FBI Money Pak Help Needed

View previous topic View next topic Go down

FBI Money Pak Help Needed

Post by xqme4asking on Mon 01 Oct 2012, 2:08 am

I have a window that has opened stating some FBI Money Pak. What type of virus & how do I remove it

xqme4asking

Rookie Surfer
Rookie Surfer

Posts : 70
Joined : 2010-07-04
Operating System : Windows 7 Starter 32

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by Gabethebabe on Mon 01 Oct 2012, 5:31 pm

Hi there xqme4asking!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:
  • Whilst Im helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  • Feel free to ask questions! Especially if my instructions are not clear. Im here to help, not confuse you.
  • I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  • Stick with me till the end. If your computer starts running better, doesnt mean it is clean yet!

====================

Please download RKill by Grinler from Download Mirror #1 and save it to your desktop.
Download Mirror #1 (rkill.exe)
Download Mirror #2 (rkill.scr)
Download Mirror #3 (rkill.com)
Download Mirror #4 (WiNlOgOn.exe)
Download Mirror #5 (uSeRiNiT.exe)
Download Mirror #6 (iExplore.exe)
Download Mirror #7 (eXplorer.exe)

  • Double click the RKill desktop icon (rightclick > Run as Administrator for Vista/WIN7).
  • A black screen will briefly flash indicating a successful run.
  • If this does not occur please delete that application and try using Mirror #2
  • Continue process until the tool runs.
  • Important: RKill only temporarily disables the malware. If you reboot the computer, it will be active again. So do not reboot until we kill the infection.

====================

Note on the above: if you are unable to download anything from the problem computer, download RKill from a clean computer and transfer it to the problem computer with a USB memory stick.

====================

Please download OTL by OldTimer from here and save it to your desktop.
  • Close all windows and double click OTL.exe.
  • The Extra Registry setting should be Use Safelist
  • Copy and paste the following text into the Custom Scans/Fixes box:

Code:
%APPDATA%\Microsoft\*.*
%systemroot%\system32\config\systemprofile\*.dat /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\winn32\*.*
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%PROGRAMFILES%\Mozilla Firefox\*.exe
%ProgramFiles%\TinyProxy.
%systemroot%\system32\*.* /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.* /lockedfiles
%PROGRAMFILES%\*.
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
netlogon.dll
explorer.exe
userinit.exe
winlogon.exe
services.exe
svchost.exe
*.xpi
/md5stop
CREATERESTOREPOINT
hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
hkcu\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
hklm\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
  • Click the Run Scan button and allow it to run.
  • It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  • You may need multiple posts to get it all.


====================

Note: after getting the OTL logs it might be a god idea to not switch your computer off or reboot it - because that will activate the malware again. Just await my instructions.

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by xqme4asking on Tue 02 Oct 2012, 10:25 am

I was able to download and run Rkill Mirror 1, and the log is shown below for it.
I was not able to Run the OTL; I recieved an error message Access Violation at address CCCC0460. Read of address CCCC0460.
FYI I am running in safe mode with networking; again the log from Rkill is below

I am leaving the comp on until I hear back from you

Rkill 2.4.3 by Lawrence Abrams (Grinler)
[You must be registered and logged in to see this link.]
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
[You must be registered and logged in to see this link.]

Program started at: 10/01/2012 07:08:08 PM in x86 mode.
Windows Version: Windows 7 Starter

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* BITS [Missing Service]
* iphlpsvc [Missing Service]
* MpsSvc [Missing Service]
* SensrSvc [Missing Service]
* wuauserv [Missing Service]

* SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/01/2012 07:08:28 PM
Execution time: 0 hours(s), 0 minute(s), and 19 seconds(s)

xqme4asking

Rookie Surfer
Rookie Surfer

Posts : 70
Joined : 2010-07-04
Operating System : Windows 7 Starter 32

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by Gabethebabe on Tue 02 Oct 2012, 4:50 pm

Time to bring out ComboFix by sUBs, a powerful tool that you are advised not to run without supervision of a trained malware helper. Please visit this webpage and read the tutorial on using ComboFix very carefully. After that proceed to download ComboFix, but rename it during the download, to make sure the malware does not interfere.

The easiest is to download using Internet Explorer. If you insist on using Mozilla Firefox, you have to make a change to its configuration:
Tools >> Options >> General >> Downloads >> select Always ask me where to save files.

Use one of the links in the guide to download ComboFix and when your browser asks you where to save it, change the name of the file to svchost.exe and save it to your desktop.



Doubleclick svchost.exe to run the tool. Please post its log back here.

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by xqme4asking on Wed 03 Oct 2012, 10:52 am

ComboFix 12-10-02.02 - JT 10/02/2012 18:30:20.1.2 - x86
Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.1013.403 [GMT -4:00]
Running from: c:\users\JT\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\67911317.pad
c:\programdata\lsass.exe
c:\users\JT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
c:\windows\$NtUninstallKB60445$\1365526880
c:\windows\$NtUninstallKB60445$\2306827618\@
c:\windows\$NtUninstallKB60445$\2306827618\Desktop.ini
c:\windows\$NtUninstallKB60445$\2306827618\L\00000004.@
c:\windows\$NtUninstallKB60445$\2306827618\L\201d3dde
c:\windows\$NtUninstallKB60445$\2306827618\L\xadqgnnk
c:\windows\$NtUninstallKB60445$\2306827618\U\00000004.@
c:\windows\$NtUninstallKB60445$\2306827618\U\00000008.@
c:\windows\$NtUninstallKB60445$\2306827618\U\000000cb.@
c:\windows\$NtUninstallKB60445$\2306827618\U\80000000.@
c:\windows\$NtUninstallKB60445$\2306827618\U\80000032.@
c:\windows\system32\sysprep\CRYPTBASE.dll_
.
Infected copy of c:\windows\system32\drivers\afd.sys was found and disinfected
Restored copy from - The cat found it
.
((((((((((((((((((((((((( Files Created from 2012-09-02 to 2012-10-02 )))))))))))))))))))))))))))))))
.
.
2012-10-02 22:46 . 2012-10-02 22:48 -------- d-----w- c:\users\JT\AppData\Local\temp
2012-10-02 22:46 . 2012-10-02 22:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-02 22:35 . 2012-08-30 08:17 6980552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{24E5933C-1489-4EE1-A383-1F301E523904}\mpengine.dll
2012-10-02 22:26 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2012-09-30 15:04 . 2012-09-30 15:04 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-09-22 10:20 . 2012-09-22 10:20 -------- d-----w- c:\program files\Common Files\Skype
2012-09-22 10:20 . 2012-09-22 10:20 -------- d-----r- c:\program files\Skype
2012-09-12 10:59 . 2012-08-02 17:05 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-07 23:56 . 2012-09-07 23:56 -------- d-----w- c:\program files\Free Offers from Freeze.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-22 22:52 . 2012-07-31 18:06 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-22 22:52 . 2012-07-31 18:06 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-18 17:10 . 2012-08-15 14:15 2344448 ----a-w- c:\windows\system32\win32k.sys
2012-07-06 19:31 . 2012-08-16 14:39 393216 ----a-w- c:\windows\system32\drivers\bthport.sys

xqme4asking

Rookie Surfer
Rookie Surfer

Posts : 70
Joined : 2010-07-04
Operating System : Windows 7 Starter 32

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by xqme4asking on Wed 03 Oct 2012, 10:53 am


