:27:58.0718 1472  Udfs - ok
20:27:58.0750 1472  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
20:27:58.0750 1472  ultra - ok
20:27:58.0812 1472  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
20:27:58.0812 1472  Update - ok
20:27:58.0875 1472  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:27:58.0875 1472  upnphost - ok
20:27:58.0921 1472  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
20:27:58.0937 1472  UPS - ok
20:27:58.0968 1472  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:27:58.0968 1472  usbccgp - ok
20:27:59.0000 1472  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:27:59.0000 1472  usbehci - ok
20:27:59.0046 1472  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:27:59.0046 1472  usbhub - ok
20:27:59.0109 1472  [ 87DA0C8162DD39F96AEA602F45CC0F7E ] Usblink         C:\WINDOWS\system32\Drivers\ulink.sys
20:27:59.0109 1472  Usblink - ok
20:27:59.0140 1472  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:27:59.0140 1472  usbscan - ok
20:27:59.0187 1472  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:27:59.0187 1472  USBSTOR - ok
20:27:59.0203 1472  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:27:59.0203 1472  usbuhci - ok
20:27:59.0234 1472  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
20:27:59.0234 1472  VgaSave - ok
20:27:59.0265 1472  [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:27:59.0265 1472  viaagp - ok
20:27:59.0296 1472  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
20:27:59.0296 1472  ViaIde - ok
20:27:59.0312 1472  VMnetAdapter - ok
20:27:59.0343 1472  vmwvusb - ok
20:27:59.0359 1472  VNic - ok
20:27:59.0406 1472  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
20:27:59.0406 1472  VolSnap - ok
20:27:59.0453 1472  [ E0743BBE28AD2C310698148C75333729 ] Vsdatant        C:\WINDOWS\system32\vsdatant.sys
20:27:59.0468 1472  Vsdatant - ok
20:27:59.0500 1472  vsmon - ok
20:27:59.0546 1472  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
20:27:59.0546 1472  VSS - ok
20:27:59.0718 1472  [ 87C57CBE385E00726A2113614F6C6BD2 ] vToolbarUpdater14.1.7 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe
20:27:59.0718 1472  vToolbarUpdater14.1.7 - ok
20:27:59.0796 1472  [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time         C:\WINDOWS\system32\w32time.dll
20:27:59.0796 1472  w32time - ok
20:27:59.0843 1472  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:27:59.0843 1472  Wanarp - ok
20:27:59.0921 1472  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
20:27:59.0921 1472  Wdf01000 - ok
20:27:59.0953 1472  WDICA - ok
20:27:59.0984 1472  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
20:27:59.0984 1472  wdmaud - ok
20:28:00.0031 1472  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:28:00.0031 1472  WebClient - ok
20:28:00.0140 1472  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:28:00.0140 1472  winmgmt - ok
20:28:00.0218 1472  [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
20:28:00.0218 1472  WinUSB - ok
20:28:00.0265 1472  [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
20:28:00.0265 1472  WmdmPmSN - ok
20:28:00.0343 1472  [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi             C:\WINDOWS\System32\advapi32.dll
20:28:00.0359 1472  Wmi - ok
20:28:00.0421 1472  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:28:00.0421 1472  WmiApSrv - ok
20:28:00.0531 1472  [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
20:28:00.0531 1472  WMPNetworkSvc - ok
20:28:00.0593 1472  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:28:00.0593 1472  WS2IFSL - ok
20:28:00.0640 1472  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
20:28:00.0640 1472  wscsvc - ok
20:28:00.0687 1472  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:28:00.0703 1472  wuauserv - ok
20:28:00.0750 1472  [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:28:00.0750 1472  WudfPf - ok
20:28:00.0781 1472  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:28:00.0781 1472  WudfRd - ok
20:28:00.0812 1472  [ 575A4190D989F64732119E4114045A4F ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
20:28:00.0812 1472  WudfSvc - ok
20:28:00.0875 1472  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
20:28:00.0875 1472  WZCSVC - ok
20:28:00.0921 1472  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
20:28:00.0937 1472  xmlprov - ok
20:28:00.0953 1472  ================ Scan global ===============================
20:28:00.0984 1472  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:28:01.0000 1472  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
20:28:01.0031 1472  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
20:28:01.0062 1472  [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
20:28:01.0062 1472  [Global] - ok
20:28:01.0078 1472  ================ Scan MBR ==================================
20:28:01.0109 1472  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:28:01.0265 1472  \Device\Harddisk0\DR0 - ok
20:28:01.0781 1472  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:28:01.0781 1472  \Device\Harddisk1\DR1 - ok
20:28:01.0828 1472  [ A0C039530DB9EE7A3B5C5460DBE04A7E ] \Device\Harddisk2\DR5
20:28:01.0828 1472  \Device\Harddisk2\DR5 - ok
20:28:01.0843 1472  ================ Scan VBR ==================================
20:28:01.0859 1472  [ 25FB966EE60E6669BE807B2A9433F274 ] \Device\Harddisk0\DR0\Partition1
20:28:01.0859 1472  \Device\Harddisk0\DR0\Partition1 - ok
20:28:01.0875 1472  [ 55E9AF2A80256D968528023AC116E37A ] \Device\Harddisk2\DR5\Partition1
20:28:01.0875 1472  \Device\Harddisk2\DR5\Partition1 - ok
20:28:01.0890 1472  ============================================================
20:28:01.0890 1472  Scan finished
20:28:01.0890 1472  ============================================================
20:28:01.0921 1464  Detected object count: 0
20:28:01.0921 1464  Actual detected object count: 0