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 03:40 120176 ----a-w- c:\program files\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"cdloader"="c:\users\JT\AppData\Roaming\mjusbsp\cdloader2.exe" [2012-02-01 50592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"mwlDaemon"="c:\program files\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"Norton Online Backup"="c:\program files\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 966488]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-02-11 10025576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-16 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-16 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-16 150552]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2010-08-10 975952]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-05 1692968]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-05 714120]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2011-1-11 704104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS [x]
R3 MWLService;MyWinLocker Service;c:\program files\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NOBU;Norton Online Backup;c:\program files\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-31 22:53]

xqme4asking

Rookie Surfer
Rookie Surfer

Posts : 70
Joined : 2010-07-04
Operating System : Windows 7 Starter 32

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by xqme4asking on Wed 03 Oct 2012, 10:55 am

------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.2.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2368)
c:\program files\EgisTec MyWinLocker\x86\psdprotect.dll
c:\program files\EgisTec MyWinLocker\x86\sysenv.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Symantec\Norton Online Backup\NOBuAgent.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-10-02 18:54:03 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-02 22:54
.
Pre-Run: 200,758,185,984 bytes free
Post-Run: 201,820,008,448 bytes free
.
- - End Of File - - 06E5C1E3B3B7091528D3B3C9CDBEAB62

xqme4asking

Rookie Surfer
Rookie Surfer

Posts : 70
Joined : 2010-07-04
Operating System : Windows 7 Starter 32

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by Gabethebabe on Wed 03 Oct 2012, 6:21 pm

combofix took out a nasty bugger for us

  • Download TDSSKiller by Kaspersky from here and save it to your desktop
  • Doubleclick TDSSKiller.exe to run the tool
  • Click Change parameters
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button
  • If threats are detected, you will need to choose options before clicking Continue
  • For Suspicious objects choose the Skip action
  • For Malicious objects choose the Cure action. If Cure is not available, choose Skip instead, never choose Delete.
  • Click the Report button and copy/paste the contents of it into your next reply
  • The report can also be found in the root of your Windows drive (most likely C:\).

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by xqme4asking on Thu 04 Oct 2012, 10:38 am

19:34:44.0055 2252 ComputerName: JT4
19:34:44.0055 2252 UserName: JT
19:34:44.0055 2252 Windows directory: C:\Windows
19:34:44.0055 2252 System windows directory: C:\Windows
19:34:44.0055 2252 Processor architecture: Intel x86
19:34:44.0055 2252 Number of processors: 2
19:34:44.0055 2252 Page size: 0x1000
19:34:44.0055 2252 Boot type: Normal boot
19:34:44.0055 2252 ============================================================
19:34:44.0960 2252 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:34:44.0960 2252 ============================================================
19:34:44.0960 2252 \Device\Harddisk0\DR0:
19:34:44.0960 2252 MBR partitions:
19:34:44.0960 2252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
19:34:44.0960 2252 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x1B792800
19:34:44.0960 2252 ============================================================
19:34:45.0007 2252 C: <-> \Device\Harddisk0\DR0\Partition2
19:34:45.0007 2252 ============================================================
19:34:45.0007 2252 Initialize success
19:34:45.0007 2252 ============================================================
19:35:22.0744 3764 ============================================================
19:35:22.0744 3764 Scan started
19:35:22.0744 3764 Mode: Manual; SigCheck; TDLFS;
19:35:22.0744 3764 ============================================================
19:35:24.0678 3764 ================ Scan system memory ========================
19:35:24.0678 3764 System memory - ok
19:35:24.0678 3764 ================ Scan services =============================
19:35:25.0022 3764 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:35:25.0318 3764 1394ohci - ok
19:35:25.0396 3764 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
19:35:25.0458 3764 ACPI - ok
19:35:25.0505 3764 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
19:35:25.0614 3764 AcpiPmi - ok
19:35:25.0802 3764 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:35:25.0848 3764 AdobeFlashPlayerUpdateSvc - ok
19:35:25.0958 3764 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:35:26.0020 3764 adp94xx - ok
19:35:26.0082 3764 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:35:26.0129 3764 adpahci - ok
19:35:26.0176 3764 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:35:26.0207 3764 adpu320 - ok
19:35:26.0254 3764 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:35:26.0316 3764 AeLookupSvc - ok
19:35:26.0426 3764 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
19:35:26.0550 3764 AFD - ok
19:35:26.0582 3764 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
19:35:26.0628 3764 agp440 - ok
19:35:26.0722 3764 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:35:26.0753 3764 aic78xx - ok
19:35:26.0816 3764 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:35:26.0909 3764 ALG - ok
19:35:27.0018 3764 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
19:35:27.0050 3764 aliide - ok
19:35:27.0081 3764 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
19:35:27.0143 3764 amdagp - ok
19:35:27.0159 3764 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
19:35:27.0206 3764 amdide - ok
19:35:27.0237 3764 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:35:27.0315 3764 AmdK8 - ok
19:35:27.0330 3764 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:35:27.0393 3764 AmdPPM - ok
19:35:27.0455 3764 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:35:27.0502 3764 amdsata - ok
19:35:27.0564 3764 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:35:27.0611 3764 amdsbs - ok
19:35:27.0627 3764 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:35:27.0689 3764 amdxata - ok
19:35:27.0720 3764 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
19:35:27.0830 3764 AppID - ok
19:35:27.0876 3764 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:35:28.0048 3764 AppIDSvc - ok
19:35:28.0126 3764 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
19:35:28.0188 3764 Appinfo - ok
19:35:28.0298 3764 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:35:28.0344 3764 Apple Mobile Device - ok
19:35:28.0422 3764 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:35:28.0469 3764 arc - ok
19:35:28.0500 3764 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:35:28.0547 3764 arcsas - ok
19:35:28.0578 3764 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:35:28.0766 3764 AsyncMac - ok
19:35:28.0844 3764 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
19:35:28.0875 3764 atapi - ok
19:35:28.0953 3764 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:35:29.0093 3764 AudioEndpointBuilder - ok
19:35:29.0109 3764 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:35:29.0202 3764 Audiosrv - ok
19:35:29.0249 3764 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:35:29.0343 3764 AxInstSV - ok
19:35:29.0421 3764 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:35:29.0499 3764 b06bdrv - ok
19:35:29.0546 3764 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:35:29.0608 3764 b57nd60x - ok
19:35:29.0764 3764 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
19:35:29.0826 3764 BBSvc - ok
19:35:29.0904 3764 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
19:35:29.0936 3764 BBUpdate - ok
19:35:30.0154 3764 [ 11F7B0DF6BA607C904CAF159B999A170 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
19:35:30.0372 3764 BCM43XX - ok
19:35:30.0435 3764 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:35:30.0544 3764 BDESVC - ok
19:35:30.0606 3764 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:35:30.0700 3764 Beep - ok
19:35:30.0794 3764 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
19:35:30.0918 3764 BFE - ok
19:35:30.0981 3764 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\system32\qmgr.dll
19:35:31.0106 3764 BITS - ok
19:35:31.0137 3764 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:35:31.0168 3764 blbdrive - ok
19:35:31.0262 3764 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:35:31.0293 3764 Bonjour Service - ok
19:35:31.0355 3764 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:35:31.0418 3764 bowser - ok
19:35:31.0449 3764 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:35:31.0496 3764 BrFiltLo - ok
19:35:31.0511 3764 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:35:31.0574 3764 BrFiltUp - ok
19:35:31.0605 3764 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:35:31.0698 3764 BridgeMP - ok
19:35:31.0745 3764 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
19:35:31.0808 3764 Browser - ok
19:35:31.0854 3764 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:35:31.0901 3764 Brserid - ok
19:35:31.0932 3764 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:35:32.0026 3764 BrSerWdm - ok
19:35:32.0042 3764 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:35:32.0104 3764 BrUsbMdm - ok
19:35:32.0104 3764 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:35:32.0151 3764 BrUsbSer - ok
19:35:32.0213 3764 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:35:32.0307 3764 BthEnum - ok
19:35:32.0354 3764 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:35:32.0416 3764 BTHMODEM - ok
19:35:32.0447 3764 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:35:32.0510 3764 BthPan - ok
19:35:32.0588 3764 [ 04CEDA17A195924070B01174CB1F9AF8 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:35:32.0634 3764 BTHPORT - ok
19:35:32.0728 3764 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:35:32.0837 3764 bthserv - ok
19:35:32.0868 3764 [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:35:32.0915 3764 BTHUSB - ok
19:35:33.0009 3764 catchme - ok
19:35:33.0071 3764 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:35:33.0180 3764 cdfs - ok
19:35:33.0258 3764 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:35:33.0336 3764 cdrom - ok
19:35:33.0414 3764 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
19:35:33.0492 3764 CertPropSvc - ok
19:35:33.0539 3764 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:35:33.0570 3764 circlass - ok
19:35:33.0602 3764 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:35:33.0648 3764 CLFS - ok
19:35:33.0742 3764 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:35:33.0789 3764 clr_optimization_v2.0.50727_32 - ok
19:35:33.0882 3764 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:35:33.0960 3764 clr_optimization_v4.0.30319_32 - ok
19:35:33.0992 3764 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:35:34.0038 3764 CmBatt - ok
19:35:34.0054 3764 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
19:35:34.0085 3764 cmdide - ok
19:35:34.0132 3764 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
19:35:34.0210 3764 CNG - ok
19:35:34.0272 3764 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:35:34.0319 3764 Compbatt - ok
19:35:34.0350 3764 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:35:34.0413 3764 CompositeBus - ok
19:35:34.0444 3764 COMSysApp - ok
19:35:34.0475 3764 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:35:34.0522 3764 crcdisk - ok
19:35:34.0600 3764 [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:35:34.0678 3764 CryptSvc - ok
19:35:34.0818 3764 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:35:34.0896 3764 cvhsvc - ok
19:35:34.0943 3764 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
19:35:35.0052 3764 DcomLaunch - ok
19:35:35.0099 3764 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:35:35.0208 3764 defragsvc - ok
19:35:35.0286 3764 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:35:35.0380 3764 DfsC - ok
19:35:35.0458 3764 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:35:35.0598 3764 Dhcp - ok
19:35:35.0661 3764 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:35:35.0770 3764 discache - ok
19:35:35.0817 3764 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:35:35.0864 3764 Disk - ok
19:35:35.0910 3764 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:35:35.0988 3764 Dnscache - ok
19:35:36.0035 3764 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
19:35:36.0176 3764 dot3svc - ok
19:35:36.0222 3764 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
19:35:36.0347 3764 DPS - ok
19:35:36.0410 3764 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:35:36.0472 3764 drmkaud - ok
19:35:36.0566 3764 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files\Launch Manager\dsiwmis.exe
19:35:36.0597 3764 DsiWMIService - ok
19:35:36.0659 3764 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:35:36.0722 3764 DXGKrnl - ok
19:35:36.0800 3764 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:35:36.0924 3764 EapHost - ok
19:35:37.0080 3764 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:35:37.0221 3764 ebdrv - ok
19:35:37.0268 3764 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
19:35:37.0361 3764 EFS - ok
19:35:37.0424 3764 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:35:37.0486 3764 elxstor - ok
19:35:37.0595 3764 [ D26BCEA7840C13C99C167995E0A2F8DF ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:35:37.0673 3764 ePowerSvc - ok
19:35:37.0704 3764 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
19:35:37.0736 3764 ErrDev - ok
19:35:37.0814 3764 [ 4FAB8DFAF156E048AD514EABD268AB3A ] EUCR C:\Windows\system32\DRIVERS\EUCR6SK.SYS
19:35:37.0860 3764 EUCR - ok
19:35:37.0954 3764 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:35:38.0048 3764 EventSystem - ok
19:35:38.0063 3764 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:35:38.0141 3764 exfat - ok
19:35:38.0157 3764 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:35:38.0250 3764 fastfat - ok
19:35:38.0313 3764 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
19:35:38.0406 3764 Fax - ok
19:35:38.0438 3764 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:35:38.0500 3764 fdc - ok
19:35:38.0531 3764 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:35:38.0609 3764 fdPHost - ok
19:35:38.0656 3764 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:35:38.0718 3764 FDResPub - ok
19:35:38.0750 3764 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:35:38.0781 3764 FileInfo - ok
19:35:38.0812 3764 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:35:38.0874 3764 Filetrace - ok
19:35:38.0906 3764 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:35:38.0952 3764 flpydisk - ok
19:35:38.0984 3764 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:35:39.0030 3764 FltMgr - ok
19:35:39.0077 3764 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll
19:35:39.0171 3764 FontCache - ok
19:35:39.0233 3764 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:35:39.0280 3764 FontCache3.0.0.0 - ok
19:35:39.0311 3764 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:35:39.0342 3764 FsDepends - ok
19:35:39.0374 3764 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:35:39.0405 3764 Fs_Rec - ok
19:35:39.0452 3764 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:35:39.0498 3764 fvevol - ok
19:35:39.0576 3764 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:35:39.0623 3764 gagp30kx - ok
19:35:39.0717 3764 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe
19:35:39.0748 3764 GameConsoleService - ok
19:35:39.0826 3764 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:35:39.0857 3764 GEARAspiWDM - ok
19:35:39.0935 3764 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
19:35:40.0029 3764 gpsvc - ok
19:35:40.0091 3764 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files\Acer\Registration\GREGsvc.exe
19:35:40.0122 3764 GREGService - ok
19:35:40.0154 3764 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:35:40.0232 3764 hcw85cir - ok
19:35:40.0294 3764 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:35:40.0356 3764 HdAudAddService - ok
19:35:40.0388 3764 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:35:40.0450 3764 HDAudBus - ok
19:35:40.0481 3764 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:35:40.0528 3764 HidBatt - ok
19:35:40.0544 3764 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:35:40.0606 3764 HidBth - ok
19:35:40.0637 3764 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:35:40.0715 3764 HidIr - ok
19:35:40.0778 3764 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
19:35:40.0887 3764 hidserv - ok
19:35:40.0949 3764 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:35:41.0012 3764 HidUsb - ok
19:35:41.0043 3764 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:35:41.0136 3764 hkmsvc - ok
19:35:41.0152 3764 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:35:41.0214 3764 HomeGroupListener - ok
19:35:41.0246 3764 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:35:41.0308 3764 HomeGroupProvider - ok
19:35:41.0370 3764 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
19:35:41.0402 3764 HpSAMD - ok