 

 

Emsisoft Anti-Malware - Version 7.0
quarantine log

Date    Source    Event    Behavior/Infection
2/18/2013 9:32:35 PM    C:\Documents and Settings\mike\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeRIP.lnk    Deleted infection    Trace.File.FreeRIP v3.0 (A)
2/15/2013 8:16:19 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> 1    Removed from quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 8:16:07 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_VBRQuality    Removed from quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 8:16:07 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUDockLeftPos    Removed from quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 8:14:51 AM    C:\Documents and Settings\mike\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeRIP.lnk    Restored from quarantine    Trace.File.FreeRIP v3.0 (A)
2/15/2013 7:56:53 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> N    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:03 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_Mode    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:00 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> LyricsWindow_dy    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:47 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> 3    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:49 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> DefaultTargetFormat    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:10 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ProxyServer    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:40 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUFloatYPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:39 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUFloatXPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:45 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> 0    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:54 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\freedbserverlist -> N    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:57 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FreeRIPDBAutoSearch    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:52 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> 4    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:22 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WavEnc_WriteInfoTags    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:46 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> 1    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:20 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> VorbisEnc_Quality    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:42 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-summary -> Bars    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:58 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Language    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:51 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> 2    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:37 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUDockTopPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:53 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FlacEnc_Level    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:03 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_Channels    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:55 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\microsoft\windows\currentversion\run -> Weather    Moved to quarantine    Trace.Registry.WeatherBug (A)
2/15/2013 7:56:11 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ProxyUser    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:31 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar2 -> Bar#2    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:44 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-summary -> ScreenCY    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:08 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> OutputPath    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:26 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WritePlayList    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:24 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WndCloseAfterRip    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:31 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar2 -> BarID    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:56 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FreedbTimeout    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:18 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> UseLocalDB    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:46 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> AutoCheckNewVersion    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:26 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WriteLrcFile    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:22 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WavEnc_Channels    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:13 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RegReminderDays    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:29 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar2 -> Bar#0    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:08 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ProxyPort    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:44 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthconv -> N    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:23 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WmaEnc_Mode    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:17 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ShowSplash    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:07 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> OptionsWindow_dy    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:06 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> OptionsWindow_dx    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:49 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> N    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:38 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUFloatStyle    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:28 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar0 -> BarID    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:52 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> 3    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:55 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FreedbServer    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:55 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\microsoft\windows\currentversion\uninstall\y5d69ferd17y3g32gxwpzvqz1e882559 -> y5d69ferd17y3g32gxwpzvqz1e882559    Moved to quarantine    Trace.Registry.GeekAlarm! (A)
2/15/2013 7:55:51 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FileNameFormat    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:45 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> AllowMultipleInstances    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:50 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> 1    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:11 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ReadCDText    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:36 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUDockLeftPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:47 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> BeepAfterRip    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:33 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> BarID    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:32 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar2 -> Bars    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:48 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> 4    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:58 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> LastRegReminderDate    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:36 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUDockRightPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:14 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RipVolume    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:34 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUDockBottomPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:54 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FreedbAutoChoose1    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:41 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> YPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:52 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FlacEnc_Channels    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:29 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar1 -> BarID    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:21 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WavEnc_BitsPerSample    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:05 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_WriteCRCs    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:01 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> MainWndCY    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:55 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FreedbEmail    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:16 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RunsCounter    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:27 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate -> BarSize_32772    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:51 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> EncodedByPreset    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:53 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ForceASPI    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:13 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RegName    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:15 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RunAtHigherPriority    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:35 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUDockID    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:50 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> 0    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:47 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> 2    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:49 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ConverterUsesFilenames    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:09 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ProxyPwd    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:19 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> UseProxy    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:33 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> Docking    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:02 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_Bitrate    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:46 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> AutoSearchFreedb    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:59 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> LyricsWindow_dx    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:05 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_WriteID3    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:43 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-summary -> ScreenCX    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:48 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> CDDevice    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:50 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> EjectAfterRip    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:18 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> SlowSpeedMode    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:20 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> VorbisEnc_Channels    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:25 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WriteCDPLAYERINI    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:01 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> MainWndCX    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:30 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar2 -> Bar#1    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:40 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> XPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:12 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RegCode    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:28 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate -> Version    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:16 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ShowFullFilename    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:04 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_VBRQuality    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:57:00 AM    C:\Documents and Settings\mike\Application Data\WeatherBug    Moved to quarantine    Trace.File.WeatherBug (A)