xqme4asking

Rookie Surfer
Rookie Surfer

Posts : 70
Joined : 2010-07-04
Operating System : Windows 7 Starter 32

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by xqme4asking on Thu 04 Oct 2012, 10:39 am

19:35:41.0464 3764 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:35:41.0604 3764 HTTP - ok
19:35:41.0604 3764 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:35:41.0651 3764 hwpolicy - ok
19:35:41.0698 3764 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:35:41.0745 3764 i8042prt - ok
19:35:41.0807 3764 [ D80AA0907748D7CC8EFAB3773F32629B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:35:41.0854 3764 iaStor - ok
19:35:41.0901 3764 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:35:41.0948 3764 iaStorV - ok
19:35:42.0010 3764 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:35:42.0088 3764 idsvc - ok
19:35:42.0306 3764 [ D0074897C6BC132F3980EA4654BF7FB9 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:35:42.0572 3764 igfx - ok
19:35:42.0650 3764 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:35:42.0665 3764 iirsp - ok
19:35:42.0743 3764 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
19:35:42.0852 3764 IKEEXT - ok
19:35:43.0055 3764 [ FEAAE1C549D14B9759B88C569F33CD4E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:35:43.0242 3764 IntcAzAudAddService - ok
19:35:43.0274 3764 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
19:35:43.0305 3764 intelide - ok
19:35:43.0352 3764 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:35:43.0414 3764 intelppm - ok
19:35:43.0461 3764 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:35:43.0554 3764 IPBusEnum - ok
19:35:43.0586 3764 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:35:43.0679 3764 IpFilterDriver - ok
19:35:43.0742 3764 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:35:43.0820 3764 iphlpsvc - ok
19:35:43.0835 3764 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:35:43.0882 3764 IPMIDRV - ok
19:35:43.0898 3764 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:35:43.0976 3764 IPNAT - ok
19:35:44.0069 3764 [ CE004777B92DEA56FE14EC900D20BAA4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:35:44.0132 3764 iPod Service - ok
19:35:44.0194 3764 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:35:44.0241 3764 IRENUM - ok
19:35:44.0272 3764 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
19:35:44.0303 3764 isapnp - ok
19:35:44.0319 3764 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:35:44.0366 3764 iScsiPrt - ok
19:35:44.0397 3764 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:35:44.0428 3764 kbdclass - ok
19:35:44.0475 3764 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:35:44.0537 3764 kbdhid - ok
19:35:44.0553 3764 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
19:35:44.0584 3764 KeyIso - ok
19:35:44.0631 3764 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:35:44.0662 3764 KSecDD - ok
19:35:44.0693 3764 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:35:44.0740 3764 KSecPkg - ok
19:35:44.0787 3764 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:35:44.0880 3764 KtmRm - ok
19:35:44.0927 3764 [ 1A91EAAD2D73758140B3B7B6AD736573 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
19:35:44.0974 3764 L1C - ok
19:35:45.0036 3764 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\System32\srvsvc.dll
19:35:45.0099 3764 LanmanServer - ok
19:35:45.0130 3764 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:35:45.0208 3764 LanmanWorkstation - ok
19:35:45.0302 3764 [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:35:45.0333 3764 Live Updater Service - ok
19:35:45.0395 3764 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:35:45.0489 3764 lltdio - ok
19:35:45.0536 3764 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:35:45.0629 3764 lltdsvc - ok
19:35:45.0660 3764 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:35:45.0754 3764 lmhosts - ok
19:35:45.0848 3764 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:35:45.0879 3764 LSI_FC - ok
19:35:45.0926 3764 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:35:45.0972 3764 LSI_SAS - ok
19:35:45.0988 3764 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:35:46.0019 3764 LSI_SAS2 - ok
19:35:46.0066 3764 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:35:46.0097 3764 LSI_SCSI - ok
19:35:46.0175 3764 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:35:46.0300 3764 luafv - ok
19:35:46.0362 3764 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:35:46.0394 3764 megasas - ok
19:35:46.0472 3764 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:35:46.0518 3764 MegaSR - ok
19:35:46.0581 3764 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:35:46.0706 3764 MMCSS - ok
19:35:46.0721 3764 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:35:46.0846 3764 Modem - ok
19:35:46.0893 3764 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:35:46.0955 3764 monitor - ok
19:35:47.0002 3764 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:35:47.0049 3764 mouclass - ok
19:35:47.0080 3764 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:35:47.0174 3764 mouhid - ok
19:35:47.0205 3764 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:35:47.0252 3764 mountmgr - ok
19:35:47.0267 3764 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
19:35:47.0314 3764 mpio - ok
19:35:47.0314 3764 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:35:47.0454 3764 mpsdrv - ok
19:35:47.0548 3764 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
19:35:47.0688 3764 MpsSvc - ok
19:35:47.0720 3764 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:35:47.0766 3764 MRxDAV - ok
19:35:47.0844 3764 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:35:47.0938 3764 mrxsmb - ok
19:35:47.0985 3764 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:35:48.0110 3764 mrxsmb10 - ok
19:35:48.0156 3764 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:35:48.0203 3764 mrxsmb20 - ok
19:35:48.0312 3764 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
19:35:48.0359 3764 msahci - ok
19:35:48.0390 3764 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
19:35:48.0437 3764 msdsm - ok
19:35:48.0468 3764 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:35:48.0546 3764 MSDTC - ok
19:35:48.0593 3764 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:35:48.0702 3764 Msfs - ok
19:35:48.0734 3764 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:35:48.0827 3764 mshidkmdf - ok
19:35:48.0874 3764 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
19:35:48.0905 3764 msisadrv - ok
19:35:48.0969 3764 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:35:49.0078 3764 MSiSCSI - ok
19:35:49.0093 3764 msiserver - ok
19:35:49.0156 3764 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:35:49.0296 3764 MSKSSRV - ok
19:35:49.0327 3764 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:35:49.0437 3764 MSPCLOCK - ok
19:35:49.0452 3764 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:35:49.0546 3764 MSPQM - ok
19:35:49.0608 3764 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:35:49.0655 3764 MsRPC - ok
19:35:49.0686 3764 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:35:49.0733 3764 mssmbios - ok
19:35:49.0780 3764 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:35:49.0873 3764 MSTEE - ok
19:35:49.0905 3764 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:35:49.0967 3764 MTConfig - ok
19:35:49.0983 3764 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:35:50.0037 3764 Mup - ok
19:35:50.0114 3764 [ CB47C414E083CA6E50E634B148F28F64 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:35:50.0129 3764 mwlPSDFilter - ok
19:35:50.0145 3764 [ 647B953019559BFF07536F5C6121F333 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:35:50.0176 3764 mwlPSDNServ - ok
19:35:50.0207 3764 [ 5A236A36DB8687D1E64DC81C03EAABE1 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:35:50.0254 3764 mwlPSDVDisk - ok
19:35:50.0348 3764 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe
19:35:50.0395 3764 MWLService - ok
19:35:50.0441 3764 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
19:35:50.0566 3764 napagent - ok
19:35:50.0644 3764 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:35:50.0738 3764 NativeWifiP - ok
19:35:50.0816 3764 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:35:50.0909 3764 NDIS - ok
19:35:50.0941 3764 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:35:51.0019 3764 NdisCap - ok
19:35:51.0143 3764 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:35:51.0253 3764 NdisTapi - ok
19:35:51.0299 3764 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:35:51.0424 3764 Ndisuio - ok
19:35:51.0455 3764 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:35:51.0580 3764 NdisWan - ok
19:35:51.0596 3764 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:35:51.0689 3764 NDProxy - ok
19:35:51.0736 3764 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:35:51.0861 3764 NetBIOS - ok
19:35:51.0877 3764 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:35:51.0986 3764 NetBT - ok
19:35:52.0017 3764 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
19:35:52.0064 3764 Netlogon - ok
19:35:52.0142 3764 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:35:52.0251 3764 Netman - ok
19:35:52.0282 3764 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:35:52.0407 3764 netprofm - ok
19:35:52.0454 3764 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:35:52.0485 3764 NetTcpPortSharing - ok
19:35:52.0563 3764 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:35:52.0594 3764 nfrd960 - ok
19:35:52.0641 3764 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
19:35:52.0781 3764 NlaSvc - ok
19:35:53.0047 3764 [ A634584C506F2C82680039371AA1772C ] NOBU C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
19:35:53.0218 3764 NOBU - ok
19:35:53.0249 3764 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:35:53.0483 3764 Npfs - ok
19:35:53.0577 3764 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:35:53.0671 3764 nsi - ok
19:35:53.0717 3764 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:35:53.0873 3764 nsiproxy - ok
19:35:53.0998 3764 [ 187002CE05693C306F43C873F821381F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:35:54.0076 3764 Ntfs - ok
19:35:54.0123 3764 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:35:54.0248 3764 Null - ok
19:35:54.0341 3764 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:35:54.0388 3764 nvraid - ok
19:35:54.0466 3764 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:35:54.0529 3764 nvstor - ok
19:35:54.0591 3764 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
19:35:54.0622 3764 nv_agp - ok
19:35:54.0700 3764 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:35:54.0747 3764 ohci1394 - ok
19:35:54.0809 3764 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:35:54.0841 3764 ose - ok
19:35:55.0324 3764 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:35:55.0730 3764 osppsvc - ok
19:35:55.0761 3764 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:35:55.0870 3764 p2pimsvc - ok
19:35:55.0948 3764 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:35:56.0011 3764 p2psvc - ok
19:35:56.0073 3764 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:35:56.0135 3764 Parport - ok
19:35:56.0182 3764 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:35:56.0213 3764 partmgr - ok
19:35:56.0260 3764 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:35:56.0323 3764 Parvdm - ok
19:35:56.0385 3764 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:35:56.0447 3764 PcaSvc - ok
19:35:56.0479 3764 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
19:35:56.0541 3764 pci - ok
19:35:56.0603 3764 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
19:35:56.0635 3764 pciide - ok
19:35:56.0697 3764 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:35:56.0744 3764 pcmcia - ok
19:35:56.0791 3764 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:35:56.0837 3764 pcw - ok
19:35:56.0900 3764 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:35:57.0025 3764 PEAUTH - ok
19:35:57.0306 3764 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
19:35:57.0540 3764 pla - ok
19:35:57.0603 3764 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:35:57.0728 3764 PlugPlay - ok
19:35:57.0774 3764 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:35:57.0852 3764 PNRPAutoReg - ok
19:35:57.0884 3764 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:35:57.0946 3764 PNRPsvc - ok
19:35:57.0993 3764 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:35:58.0118 3764 PolicyAgent - ok
19:35:58.0180 3764 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
19:35:58.0275 3764 Power - ok
19:35:58.0337 3764 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:35:58.0446 3764 PptpMiniport - ok
19:35:58.0477 3764 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:35:58.0540 3764 Processor - ok
19:35:58.0587 3764 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll
19:35:58.0696 3764 ProfSvc - ok
19:35:58.0727 3764 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:35:58.0789 3764 ProtectedStorage - ok
19:35:58.0836 3764 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:35:58.0945 3764 Psched - ok
19:35:59.0086 3764 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:35:59.0226 3764 ql2300 - ok
19:35:59.0273 3764 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:35:59.0321 3764 ql40xx - ok
19:35:59.0368 3764 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:35:59.0461 3764 QWAVE - ok
19:35:59.0492 3764 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:35:59.0524 3764 QWAVEdrv - ok
19:35:59.0570 3764 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:35:59.0664 3764 RasAcd - ok
19:35:59.0711 3764 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:35:59.0820 3764 RasAgileVpn - ok
19:35:59.0898 3764 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:35:59.0960 3764 RasAuto - ok
19:36:00.0007 3764 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:36:00.0148 3764 Rasl2tp - ok
19:36:00.0194 3764 [ F86A88F786D134273FA92C8FC4D224DC ] RasMan C:\Windows\System32\rasmans.dll
19:36:00.0257 3764 RasMan - ok
19:36:00.0319 3764 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:36:00.0413 3764 RasPppoe - ok
19:36:00.0413 3764 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:36:00.0506 3764 RasSstp - ok
19:36:00.0522 3764 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:36:00.0600 3764 rdbss - ok
19:36:00.0631 3764 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:36:00.0662 3764 rdpbus - ok
19:36:00.0694 3764 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:36:00.0772 3764 RDPCDD - ok
19:36:00.0834 3764 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:36:00.0912 3764 RDPENCDD - ok
19:36:00.0943 3764 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:36:01.0037 3764 RDPREFMP - ok
19:36:01.0084 3764 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:36:01.0177 3764 RDPWD - ok
19:36:01.0240 3764 [ 65DB288F7372B1F632891FC32BF908B7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:36:01.0286 3764 rdyboost - ok
19:36:01.0349 3764 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:36:01.0442 3764 RemoteAccess - ok
19:36:01.0489 3764 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:36:01.0614 3764 RemoteRegistry - ok
19:36:01.0692 3764 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:36:01.0739 3764 RFCOMM - ok
19:36:01.0770 3764 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:36:01.0848 3764 RpcEptMapper - ok
19:36:01.0879 3764 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:36:01.0942 3764 RpcLocator - ok
19:36:01.0973 3764 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
19:36:02.0051 3764 RpcSs - ok
19:36:02.0113 3764 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:36:02.0222 3764 rspndr - ok