2/15/2013 7:56:59 AM    C:\Documents and Settings\mike\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeRIP.lnk    Moved to quarantine    Trace.File.FreeRIP v3.0 (A)
2/15/2013 7:56:59 AM    C:\Documents and Settings\All Users\Start Menu\Programs\FreeRIP3    Moved to quarantine    Trace.File.FreeRIP v3.0 (A)
2/15/2013 7:56:56 AM    C:\Program Files\FreeRIP3    Moved to quarantine    Trace.File.FreeRIP v3.0 (A)
2/15/2013 7:56:55 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\microsoft\windows\currentversion\run -> Weather    Moved to quarantine    Trace.Registry.WeatherBug (A)
2/15/2013 7:56:54 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\freedbserverlist -> N    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:53 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> N    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:52 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> 3    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:51 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> 2    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:50 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\filenamedefs -> 0    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:49 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> N    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:48 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> 4    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:47 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> 2    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:46 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> 1    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:45 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\cdgridcolumnwidthrip -> 0    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:44 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-summary -> ScreenCY    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:43 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-summary -> ScreenCX    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:42 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-summary -> Bars    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:41 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> YPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:40 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUFloatYPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:39 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUFloatXPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:38 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUFloatStyle    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:37 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUDockTopPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:36 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUDockLeftPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:35 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUDockID    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:34 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> MRUDockBottomPos    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:33 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar3 -> BarID    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:32 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar2 -> Bars    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:31 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar2 -> Bar#2    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:30 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar2 -> Bar#1    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:29 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate-bar1 -> BarID    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:28 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate -> Version    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:27 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3\barsstate -> BarSize_32772    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:26 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WriteLrcFile    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:25 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WriteCDPLAYERINI    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:24 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WndCloseAfterRip    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:23 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WmaEnc_Mode    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:22 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WavEnc_Channels    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:21 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> WavEnc_BitsPerSample    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:20 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> VorbisEnc_Channels    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:19 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> UseProxy    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:18 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> SlowSpeedMode    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:17 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ShowSplash    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:16 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RunsCounter    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:15 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RunAtHigherPriority    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:14 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RipVolume    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:13 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RegName    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:12 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> RegCode    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:11 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ProxyUser    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:10 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ProxyServer    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:09 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ProxyPwd    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:08 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> OutputPath    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:07 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> OptionsWindow_dy    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:06 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> OptionsWindow_dx    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:05 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_WriteCRCs    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:04 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_VBRQuality    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:03 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_Channels    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:02 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Mp3Enc_Bitrate    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:01 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> MainWndCX    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:56:00 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> LyricsWindow_dy    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:59 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> LyricsWindow_dx    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:58 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> Language    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:57 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FreeRIPDBAutoSearch    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:56 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FreedbTimeout    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:55 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FreedbEmail    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:54 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FreedbAutoChoose1    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:53 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FlacEnc_Level    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:52 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> FlacEnc_Channels    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:51 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> EncodedByPreset    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:50 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> EjectAfterRip    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:49 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> ConverterUsesFilenames    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:48 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> CDDevice    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:47 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> BeepAfterRip    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:46 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> AutoCheckNewVersion    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:45 AM    Value: hkey_users\s-1-5-21-3173653578-187255511-3374987207-1005\software\mgshareware\freerip3 -> AllowMultipleInstances    Moved to quarantine    Trace.Registry.FreeRIP v3.0 (A)
2/15/2013 7:55:44 AM    C:\WINDOWS\fqhcgjpl.exe    Moved to quarantine    Trojan.Win32.Weelsof.AMN (A)
2/15/2013 7:55:43 AM    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP1199\A0114841.exe    Moved to quarantine    Trojan.Win32.Weelsof.AMN (A)
2/15/2013 7:55:42 AM    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP1199\A0112632.exe    Moved to quarantine    Trojan.Win32.Weelsof.AMN (A)
2/15/2013 7:55:42 AM    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP1199\A0112631.exe    Moved to quarantine    Trojan.Win32.Weelsof.AMN (A)
2/15/2013 7:55:41 AM    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP1198\A0111393.exe    Moved to quarantine    Trojan.Win32.Weelsof.AMN (A)
2/15/2013 7:55:40 AM    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP1198\A0111392.exe    Moved to quarantine    Trojan.Win32.Weelsof.AMN (A)
2/15/2013 7:55:39 AM    C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\fqhcgjpl.exe.vir    Moved to quarantine    Trojan.Win32.Weelsof.AMN (A)



 



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:03 PM

Posted 19 February 2013 - 01:36 AM

I just want you to follow my instructions when I'm assisting you.If you dont need my help and run tools on your own then please let me know .I never asked for emsisoft logs.


Edited by narenxp, 19 February 2013 - 01:37 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users