19:36:02.0332 3764 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
19:36:02.0378 3764 RS_Service - ok
19:36:02.0394 3764 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
19:36:02.0441 3764 SamSs - ok
19:36:02.0503 3764 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
19:36:02.0550 3764 sbp2port - ok
19:36:02.0597 3764 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:36:02.0690 3764 SCardSvr - ok
19:36:02.0706 3764 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:36:02.0784 3764 scfilter - ok
19:36:02.0862 3764 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
19:36:02.0940 3764 Schedule - ok
19:36:02.0971 3764 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:36:03.0049 3764 SCPolicySvc - ok
19:36:03.0080 3764 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:36:03.0158 3764 SDRSVC - ok
19:36:03.0221 3764 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:36:03.0314 3764 secdrv - ok
19:36:03.0392 3764 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:36:03.0533 3764 seclogon - ok
19:36:03.0580 3764 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
19:36:03.0689 3764 SENS - ok
19:36:03.0736 3764 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:36:03.0782 3764 Serenum - ok
19:36:03.0829 3764 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:36:03.0892 3764 Serial - ok
19:36:03.0938 3764 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:36:03.0985 3764 sermouse - ok
19:36:04.0032 3764 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
19:36:04.0188 3764 SessionEnv - ok
19:36:04.0204 3764 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:36:04.0250 3764 sffdisk - ok
19:36:04.0266 3764 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:36:04.0297 3764 sffp_mmc - ok
19:36:04.0313 3764 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:36:04.0360 3764 sffp_sd - ok
19:36:04.0375 3764 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:36:04.0406 3764 sfloppy - ok
19:36:04.0547 3764 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:36:04.0625 3764 Sftfs - ok
19:36:04.0812 3764 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
19:36:04.0874 3764 sftlist - ok
19:36:04.0906 3764 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:36:04.0937 3764 Sftplay - ok
19:36:04.0984 3764 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:36:05.0015 3764 Sftredir - ok
19:36:05.0046 3764 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:36:05.0062 3764 Sftvol - ok
19:36:05.0108 3764 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
19:36:05.0140 3764 sftvsa - ok
19:36:05.0233 3764 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:36:05.0327 3764 SharedAccess - ok
19:36:05.0389 3764 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:36:05.0483 3764 ShellHWDetection - ok
19:36:05.0545 3764 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
19:36:05.0576 3764 sisagp - ok
19:36:05.0608 3764 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:36:05.0639 3764 SiSRaid2 - ok
19:36:05.0670 3764 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:36:05.0701 3764 SiSRaid4 - ok
19:36:05.0795 3764 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:36:05.0842 3764 SkypeUpdate - ok
19:36:05.0904 3764 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:36:06.0013 3764 Smb - ok
19:36:06.0091 3764 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:36:06.0138 3764 SNMPTRAP - ok
19:36:06.0169 3764 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:36:06.0200 3764 spldr - ok
19:36:06.0325 3764 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\Windows\System32\spoolsv.exe
19:36:06.0512 3764 Spooler - ok
19:36:06.0731 3764 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
19:36:06.0965 3764 sppsvc - ok
19:36:07.0058 3764 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:36:07.0168 3764 sppuinotify - ok
19:36:07.0214 3764 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:36:07.0292 3764 srv - ok
19:36:07.0370 3764 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:36:07.0433 3764 srv2 - ok
19:36:07.0480 3764 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:36:07.0526 3764 srvnet - ok
19:36:07.0604 3764 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:36:07.0698 3764 SSDPSRV - ok
19:36:07.0714 3764 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:36:07.0792 3764 SstpSvc - ok
19:36:07.0823 3764 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:36:07.0854 3764 stexstor - ok
19:36:07.0916 3764 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
19:36:07.0994 3764 StiSvc - ok
19:36:08.0026 3764 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:36:08.0104 3764 swenum - ok
19:36:08.0150 3764 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:36:08.0244 3764 swprv - ok
19:36:08.0306 3764 [ 5CDD124913E91C7F79B4D5CAE1C7C4DE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:36:08.0338 3764 SynTP - ok
19:36:08.0494 3764 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
19:36:08.0634 3764 SysMain - ok
19:36:08.0665 3764 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:36:08.0728 3764 TabletInputService - ok
19:36:08.0759 3764 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
19:36:08.0837 3764 TapiSrv - ok
19:36:08.0899 3764 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:36:08.0993 3764 TBS - ok
19:36:09.0118 3764 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:36:09.0227 3764 Tcpip - ok
19:36:09.0274 3764 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:36:09.0352 3764 TCPIP6 - ok
19:36:09.0414 3764 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:36:09.0523 3764 tcpipreg - ok
19:36:09.0554 3764 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:36:09.0632 3764 TDPIPE - ok
19:36:09.0664 3764 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:36:09.0710 3764 TDTCP - ok
19:36:09.0773 3764 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:36:09.0851 3764 tdx - ok
19:36:09.0866 3764 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:36:09.0898 3764 TermDD - ok
19:36:09.0960 3764 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
19:36:10.0100 3764 TermService - ok
19:36:10.0163 3764 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:36:10.0210 3764 Themes - ok
19:36:10.0241 3764 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:36:10.0319 3764 THREADORDER - ok
19:36:10.0366 3764 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:36:10.0444 3764 TrkWks - ok
19:36:10.0537 3764 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:36:10.0631 3764 TrustedInstaller - ok
19:36:10.0678 3764 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:36:10.0756 3764 tssecsrv - ok
19:36:10.0834 3764 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:36:10.0927 3764 tunnel - ok
19:36:10.0990 3764 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:36:11.0036 3764 uagp35 - ok
19:36:11.0083 3764 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:36:11.0161 3764 udfs - ok
19:36:11.0224 3764 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:36:11.0270 3764 UI0Detect - ok
19:36:11.0317 3764 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
19:36:11.0348 3764 uliagpkx - ok
19:36:11.0411 3764 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:36:11.0458 3764 umbus - ok
19:36:11.0504 3764 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:36:11.0567 3764 UmPass - ok
19:36:11.0582 3764 [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:36:11.0614 3764 Updater Service - ok
19:36:11.0707 3764 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:36:11.0801 3764 upnphost - ok
19:36:11.0863 3764 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:36:11.0926 3764 USBAAPL - ok
19:36:12.0004 3764 [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:36:12.0066 3764 usbaudio - ok
19:36:12.0113 3764 [ 5C233AEFB566EE78C1EFBC0493FB066A ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:36:12.0206 3764 usbccgp - ok
19:36:12.0269 3764 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
19:36:12.0331 3764 usbcir - ok
19:36:12.0362 3764 [ 5B71019A6ACA0116FD21B368F19C0B91 ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:36:12.0425 3764 usbehci - ok
19:36:12.0472 3764 [ 5823D3965C2A4F6F785ED1A3B403F3B8 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:36:12.0518 3764 usbhub - ok
19:36:12.0581 3764 [ E753ED6C49DA13967EBABF9EA616454A ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:36:12.0612 3764 usbohci - ok
19:36:12.0659 3764 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:36:12.0721 3764 usbprint - ok
19:36:12.0752 3764 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:36:12.0799 3764 USBSTOR - ok
19:36:12.0862 3764 [ 6A30928A469CE802600E1EA8C0F2F53F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:36:12.0908 3764 usbuhci - ok
19:36:12.0971 3764 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:36:13.0049 3764 usbvideo - ok
19:36:13.0111 3764 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:36:13.0205 3764 UxSms - ok
19:36:13.0252 3764 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
19:36:13.0298 3764 VaultSvc - ok
19:36:13.0361 3764 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
19:36:13.0392 3764 vdrvroot - ok
19:36:13.0439 3764 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
19:36:13.0501 3764 vds - ok
19:36:13.0548 3764 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:36:13.0579 3764 vga - ok
19:36:13.0595 3764 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:36:13.0673 3764 VgaSave - ok
19:36:13.0704 3764 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
19:36:13.0751 3764 vhdmp - ok
19:36:13.0766 3764 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
19:36:13.0798 3764 viaagp - ok
19:36:13.0860 3764 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:36:13.0954 3764 ViaC7 - ok
19:36:13.0985 3764 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
19:36:14.0016 3764 viaide - ok
19:36:14.0047 3764 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
19:36:14.0078 3764 volmgr - ok
19:36:14.0094 3764 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:36:14.0141 3764 volmgrx - ok
19:36:14.0203 3764 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
19:36:14.0297 3764 volsnap - ok
19:36:14.0344 3764 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:36:14.0406 3764 vsmraid - ok
19:36:14.0546 3764 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
19:36:14.0640 3764 VSS - ok
19:36:14.0671 3764 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:36:14.0734 3764 vwifibus - ok
19:36:14.0749 3764 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:36:14.0796 3764 vwififlt - ok
19:36:14.0827 3764 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:36:14.0921 3764 vwifimp - ok
19:36:15.0046 3764 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:36:15.0155 3764 W32Time - ok
19:36:15.0202 3764 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:36:15.0233 3764 WacomPen - ok
19:36:15.0280 3764 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:36:15.0358 3764 WANARP - ok
19:36:15.0373 3764 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:36:15.0451 3764 Wanarpv6 - ok
19:36:15.0623 3764 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
19:36:15.0716 3764 wbengine - ok
19:36:15.0779 3764 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:36:15.0857 3764 WbioSrvc - ok
19:36:15.0919 3764 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:36:15.0982 3764 wcncsvc - ok
19:36:16.0013 3764 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:36:16.0091 3764 WcsPlugInService - ok
19:36:16.0138 3764 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:36:16.0184 3764 Wd - ok
19:36:16.0216 3764 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:36:16.0262 3764 Wdf01000 - ok
19:36:16.0356 3764 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:36:16.0434 3764 WdiServiceHost - ok
19:36:16.0450 3764 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:36:16.0512 3764 WdiSystemHost - ok
19:36:16.0559 3764 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
19:36:16.0652 3764 WebClient - ok
19:36:16.0684 3764 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:36:16.0762 3764 Wecsvc - ok
19:36:16.0793 3764 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:36:16.0886 3764 wercplsupport - ok
19:36:16.0964 3764 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:36:17.0058 3764 WerSvc - ok
19:36:17.0089 3764 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:36:17.0167 3764 WfpLwf - ok
19:36:17.0183 3764 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:36:17.0214 3764 WIMMount - ok
19:36:17.0323 3764 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:36:17.0401 3764 WinDefend - ok
19:36:17.0417 3764 WinHttpAutoProxySvc - ok
19:36:17.0495 3764 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:36:17.0573 3764 Winmgmt - ok
19:36:17.0713 3764 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
19:36:17.0885 3764 WinRM - ok
19:36:17.0963 3764 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:36:18.0010 3764 WinUsb - ok
19:36:18.0119 3764 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:36:18.0212 3764 Wlansvc - ok
19:36:18.0306 3764 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:36:18.0353 3764 WmiAcpi - ok
19:36:18.0415 3764 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:36:18.0493 3764 wmiApSrv - ok
19:36:18.0602 3764 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:36:18.0712 3764 WMPNetworkSvc - ok
19:36:18.0758 3764 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:36:18.0805 3764 WPCSvc - ok
19:36:18.0836 3764 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:36:18.0899 3764 WPDBusEnum - ok
19:36:18.0914 3764 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:36:19.0008 3764 ws2ifsl - ok
19:36:19.0086 3764 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\system32\wscsvc.dll
19:36:19.0148 3764 wscsvc - ok
19:36:19.0211 3764 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
19:36:19.0273 3764 WSDPrintDevice - ok
19:36:19.0273 3764 WSearch - ok
19:36:19.0476 3764 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:36:19.0585 3764 wuauserv - ok
19:36:19.0632 3764 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:36:19.0694 3764 WudfPf - ok
19:36:19.0772 3764 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:36:19.0866 3764 WUDFRd - ok
19:36:19.0928 3764 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:36:20.0022 3764 wudfsvc - ok
19:36:20.0069 3764 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:36:20.0131 3764 WwanSvc - ok
19:36:20.0162 3764 ================ Scan global ===============================
19:36:20.0194 3764 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
19:36:20.0240 3764 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
19:36:20.0256 3764 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
19:36:20.0303 3764 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:36:20.0350 3764 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:36:20.0365 3764 [Global] - ok
19:36:20.0365 3764 ================ Scan MBR ==================================
19:36:20.0396 3764 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:36:22.0190 3764 \Device\Harddisk0\DR0 - ok
19:36:22.0190 3764 ================ Scan VBR ==================================
19:36:22.0222 3764 [ 67CE8E58A38BA96A83FB75A66BD4B257 ] \Device\Harddisk0\DR0\Partition1
19:36:22.0237 3764 \Device\Harddisk0\DR0\Partition1 - ok
19:36:22.0253 3764 [ 68E70BF85BC3989F19D1008B42690831 ] \Device\Harddisk0\DR0\Partition2
19:36:22.0253 3764 \Device\Harddisk0\DR0\Partition2 - ok
19:36:22.0253 3764 ============================================================
19:36:22.0253 3764 Scan finished
19:36:22.0253 3764 ============================================================
19:36:22.0300 3760 Detected object count: 0
19:36:22.0300 3760 Actual detected object count: 0

xqme4asking

Rookie Surfer
Rookie Surfer

Posts : 70
Joined : 2010-07-04
Operating System : Windows 7 Starter 32

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by Gabethebabe on Thu 04 Oct 2012, 5:22 pm

Looking good!

How is your computer running now?

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by xqme4asking on Fri 05 Oct 2012, 11:27 am

Seems to be good, no longer running in safe mode. is there a program i can download to prevent this from happening again?

xqme4asking

Rookie Surfer
Rookie Surfer

Posts : 70
Joined : 2010-07-04
Operating System : Windows 7 Starter 32

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by Gabethebabe on Fri 05 Oct 2012, 5:01 pm

Have a look at my list of recommendations. Surf on safe sites is usually the best way to prevent infections and don't downlaod shady software.

====================

Time to uninstall used tools.

  • Go to Start > Run and type or copy/paste Combofix /uninstall (note the space before the "/").
  • Double click OTL.exe to run it again and click the CleanUp button.
  • If we used any other tools and they still remain on your desktop, please delete them manually.

====================

Allright! Here follows my ALORTKYCC (Awesome List Of Recommendations To Keep Your Computer Clean):

1) Keep your Windows up-to-date. Windows Autoupdate should be ON (see Start >> Control Panel >> Security Center). An alternative way (but more time-consuming) is to periodically visit [You must be registered and logged in to see this link.]. Hackers are looking every day for new security holes. Microsoft keeps patching them. You cannot fall behind in this race, it will make your system vulnerable.

2) For your average daily computer activities, use a limited/standard user account, not an administrator account. If you use Vista/WIN7 do not disable User Account Control (UAC). You would be amazed to know how much malware cant touch you if you deny it admin rights. Create a separate password-protected administrator account that you use for admin activities, like (un)installing software.

3) Use a good antivirus. There are various free ones, you cannot go wrong with either of the following three:
  • Panda Cloud Antivirus. If you want your antivirus to be light on resources, I recommend Panda. Install without the toolbar.
  • Ad-Aware Free Internet Security has received great reviews from leading security analysts.
  • Avast! is a very complete antivirus, with modules like mailscanner and webshield.

4) If your computer has 1GB system memory or more, you should install a third party firewall, to replace the weak Windows Firewall. I recommend:
  • Comodo Firewall. Install the internet security suite, but without the antivirus and without the Hopsurf toolbar.
  • Online Armor. A very smart and user friendly firewall.
  • Outpost Firewall is another rocksolid choice.

Note: you should run only ONE antivirus and ONE firewall. Running multiples of either is bad, it will cause slowdowns and/or conflicts.

5) Miscellaneous advice:
  • Stay away from cracks and keygens (look [You must be registered and logged in to see this link.] for the why). Get free software instead. Gizmo is an excellent source of freeware reviews.
  • Navigate safely. Google Chrome is the safest browser available. However, Mozilla Firefox can be made extremely safe with the NoScript addon. Internet Explorer (always use the last version) can be made a lot safer with Spywareblaster (manual here).
  • The WOT (Webs Of Trust) addon will help you to stay on reliable webpages.
  • WinPatrol alerts you when changes are made in vital system areas. Especially good on light systems not running a third party firewall.
  • Make sure you have ways to recuperate your operating system and vital other data if its gets frustrated by malware and/or other problems. A Windows setup CD and recent backups/disk images will be priceless, if you find yourself in an unexpected tight spot.

Finally: did we help you? [You must be registered and logged in to see this link.]!

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by xqme4asking on Sun 07 Oct 2012, 12:37 pm

I'm unable to run the OTL as it gives me a message that states Access violation at address CCCC0460. Read of address CCCC0460

xqme4asking

Rookie Surfer
Rookie Surfer

Posts : 70
Joined : 2010-07-04
Operating System : Windows 7 Starter 32

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by Gabethebabe on Sun 07 Oct 2012, 9:48 pm

Ok, just delete it from your desktop right away then


Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: FBI Money Pak Help Needed

Post by Sponsored content Today at 4:28 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum