Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pum.Hijack


  • This topic is locked This topic is locked
13 replies to this topic

#1 cowboys2006

cowboys2006

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 23 July 2012 - 11:19 AM

Ok I have noticed today that I no longer have the option to do things a admin does on the computer. Like I cant access my computer icon. Control panel. I did a scan with malware bytes and this is what I got. I am going to disinfect remove and see what happens. But i am not sure if i will still be infected. Can someone plz help my.

Thank you.

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.23.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Dsvczm :: DSVCZM-PC [administrator]

7/23/2012 11:10:53 AM
mbam-log-2012-07-23 (11-16-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215774
Time elapsed: 4 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoRun (PUM.Hijack.Run) -> Bad: (1) Good: (0) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSetActiveDesktop (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSetFolders (PUM.Hijack.Explorer) -> Bad: (1) Good: (0) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.
HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions|NoBrowserContextMenu (PUM.RightClick.Disabled) -> Bad: (1) Good: (0) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.23.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Dsvczm :: DSVCZM-PC [administrator]

7/23/2012 11:10:53 AM
mbam-log-2012-07-23 (11-10-53).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215774
Time elapsed: 4 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoRun (PUM.Hijack.Run) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSetActiveDesktop (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSetFolders (PUM.Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions|NoBrowserContextMenu (PUM.RightClick.Disabled) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Edited by cowboys2006, 23 July 2012 - 11:20 AM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:39 PM

Posted 23 July 2012 - 12:18 PM

How are things now?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 cowboys2006

cowboys2006
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 23 July 2012 - 12:26 PM

I am still not able to do things. Like I cant access my computer. I have a external hard drive and i cant open it. also I cant drag icons from the start up menu to the desktop. I am doing a full scan with malware bytes right now will post log once it finish and see what it shows up. My control panel came back after the quick scan was made. But like I said I am still missing things and stuff that I can normally do.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:39 PM

Posted 23 July 2012 - 12:27 PM

Let me know.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 cowboys2006

cowboys2006
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 23 July 2012 - 12:48 PM

ok i got this log but feel that theres more to it but its just that malware bytes not detecting anything

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.23.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Dsvczm :: DSVCZM-PC [administrator]

7/23/2012 11:42:17 AM
mbam-log-2012-07-23 (11-42-17).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 412408
Time elapsed: 1 hour(s), 3 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:39 PM

Posted 23 July 2012 - 12:53 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 cowboys2006

cowboys2006
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 23 July 2012 - 03:31 PM

ok here are the logs I was not able to run security check says that Panda GP 2012 has cataloged this page as a Malware page. i have already disabled and shut it down and still wont allow me to access it. here are the otehr logs i am not sure if avast finished it stopped doing it and just stayed there plz advise. thank you. by the way I still cannot access my computer icon. Where i have all my icons for flash drives and also my external hard drive i have unplugged it and plugged it on still nothing thanks again







Farbar Service Scanner Version: 22-07-2012
Ran by Dsvczm (administrator) on 23-07-2012 at 15:13:16
Running from "C:\Users\Dsvczm\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
IE proxy is enabled.



Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Demand
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




MiniToolBox by Farbar Version: 23-07-2012
Ran by Dsvczm (administrator) on 23-07-2012 at 15:14:21
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.1.1 publish=Yes
add address name="Local Area Connection" address=192.168.1.45 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Dsvczm-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 10-78-D2-DD-25-33
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b037:f7fa:d973:541f%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.45(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 235960530
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-15-B8-3E-10-78-D2-DD-25-33
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{ED5E580A-AB82-4938-AE33-0B005A19ABCC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:402:2826:b584:979c(Preferred)
Link-local IPv6 Address . . . . . : fe80::402:2826:b584:979c%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Redpenguin
Address: 192.168.1.1

Name: google.com
Addresses: 2001:4860:4002:800::1008
74.125.227.8
74.125.227.7
74.125.227.6
74.125.227.5
74.125.227.4
74.125.227.3
74.125.227.2
74.125.227.1
74.125.227.0
74.125.227.14
74.125.227.9


Pinging google.com [74.125.227.9] with 32 bytes of data:
Reply from 74.125.227.9: bytes=32 time=31ms TTL=53
Reply from 74.125.227.9: bytes=32 time=28ms TTL=53

Ping statistics for 74.125.227.9:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 31ms, Average = 29ms
Server: Redpenguin
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=48ms TTL=47
Reply from 209.191.122.70: bytes=32 time=72ms TTL=47

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 48ms, Maximum = 72ms, Average = 60ms
Server: Redpenguin
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...10 78 d2 dd 25 33 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.45 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.45 30
169.254.255.255 255.255.255.255 On-link 192.168.1.45 276
192.168.1.0 255.255.255.0 On-link 192.168.1.45 276
192.168.1.45 255.255.255.255 On-link 192.168.1.45 276
192.168.1.255 255.255.255.255 On-link 192.168.1.45 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.45 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.45 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:402:2826:b584:979c/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::402:2826:b584:979c/128
On-link
11 276 fe80::b037:f7fa:d973:541f/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/23/2012 01:27:19 PM) (Source: Application Error) (User: )
Description: Faulting application name: TPSrvWow.exe, version: 9.2.2.1, time stamp: 0x4da6fd2f
Faulting module name: PavTPLspWow.dll_unloaded, version: 0.0.0.0, time stamp: 0x4d7f6090
Exception code: 0xc0000005
Fault offset: 0x502c3a39
Faulting process id: 0x1240
Faulting application start time: 0xTPSrvWow.exe0
Faulting application path: TPSrvWow.exe1
Faulting module path: TPSrvWow.exe2
Report Id: TPSrvWow.exe3

Error: (07/23/2012 01:11:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: TPSrvWow.exe, version: 9.2.2.1, time stamp: 0x4da6fd2f
Faulting module name: PavTPLspWow.dll_unloaded, version: 0.0.0.0, time stamp: 0x4d7f6090
Exception code: 0xc0000005
Fault offset: 0x502c3a39
Faulting process id: 0x538
Faulting application start time: 0xTPSrvWow.exe0
Faulting application path: TPSrvWow.exe1
Faulting module path: TPSrvWow.exe2
Report Id: TPSrvWow.exe3

Error: (07/23/2012 01:05:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2012 00:51:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: TPSrvWow.exe, version: 9.2.2.1, time stamp: 0x4da6fd2f
Faulting module name: PavTPLspWow.dll_unloaded, version: 0.0.0.0, time stamp: 0x4d7f6090
Exception code: 0xc0000005
Fault offset: 0x502c3a39
Faulting process id: 0xcd8
Faulting application start time: 0xTPSrvWow.exe0
Faulting application path: TPSrvWow.exe1
Faulting module path: TPSrvWow.exe2
Report Id: TPSrvWow.exe3

Error: (07/23/2012 11:31:32 AM) (Source: Application Error) (User: )
Description: Faulting application name: TPSrvWow.exe, version: 9.2.2.1, time stamp: 0x4da6fd2f
Faulting module name: PavTPLspWow.dll_unloaded, version: 0.0.0.0, time stamp: 0x4d7f6090
Exception code: 0xc0000005
Fault offset: 0x502c3a39
Faulting process id: 0x59c
Faulting application start time: 0xTPSrvWow.exe0
Faulting application path: TPSrvWow.exe1
Faulting module path: TPSrvWow.exe2
Report Id: TPSrvWow.exe3

Error: (07/23/2012 11:26:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2012 11:16:31 AM) (Source: CVHSVC) (User: )
Description: Information only.
Error: The parameter is incorrect.
ErrorCode: 14007(0x36b7).

Error: (07/23/2012 11:05:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2012 09:42:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2012 09:42:39 AM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Removed WeatherBug). Additional information: 0x80070005.


System errors:
=============
Error: (07/23/2012 01:28:14 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/23/2012 01:27:33 PM) (Source: Service Control Manager) (User: )
Description: The System Event Notification Service service terminated with the following error:
%%997

Error: (07/23/2012 01:27:30 PM) (Source: Service Control Manager) (User: )
Description: The Panda TPSrv service terminated unexpectedly. It has done this 2 time(s).

Error: (07/23/2012 01:27:11 PM) (Source: Service Control Manager) (User: )
Description: The Panda Process Protection Service service terminated unexpectedly. It has done this 2 time(s).

Error: (07/23/2012 01:27:02 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 2 time(s).

Error: (07/23/2012 01:11:48 PM) (Source: Service Control Manager) (User: )
Description: The Panda TPSrv service terminated unexpectedly. It has done this 1 time(s).

Error: (07/23/2012 01:11:46 PM) (Source: Service Control Manager) (User: )
Description: The System Event Notification Service service terminated with the following error:
%%997

Error: (07/23/2012 01:11:29 PM) (Source: Service Control Manager) (User: )
Description: The Panda Process Protection Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/23/2012 01:11:21 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).

Error: (07/23/2012 01:03:15 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!


Microsoft Office Sessions:
=========================
Error: (07/23/2012 01:27:19 PM) (Source: Application Error)(User: )
Description: TPSrvWow.exe9.2.2.14da6fd2fPavTPLspWow.dll_unloaded0.0.0.04d7f6090c0000005502c3a39124001cd69000eca8df4C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\TPSrvWow.exePavTPLspWow.dll08dbf29f-d4f4-11e1-b53e-1078d2dd2533

Error: (07/23/2012 01:11:46 PM) (Source: Application Error)(User: )
Description: TPSrvWow.exe9.2.2.14da6fd2fPavTPLspWow.dll_unloaded0.0.0.04d7f6090c0000005502c3a3953801cd68fd745e0f8fC:\Program Files (x86)\Panda Security\Panda Global Protection 2012\TPSrvWow.exePavTPLspWow.dlldccbeffe-d4f1-11e1-b53e-1078d2dd2533

Error: (07/23/2012 01:05:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2012 00:51:22 PM) (Source: Application Error)(User: )
Description: TPSrvWow.exe9.2.2.14da6fd2fPavTPLspWow.dll_unloaded0.0.0.04d7f6090c0000005502c3a39cd801cd68f0e215a42eC:\Program Files (x86)\Panda Security\Panda Global Protection 2012\TPSrvWow.exePavTPLspWow.dll03045584-d4ef-11e1-8b44-1078d2dd2533

Error: (07/23/2012 11:31:32 AM) (Source: Application Error)(User: )
Description: TPSrvWow.exe9.2.2.14da6fd2fPavTPLspWow.dll_unloaded0.0.0.04d7f6090c0000005502c3a3959c01cd68efd788c00fC:\Program Files (x86)\Panda Security\Panda Global Protection 2012\TPSrvWow.exePavTPLspWow.dlldc4f5e00-d4e3-11e1-8b44-1078d2dd2533

Error: (07/23/2012 11:26:53 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2012 11:16:31 AM) (Source: CVHSVC)(User: )
Description: Error: The parameter is incorrect.
ErrorCode: 14007(0x36b7).

Error: (07/23/2012 11:05:55 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2012 09:42:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2012 09:42:39 AM) (Source: System Restore)(User: )
Description: Removed WeatherBug0x80070005


=========================== Installed Programs ============================

Acer eDisplay Management (Version: 1.34.003)
Acer eRecovery Management (Version: 5.00.3504)
Acer Games (Version: 1.0.2.5)
Acer Registration (Version: 1.04.3503)
Acer ScreenSaver (Version: 1.1.0609.2011)
Acer Updater (Version: 1.02.3500)
Adobe AIR (Version: 2.7.0.19480)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Agatha Christie - Death on the Nile (Version: 2.2.0.98)
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 6.2.3.10)
aioscnnr (Version: 7.3.4.0)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.60503.2208)
ATI AVIVO64 Codecs (Version: 11.6.0.10503)
ATI Catalyst Install Manager (Version: 3.0.829.0)
AVIGenerator V1.0.0.0
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blender (Version: 2.63-release)
Build-a-lot 4 - Power Source (Version: 2.2.0.97)
C3D (Version: 1.0.0.252)
C3D64 (Version: 1.0.0.252)
C3DHelp (Version: 1.0.0.252)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.1.2)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.9.0.9)
Canon MOV Decoder (Version: 1.8.0.7)
Canon MOV Encoder (Version: 1.6.0.1)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.7.0.4)
Canon Utilities Digital Photo Professional 3.10 (Version: 3.10.0.0)
Canon Utilities EOS Sample Music (Version: 1.0.0.204)
Canon Utilities EOS Utility (Version: 2.10.0.0)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (Version: 1.0.0.10)
Canon Utilities Movie Uploader for YouTube (Version: 1.2.0.7)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities Picture Style Editor (Version: 1.9.0.0)
Canon Utilities ZoomBrowser EX (Version: 6.7.0.24)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.5.0.9)
Catalyst Control Center (Version: 2011.0512.1812.30806)
Catalyst Control Center InstallProxy (Version: 2011.0512.1812.30806)
Catalyst Control Center Localization All (Version: 2011.0512.1812.30806)
Catalyst Control Center Profiles Mobile (Version: 2011.0512.1812.30806)
ccc-utility64 (Version: 2011.0512.1812.30806)
CCC Help Chinese Standard (Version: 2011.0512.1811.30806)
CCC Help Chinese Traditional (Version: 2011.0512.1811.30806)
CCC Help Czech (Version: 2011.0512.1811.30806)
CCC Help Danish (Version: 2011.0512.1811.30806)
CCC Help Dutch (Version: 2011.0512.1811.30806)
CCC Help English (Version: 2011.0512.1811.30806)
CCC Help Finnish (Version: 2011.0512.1811.30806)
CCC Help French (Version: 2011.0512.1811.30806)
CCC Help German (Version: 2011.0512.1811.30806)
CCC Help Greek (Version: 2011.0512.1811.30806)
CCC Help Hungarian (Version: 2011.0512.1811.30806)
CCC Help Italian (Version: 2011.0512.1811.30806)
CCC Help Japanese (Version: 2011.0512.1811.30806)
CCC Help Korean (Version: 2011.0512.1811.30806)
CCC Help Norwegian (Version: 2011.0512.1811.30806)
CCC Help Polish (Version: 2011.0512.1811.30806)
CCC Help Portuguese (Version: 2011.0512.1811.30806)
CCC Help Russian (Version: 2011.0512.1811.30806)
CCC Help Spanish (Version: 2011.0512.1811.30806)
CCC Help Swedish (Version: 2011.0512.1811.30806)
CCC Help Thai (Version: 2011.0512.1811.30806)
CCC Help Turkish (Version: 2011.0512.1811.30806)
center (Version: 6.2.5.0)
Chronicles of Albian (Version: 2.2.0.95)
Cisco Connect (Version: 1.0.10028.0)
Citrix online plug-in - web (Version: 11.2.0.31560)
Citrix online plug-in (DV) (Version: 11.2.0.31560)
Citrix online plug-in (HDX) (Version: 11.2.0.31560)
Citrix online plug-in (USB) (Version: 11.2.0.31560)
Citrix online plug-in (Web) (Version: 11.2.0.31560)
clear.fi (Version: 1.0.1517_36458)
clear.fi (Version: 1.0.2228.15)
clear.fi (Version: 9.0.8228)
clear.fi Client (Version: 1.00.3500)
Contents (Version: 15.0.0.258)
Convergys Health Checker (Version: 1.0.4)
ConvertXtoDVD 4.1.10.348 (Version: 4.1.10.348)
Corel MotionStudio 3D 1.0 (Version: 1.0.0.252)
Corel Paint Shop Pro Photo X2 (Version: 12.50.0001)
Corel VideoStudio Ultimate X5 (Version: 15.0.0.258)
Cradle of Rome 2 (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
Deluge 1.3.5
Dora's World Adventure (Version: 2.2.0.95)
DVDFab 8.1.8.1 (05/05/2012) Qt Beta
eBay Worldwide (Version: 2.2.0409)
essentials (Version: 6.0.14.0)
Etron USB3.0 Host Controller (Version: 0.103)
Final Drive: Nitro (Version: 2.2.0.95)
FormatFactory 2.90 (Version: 2.90)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hotkey Utility (Version: 2.05.3505)
ICA (Version: 1.0.0.252)
ICA (Version: 15.0.0.258)
Identity Card (Version: 1.00.3501)
ImgBurn (Version: 2.5.6.0)
IPM_C3D (Version: 1.0.0.252)
IPM_VS_Pro (Version: 15.0)
ISCOM (Version: 15.0.0.258)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 3 (64-bit) (Version: 7.0.30)
Jewel Match 3 (Version: 2.2.0.97)
join.me (Version: 1.3.1.431)
Junk Mail filter update (Version: 15.4.3502.0922)
Kodak AIO Printer (Version: 7.3.4.0)
KODAK AiO Software (Version: 7.3.8.20)
KODAK All-in-One Printer Software
LightScribe Applications (Version: 1.18.15.1)
LightScribe System Software (Version: 1.18.24.1)
LightScribe Template Designs - Animal Pack 1 (Version: 1.17.0.0)
LightScribe Template Designs - Floral Pack 1 (Version: 1.15.0.0)
LightScribe Template Designs - Hobby Pack 1 (Version: 1.15.0.0)
LightScribe Template Designs - Kids Korner Pack 1 (Version: 1.17.0.0)
LightScribe Template Designs - Life Events Pack 1 (Version: 1.17.146.0)
LightScribe Template Designs - Nature Pack 1 (Version: 1.17.0.0)
LightScribe Template Designs - Seasonal Pack 1 (Version: 1.15.0.0)
LightScribe Template Designs - Tie The Knot (Version: 1.18.8.110)
LightScribe Template Labeler (Version: 1.18.24.1)
Magic Photo Editor 6.1
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Memeo Send (Version: 1.5.0.2904)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.202)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery of Mortlake Mansion (Version: 2.2.0.98)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (Version: 4.0.14.27)
MyWinLocker Suite (Version: 4.0.14.18)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
netbrdg (Version: 6.04.0000.0001)
NetTools 5.0 (Version: 5.0)
NetViewer 1.2.5.99 (Version: 1.2.5.99)
NOOK for PC (Version: 2.5.4.7070)
ocr (Version: 6.2.3.50)
Panda ActiveScan Cleaner (Version: 1.0.22)
Panda Global Protection 2012 (Version: 5.01.00)
Panda Secure Vault 5
PDF Settings (Version: 1.0)
Penguins! (Version: 2.2.0.95)
Pivot Pro Plugin (Version: 9.50.110)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Playback 2.3.0.4
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
Power Audio Editor v7.4.0.10
PowerCinema NE for Everio
PowerDirector Express
PowerISO
PowerProducer
PreReq (Version: 6.2.3.0)
QuickTime (Version: 7.55.90.70)
Realtek Ethernet Controller Driver (Version: 7.45.516.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6299)
Revo Uninstaller Pro 2.2.0 (Version: 2.2.0)
Sandboxie 3.72 (64-bit) (Version: 3.72)
SDK (Version: 2.22.002)
Seagate Dashboard (Version: 1.1.0.1421)
SeaTools for Windows (Version: 1.2.0.6)
Setup (Version: 1.0.0.252)
Setup (Version: 15.0.0.258)
SFR (Version: 6.04.0000.0001)
Share (Version: 15.0.0.258)
Share64 (Version: 15.0.0.258)
Shredder (Version: 2.0.8.9)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.6)
SpywareBlaster 4.6 (Version: 4.6.0)
SUPERAntiSpyware (Version: 5.0.1134)
Times Reader (Version: 2.055)
Torchlight (Version: 2.2.0.97)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
vReveal 3
VSClassic (Version: 15.0.0.258)
VSHelp (Version: 15.0.0.258)
VSUltimate (Version: 15.0.0.258)
Vuze (Version: 4.7)
Wah Assistant (Version: 2.0.0.7)
Welcome Center (Version: 1.02.3503)
West At Home Gateway V2 (Version: 2.0.0.30)
WildTangent Games App (Acer Games) (Version: 4.0.5.14)
Windows 7 Codec Pack 2.3.0
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
WinPcap 3.0
WinZip 16.0 (Version: 16.0.9715)
Yahoo! Messenger
Yahoo! Software Update
Zuma's Revenge (Version: 2.2.0.97)

========================= Devices: ================================

Name: ATAPI DVD A DH16ABSH SCSI CdRom Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.

Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.


========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 9894.77 MB
Available physical RAM: 7714.51 MB
Total Pagefile: 19787.72 MB
Available Pagefile: 17252.03 MB
Total Virtual: 4095.88 MB
Available Virtual: 3950.73 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:916.41 GB) (Free:843.54 GB) NTFS

========================= Users: ========================================

User accounts for \\DSVCZM-PC

Administrator Dsvczm Guest


**** End of log ****








aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-23 15:15:09
-----------------------------
15:15:09.067 OS Version: Windows x64 6.1.7601 Service Pack 1
15:15:09.067 Number of processors: 4 586 0x102
15:15:09.067 ComputerName: DSVCZM-PC UserName: Dsvczm
15:15:10.643 Initialize success
15:19:01.185 AVAST engine defs: 12072301
15:21:21.482 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000076
15:21:21.482 Disk 0 Vendor: WDC____ 77.04D77 Size: 953869MB BusType: 8
15:21:21.482 Disk 0 MBR read successfully
15:21:21.482 Disk 0 MBR scan
15:21:21.498 Disk 0 Windows 7 default MBR code
15:21:21.498 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
15:21:21.498 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
15:21:21.513 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 938407 MB offset 31664128
15:21:21.544 Disk 0 scanning C:\Windows\system32\drivers
15:21:27.160 Service scanning
15:21:42.495 Modules scanning
15:21:42.511 Disk 0 trace - called modules:
15:21:42.511 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys
15:21:43.010 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a16b060]
15:21:43.010 3 CLASSPNP.SYS[fffff8800194943f] -> nt!IofCallDriver -> \Device\00000076[0xfffffa80094119c0]
15:21:44.898 AVAST engine scan C:\Windows
15:21:48.018 AVAST engine scan C:\Windows\system32
15:23:38.715 AVAST engine scan C:\Windows\system32\drivers
15:23:47.311 AVAST engine scan C:\Users\Dsvczm
15:27:27.474 Disk 0 MBR has been saved successfully to "C:\Users\Dsvczm\Desktop\MBR.dat"
15:27:27.474 The log file has been saved successfully to "C:\Users\Dsvczm\Desktop\aswMBR.txt"

#8 cowboys2006

cowboys2006
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 23 July 2012 - 03:57 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-23 15:15:09
-----------------------------
15:15:09.067 OS Version: Windows x64 6.1.7601 Service Pack 1
15:15:09.067 Number of processors: 4 586 0x102
15:15:09.067 ComputerName: DSVCZM-PC UserName: Dsvczm
15:15:10.643 Initialize success
15:19:01.185 AVAST engine defs: 12072301
15:21:21.482 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000076
15:21:21.482 Disk 0 Vendor: WDC____ 77.04D77 Size: 953869MB BusType: 8
15:21:21.482 Disk 0 MBR read successfully
15:21:21.482 Disk 0 MBR scan
15:21:21.498 Disk 0 Windows 7 default MBR code
15:21:21.498 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
15:21:21.498 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
15:21:21.513 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 938407 MB offset 31664128
15:21:21.544 Disk 0 scanning C:\Windows\system32\drivers
15:21:27.160 Service scanning
15:21:42.495 Modules scanning
15:21:42.511 Disk 0 trace - called modules:
15:21:42.511 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys
15:21:43.010 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a16b060]
15:21:43.010 3 CLASSPNP.SYS[fffff8800194943f] -> nt!IofCallDriver -> \Device\00000076[0xfffffa80094119c0]
15:21:44.898 AVAST engine scan C:\Windows
15:21:48.018 AVAST engine scan C:\Windows\system32
15:23:38.715 AVAST engine scan C:\Windows\system32\drivers
15:23:47.311 AVAST engine scan C:\Users\Dsvczm
15:27:27.474 Disk 0 MBR has been saved successfully to "C:\Users\Dsvczm\Desktop\MBR.dat"
15:27:27.474 The log file has been saved successfully to "C:\Users\Dsvczm\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-23 15:15:09
-----------------------------
15:15:09.067 OS Version: Windows x64 6.1.7601 Service Pack 1
15:15:09.067 Number of processors: 4 586 0x102
15:15:09.067 ComputerName: DSVCZM-PC UserName: Dsvczm
15:15:10.643 Initialize success
15:19:01.185 AVAST engine defs: 12072301
15:21:21.482 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000076
15:21:21.482 Disk 0 Vendor: WDC____ 77.04D77 Size: 953869MB BusType: 8
15:21:21.482 Disk 0 MBR read successfully
15:21:21.482 Disk 0 MBR scan
15:21:21.498 Disk 0 Windows 7 default MBR code
15:21:21.498 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
15:21:21.498 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
15:21:21.513 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 938407 MB offset 31664128
15:21:21.544 Disk 0 scanning C:\Windows\system32\drivers
15:21:27.160 Service scanning
15:21:42.495 Modules scanning
15:21:42.511 Disk 0 trace - called modules:
15:21:42.511 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys
15:21:43.010 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a16b060]
15:21:43.010 3 CLASSPNP.SYS[fffff8800194943f] -> nt!IofCallDriver -> \Device\00000076[0xfffffa80094119c0]
15:21:44.898 AVAST engine scan C:\Windows
15:21:48.018 AVAST engine scan C:\Windows\system32
15:23:38.715 AVAST engine scan C:\Windows\system32\drivers
15:23:47.311 AVAST engine scan C:\Users\Dsvczm
15:27:27.474 Disk 0 MBR has been saved successfully to "C:\Users\Dsvczm\Desktop\MBR.dat"
15:27:27.474 The log file has been saved successfully to "C:\Users\Dsvczm\Desktop\aswMBR.txt"
15:39:34.861 AVAST engine scan C:\ProgramData
15:40:26.461 Scan finished successfully
15:56:36.195 Disk 0 MBR has been saved successfully to "C:\Users\Dsvczm\Desktop\MBR.dat"
15:56:36.205 The log file has been saved successfully to "C:\Users\Dsvczm\Desktop\aswMBR.txt"

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:39 PM

Posted 23 July 2012 - 05:32 PM

Uploaded Security Check here: http://www.filedropper.com/securitycheck

Next...

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 cowboys2006

cowboys2006
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 23 July 2012 - 06:01 PM

ok my antivirus come up with this Spyware detected: Cookie/RealMedia On-demand antivirus scan 7/23/2012 5:49:53 PM Deleted Path: c:\users\dsvczm\appdata\roaming\microsoft\windows\cookies\low\hu63ahka.txt



I figured ill let you know about it.




17:57:07.0472 3956 TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30
17:57:09.0477 3956 ============================================================
17:57:09.0477 3956 Current date / time: 2012/07/23 17:57:09.0477
17:57:09.0477 3956 SystemInfo:
17:57:09.0477 3956
17:57:09.0477 3956 OS Version: 6.1.7601 ServicePack: 1.0
17:57:09.0477 3956 Product type: Workstation
17:57:09.0477 3956 ComputerName: DSVCZM-PC
17:57:09.0477 3956 UserName: Dsvczm
17:57:09.0477 3956 Windows directory: C:\Windows
17:57:09.0477 3956 System windows directory: C:\Windows
17:57:09.0477 3956 Running under WOW64
17:57:09.0477 3956 Processor architecture: Intel x64
17:57:09.0477 3956 Number of processors: 4
17:57:09.0477 3956 Page size: 0x1000
17:57:09.0477 3956 Boot type: Normal boot
17:57:09.0477 3956 ============================================================
17:57:09.0869 3956 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:57:10.0024 3956 ============================================================
17:57:10.0024 3956 \Device\Harddisk0\DR0:
17:57:10.0044 3956 MBR partitions:
17:57:10.0044 3956 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
17:57:10.0044 3956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x728D3800
17:57:10.0044 3956 ============================================================
17:57:10.0064 3956 C: <-> \Device\Harddisk0\DR0\Partition1
17:57:10.0064 3956 ============================================================
17:57:10.0064 3956 Initialize success
17:57:10.0064 3956 ============================================================
17:57:17.0371 0456 ============================================================
17:57:17.0371 0456 Scan started
17:57:17.0371 0456 Mode: Manual;
17:57:17.0371 0456 ============================================================
17:57:18.0421 0456 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:57:18.0421 0456 !SASCORE - ok
17:57:18.0681 0456 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:57:18.0691 0456 1394ohci - ok
17:57:18.0721 0456 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:57:18.0731 0456 ACPI - ok
17:57:18.0731 0456 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:57:18.0731 0456 AcpiPmi - ok
17:57:18.0831 0456 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:57:18.0831 0456 AdobeARMservice - ok
17:57:19.0101 0456 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:57:19.0101 0456 AdobeFlashPlayerUpdateSvc - ok
17:57:19.0231 0456 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:57:19.0241 0456 adp94xx - ok
17:57:19.0301 0456 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:57:19.0311 0456 adpahci - ok
17:57:19.0331 0456 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:57:19.0341 0456 adpu320 - ok
17:57:19.0371 0456 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:57:19.0371 0456 AeLookupSvc - ok
17:57:19.0451 0456 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:57:19.0481 0456 AFD - ok
17:57:19.0501 0456 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:57:19.0501 0456 agp440 - ok
17:57:19.0551 0456 ahcix64s (6fe3abbcda2721d9ef33d53006ffaffa) C:\Windows\system32\drivers\ahcix64s.sys
17:57:19.0551 0456 ahcix64s - ok
17:57:19.0591 0456 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:57:19.0591 0456 ALG - ok
17:57:19.0611 0456 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:57:19.0611 0456 aliide - ok
17:57:19.0661 0456 AMD External Events Utility (23bc2ea87ab7d48756e6198a4e5d3ac0) C:\Windows\system32\atiesrxx.exe
17:57:19.0671 0456 AMD External Events Utility - ok
17:57:19.0681 0456 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:57:19.0691 0456 amdide - ok
17:57:19.0711 0456 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:57:19.0711 0456 AmdK8 - ok
17:57:20.0621 0456 amdkmdag (4837aa524c1aeb34201ba425237fb45b) C:\Windows\system32\DRIVERS\atikmdag.sys
17:57:20.0801 0456 amdkmdag - ok
17:57:20.0971 0456 amdkmdap (d7cc3eb2ae5bb29858f254c9aa356601) C:\Windows\system32\DRIVERS\atikmpag.sys
17:57:20.0991 0456 amdkmdap - ok
17:57:21.0031 0456 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:57:21.0031 0456 AmdPPM - ok
17:57:21.0051 0456 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:57:21.0061 0456 amdsata - ok
17:57:21.0081 0456 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:57:21.0091 0456 amdsbs - ok
17:57:21.0101 0456 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:57:21.0101 0456 amdxata - ok
17:57:21.0224 0456 AmFSM (71336e77f98a65efaaeb950902611d3f) C:\Windows\system32\DRIVERS\amm6460.sys
17:57:21.0224 0456 AmFSM - ok
17:57:21.0270 0456 APPFLT (b1a935537be5c168c223946572e2edd1) C:\Windows\system32\Drivers\APPFLT64.SYS
17:57:21.0270 0456 APPFLT - ok
17:57:21.0286 0456 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:57:21.0286 0456 AppID - ok
17:57:21.0302 0456 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:57:21.0302 0456 AppIDSvc - ok
17:57:21.0317 0456 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:57:21.0317 0456 Appinfo - ok
17:57:21.0333 0456 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:57:21.0333 0456 arc - ok
17:57:21.0333 0456 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:57:21.0333 0456 arcsas - ok
17:57:21.0504 0456 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:57:21.0520 0456 aspnet_state - ok
17:57:21.0676 0456 Asset Management Daemon (f6f7afe845acd538acc9da19f5c9eeac) C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
17:57:21.0676 0456 Asset Management Daemon - ok
17:57:21.0707 0456 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:57:21.0707 0456 AsyncMac - ok
17:57:21.0754 0456 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:57:21.0754 0456 atapi - ok
17:57:21.0894 0456 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
17:57:21.0894 0456 AtiHDAudioService - ok
17:57:21.0941 0456 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:57:21.0941 0456 AtiPcie - ok
17:57:22.0019 0456 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:57:22.0035 0456 AudioEndpointBuilder - ok
17:57:22.0035 0456 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:57:22.0045 0456 AudioSrv - ok
17:57:22.0075 0456 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:57:22.0075 0456 AxInstSV - ok
17:57:22.0165 0456 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:57:22.0175 0456 b06bdrv - ok
17:57:22.0205 0456 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:57:22.0205 0456 b57nd60a - ok
17:57:22.0215 0456 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:57:22.0215 0456 BDESVC - ok
17:57:22.0225 0456 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:57:22.0225 0456 Beep - ok
17:57:22.0305 0456 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:57:22.0315 0456 BFE - ok
17:57:22.0495 0456 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:57:22.0525 0456 BITS - ok
17:57:22.0615 0456 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
17:57:22.0615 0456 blbdrive - ok
17:57:22.0745 0456 Bonjour Service (73686fe0b2e0469f89fd2075be724704) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:57:22.0745 0456 Bonjour Service - ok
17:57:22.0785 0456 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:57:22.0785 0456 bowser - ok
17:57:22.0825 0456 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:57:22.0825 0456 BrFiltLo - ok
17:57:22.0835 0456 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:57:22.0835 0456 BrFiltUp - ok
17:57:22.0925 0456 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:57:22.0935 0456 Browser - ok
17:57:22.0975 0456 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:57:22.0985 0456 Brserid - ok
17:57:22.0985 0456 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:57:22.0985 0456 BrSerWdm - ok
17:57:22.0995 0456 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:57:22.0995 0456 BrUsbMdm - ok
17:57:22.0995 0456 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:57:22.0995 0456 BrUsbSer - ok
17:57:23.0015 0456 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:57:23.0015 0456 BTHMODEM - ok
17:57:23.0055 0456 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:57:23.0065 0456 bthserv - ok
17:57:23.0205 0456 camfilt2 (dc22832c7a65054129defe8bc0c6e2b6) C:\Windows\system32\DRIVERS\camfilt2.sys
17:57:23.0215 0456 camfilt2 - ok
17:57:23.0245 0456 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:57:23.0255 0456 cdfs - ok
17:57:23.0285 0456 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:57:23.0285 0456 cdrom - ok
17:57:23.0315 0456 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:57:23.0315 0456 CertPropSvc - ok
17:57:23.0345 0456 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:57:23.0345 0456 circlass - ok
17:57:23.0405 0456 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:57:23.0415 0456 CLFS - ok
17:57:23.0465 0456 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:57:23.0465 0456 clr_optimization_v2.0.50727_32 - ok
17:57:23.0495 0456 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:57:23.0495 0456 clr_optimization_v2.0.50727_64 - ok
17:57:23.0605 0456 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:57:23.0635 0456 clr_optimization_v4.0.30319_32 - ok
17:57:23.0695 0456 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:57:23.0705 0456 clr_optimization_v4.0.30319_64 - ok
17:57:23.0735 0456 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:57:23.0745 0456 CmBatt - ok
17:57:23.0745 0456 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:57:23.0755 0456 cmdide - ok
17:57:23.0845 0456 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
17:57:23.0865 0456 CNG - ok
17:57:23.0945 0456 ComFiltr (8a64c45f467fb30c47a30ae2819ddd62) C:\Windows\system32\DRIVERS\COMFiltr.sys
17:57:23.0945 0456 ComFiltr - ok
17:57:23.0965 0456 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:57:23.0965 0456 Compbatt - ok
17:57:23.0995 0456 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:57:23.0995 0456 CompositeBus - ok
17:57:24.0015 0456 COMSysApp - ok
17:57:24.0025 0456 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:57:24.0025 0456 crcdisk - ok
17:57:24.0065 0456 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:57:24.0065 0456 CryptSvc - ok
17:57:24.0125 0456 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
17:57:24.0125 0456 ctxusbm - ok
17:57:24.0405 0456 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:57:24.0425 0456 cvhsvc - ok
17:57:24.0685 0456 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:57:24.0695 0456 DcomLaunch - ok
17:57:24.0805 0456 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:57:24.0835 0456 defragsvc - ok
17:57:25.0025 0456 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:57:25.0025 0456 DfsC - ok
17:57:25.0175 0456 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:57:25.0195 0456 Dhcp - ok
17:57:25.0235 0456 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:57:25.0235 0456 discache - ok
17:57:25.0347 0456 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:57:25.0410 0456 Disk - ok
17:57:25.0472 0456 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:57:25.0472 0456 Dnscache - ok
17:57:25.0503 0456 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:57:25.0503 0456 dot3svc - ok
17:57:25.0503 0456 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:57:25.0519 0456 DPS - ok
17:57:25.0534 0456 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:57:25.0534 0456 drmkaud - ok
17:57:25.0566 0456 DSAFLT (64648b677d5005749f2fe412254512b7) C:\Windows\system32\Drivers\DSAFLT64.SYS
17:57:25.0581 0456 DSAFLT - ok
17:57:25.0659 0456 DTSRVC (0cedf29cfa2e1209456d98c2ee4ae6f5) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
17:57:25.0659 0456 DTSRVC - ok
17:57:25.0722 0456 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:57:25.0737 0456 DXGKrnl - ok
17:57:25.0768 0456 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:57:25.0768 0456 EapHost - ok
17:57:26.0065 0456 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:57:26.0127 0456 ebdrv - ok
17:57:26.0283 0456 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:57:26.0283 0456 EFS - ok
17:57:26.0377 0456 EgisTec Ticket Service (5332ec2ba1c112bd4bb1f38127848fef) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
17:57:26.0377 0456 EgisTec Ticket Service - ok
17:57:26.0539 0456 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:57:26.0549 0456 ehRecvr - ok
17:57:26.0589 0456 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:57:26.0589 0456 ehSched - ok
17:57:26.0659 0456 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:57:26.0679 0456 elxstor - ok
17:57:26.0679 0456 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:57:26.0679 0456 ErrDev - ok
17:57:26.0699 0456 EtronHub3 (cfba28fab72e6a39add71d958f219648) C:\Windows\system32\Drivers\EtronHub3.sys
17:57:26.0699 0456 EtronHub3 - ok
17:57:26.0729 0456 EtronXHCI (0241ce183139ff15cea7234058ccf995) C:\Windows\system32\Drivers\EtronXHCI.sys
17:57:26.0729 0456 EtronXHCI - ok
17:57:26.0779 0456 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:57:26.0799 0456 EventSystem - ok
17:57:26.0849 0456 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:57:26.0849 0456 exfat - ok
17:57:26.0889 0456 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:57:26.0889 0456 fastfat - ok
17:57:26.0969 0456 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:57:26.0979 0456 Fax - ok
17:57:26.0999 0456 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:57:27.0009 0456 fdc - ok
17:57:27.0029 0456 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:57:27.0029 0456 fdPHost - ok
17:57:27.0059 0456 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:57:27.0069 0456 FDResPub - ok
17:57:27.0119 0456 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:57:27.0119 0456 FileInfo - ok
17:57:27.0149 0456 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:57:27.0149 0456 Filetrace - ok
17:57:27.0379 0456 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:57:27.0389 0456 FLEXnet Licensing Service - ok
17:57:27.0399 0456 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:57:27.0399 0456 flpydisk - ok
17:57:27.0499 0456 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:57:27.0499 0456 FltMgr - ok
17:57:27.0539 0456 FNETMON (50c6c310a98108a94e985fd46b4e150c) C:\Windows\system32\Drivers\fnetm64.SYS
17:57:27.0539 0456 FNETMON - ok
17:57:27.0829 0456 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:57:27.0839 0456 FontCache - ok
17:57:27.0899 0456 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:57:27.0899 0456 FontCache3.0.0.0 - ok
17:57:27.0919 0456 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:57:27.0919 0456 FsDepends - ok
17:57:27.0949 0456 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:57:27.0949 0456 Fs_Rec - ok
17:57:27.0969 0456 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:57:27.0969 0456 fvevol - ok
17:57:27.0989 0456 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:57:27.0989 0456 gagp30kx - ok
17:57:28.0079 0456 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:57:28.0079 0456 GamesAppService - ok
17:57:28.0259 0456 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:57:28.0269 0456 gpsvc - ok
17:57:28.0309 0456 GREGService (c9b2d1d3f86fd3673ef847def73b6f9e) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
17:57:28.0309 0456 GREGService - ok
17:57:28.0319 0456 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:57:28.0319 0456 hcw85cir - ok
17:57:28.0359 0456 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:57:28.0359 0456 HdAudAddService - ok
17:57:28.0399 0456 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:57:28.0409 0456 HDAudBus - ok
17:57:28.0409 0456 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:57:28.0409 0456 HidBatt - ok
17:57:28.0429 0456 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:57:28.0429 0456 HidBth - ok
17:57:28.0439 0456 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:57:28.0439 0456 HidIr - ok
17:57:28.0459 0456 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:57:28.0469 0456 hidserv - ok
17:57:28.0489 0456 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:57:28.0489 0456 HidUsb - ok
17:57:28.0520 0456 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:57:28.0520 0456 hkmsvc - ok
17:57:28.0552 0456 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:57:28.0552 0456 HomeGroupListener - ok
17:57:28.0583 0456 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:57:28.0583 0456 HomeGroupProvider - ok
17:57:28.0598 0456 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:57:28.0598 0456 HpSAMD - ok
17:57:28.0645 0456 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:57:28.0661 0456 HTTP - ok
17:57:28.0676 0456 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:57:28.0676 0456 hwpolicy - ok
17:57:28.0708 0456 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:57:28.0708 0456 i8042prt - ok
17:57:28.0770 0456 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:57:28.0770 0456 iaStorV - ok
17:57:28.0801 0456 IDSFLT (e3fc339dac4ddf4a12188313dc4da94f) C:\Windows\system32\Drivers\IDSFLT64.SYS
17:57:28.0801 0456 IDSFLT - ok
17:57:28.0942 0456 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:57:28.0973 0456 idsvc - ok
17:57:29.0004 0456 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:57:29.0004 0456 iirsp - ok
17:57:29.0098 0456 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:57:29.0098 0456 IKEEXT - ok
17:57:29.0410 0456 IntcAzAudAddService (13089f31aa37cde1ce3784ee01a48484) C:\Windows\system32\drivers\RTKVHD64.sys
17:57:29.0456 0456 IntcAzAudAddService - ok
17:57:29.0597 0456 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:57:29.0597 0456 intelide - ok
17:57:29.0622 0456 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
17:57:29.0622 0456 intelppm - ok
17:57:29.0662 0456 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:57:29.0662 0456 IPBusEnum - ok
17:57:29.0672 0456 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:57:29.0682 0456 IpFilterDriver - ok
17:57:29.0782 0456 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:57:29.0782 0456 iphlpsvc - ok
17:57:29.0802 0456 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:57:29.0802 0456 IPMIDRV - ok
17:57:29.0812 0456 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:57:29.0812 0456 IPNAT - ok
17:57:29.0853 0456 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:57:29.0853 0456 IRENUM - ok
17:57:29.0863 0456 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:57:29.0863 0456 isapnp - ok
17:57:29.0903 0456 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:57:29.0903 0456 iScsiPrt - ok
17:57:29.0933 0456 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:57:29.0933 0456 kbdclass - ok
17:57:29.0963 0456 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:57:29.0963 0456 kbdhid - ok
17:57:29.0993 0456 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:57:29.0993 0456 KeyIso - ok
17:57:30.0183 0456 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
17:57:30.0193 0456 Kodak AiO Network Discovery Service - ok
17:57:30.0253 0456 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
17:57:30.0253 0456 KSecDD - ok
17:57:30.0283 0456 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
17:57:30.0283 0456 KSecPkg - ok
17:57:30.0323 0456 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:57:30.0323 0456 ksthunk - ok
17:57:30.0383 0456 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:57:30.0393 0456 KtmRm - ok
17:57:30.0443 0456 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:57:30.0463 0456 LanmanServer - ok
17:57:30.0503 0456 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:57:30.0513 0456 LanmanWorkstation - ok
17:57:30.0623 0456 LightScribeService (71c6a95a5f0ccc87298c4dd0f2c3635a) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:57:30.0623 0456 LightScribeService - ok
17:57:30.0693 0456 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
17:57:30.0703 0456 Live Updater Service - ok
17:57:30.0753 0456 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:57:30.0753 0456 lltdio - ok
17:57:30.0803 0456 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:57:30.0803 0456 lltdsvc - ok
17:57:30.0823 0456 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:57:30.0823 0456 lmhosts - ok
17:57:30.0853 0456 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:57:30.0853 0456 LSI_FC - ok
17:57:30.0863 0456 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:57:30.0863 0456 LSI_SAS - ok
17:57:30.0873 0456 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:57:30.0873 0456 LSI_SAS2 - ok
17:57:30.0893 0456 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:57:30.0893 0456 LSI_SCSI - ok
17:57:30.0903 0456 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:57:30.0903 0456 luafv - ok
17:57:31.0013 0456 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
17:57:31.0013 0456 MBAMProtector - ok
17:57:31.0173 0456 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:57:31.0173 0456 MBAMService - ok
17:57:31.0193 0456 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:57:31.0203 0456 Mcx2Svc - ok
17:57:31.0203 0456 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:57:31.0203 0456 megasas - ok
17:57:31.0263 0456 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:57:31.0263 0456 MegaSR - ok
17:57:31.0363 0456 MemeoDashboardService (5c11aceda9f9066b2e09bd94699018cc) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboardService.exe
17:57:31.0363 0456 MemeoDashboardService - ok
17:57:31.0413 0456 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:57:31.0413 0456 MMCSS - ok
17:57:31.0423 0456 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:57:31.0433 0456 Modem - ok
17:57:31.0493 0456 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:57:31.0493 0456 monitor - ok
17:57:31.0553 0456 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:57:31.0573 0456 mouclass - ok
17:57:31.0603 0456 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:57:31.0603 0456 mouhid - ok
17:57:31.0643 0456 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:57:31.0653 0456 mountmgr - ok
17:57:31.0743 0456 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:57:31.0743 0456 MozillaMaintenance - ok
17:57:31.0763 0456 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:57:31.0763 0456 mpio - ok
17:57:31.0793 0456 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:57:31.0793 0456 mpsdrv - ok
17:57:31.0883 0456 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:57:31.0913 0456 MpsSvc - ok
17:57:31.0923 0456 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:57:31.0943 0456 MRxDAV - ok
17:57:31.0983 0456 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:57:31.0993 0456 mrxsmb - ok
17:57:32.0043 0456 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:57:32.0063 0456 mrxsmb10 - ok
17:57:32.0083 0456 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:57:32.0083 0456 mrxsmb20 - ok
17:57:32.0093 0456 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:57:32.0093 0456 msahci - ok
17:57:32.0113 0456 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:57:32.0113 0456 msdsm - ok
17:57:32.0133 0456 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:57:32.0133 0456 MSDTC - ok
17:57:32.0163 0456 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:57:32.0163 0456 Msfs - ok
17:57:32.0183 0456 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:57:32.0183 0456 mshidkmdf - ok
17:57:32.0193 0456 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:57:32.0193 0456 msisadrv - ok
17:57:32.0253 0456 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:57:32.0273 0456 MSiSCSI - ok
17:57:32.0283 0456 msiserver - ok
17:57:32.0333 0456 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:57:32.0333 0456 MSKSSRV - ok
17:57:32.0353 0456 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:57:32.0353 0456 MSPCLOCK - ok
17:57:32.0363 0456 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:57:32.0363 0456 MSPQM - ok
17:57:32.0413 0456 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:57:32.0433 0456 MsRPC - ok
17:57:32.0453 0456 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:57:32.0453 0456 mssmbios - ok
17:57:32.0463 0456 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:57:32.0463 0456 MSTEE - ok
17:57:32.0473 0456 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:57:32.0473 0456 MTConfig - ok
17:57:32.0483 0456 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:57:32.0483 0456 Mup - ok
17:57:32.0493 0456 mwlPSDFilter (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
17:57:32.0493 0456 mwlPSDFilter - ok
17:57:32.0523 0456 mwlPSDNServ (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
17:57:32.0533 0456 mwlPSDNServ - ok
17:57:32.0543 0456 mwlPSDVDisk (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
17:57:32.0543 0456 mwlPSDVDisk - ok
17:57:32.0623 0456 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:57:32.0638 0456 napagent - ok
17:57:32.0701 0456 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:57:32.0716 0456 NativeWifiP - ok
17:57:32.0810 0456 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:57:32.0825 0456 NDIS - ok
17:57:32.0857 0456 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:57:32.0857 0456 NdisCap - ok
17:57:32.0872 0456 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:57:32.0872 0456 NdisTapi - ok
17:57:32.0903 0456 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:57:32.0903 0456 Ndisuio - ok
17:57:32.0919 0456 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:57:32.0919 0456 NdisWan - ok
17:57:32.0950 0456 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:57:32.0950 0456 NDProxy - ok
17:57:32.0966 0456 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:57:32.0966 0456 NetBIOS - ok
17:57:32.0997 0456 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:57:33.0013 0456 NetBT - ok
17:57:33.0075 0456 NETFLTDI (ba99a34a9b5eb737ce54bc0a7c596609) C:\Windows\system32\Drivers\NETTDI64.SYS
17:57:33.0075 0456 NETFLTDI - ok
17:57:33.0137 0456 NETIMFLT01060044 (fd0bfed656d9b26c22e439cc0ef5c771) C:\Windows\system32\DRIVERS\n64i1644.sys
17:57:33.0153 0456 NETIMFLT01060044 - ok
17:57:33.0200 0456 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:57:33.0200 0456 Netlogon - ok
17:57:33.0278 0456 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:57:33.0293 0456 Netman - ok
17:57:33.0418 0456 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:57:33.0434 0456 NetMsmqActivator - ok
17:57:33.0434 0456 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:57:33.0449 0456 NetPipeActivator - ok
17:57:33.0527 0456 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:57:33.0543 0456 netprofm - ok
17:57:33.0824 0456 netr28x (5758fd37bf31e759f8610311e4d08eca) C:\Windows\system32\DRIVERS\netr28x.sys
17:57:33.0839 0456 netr28x - ok
17:57:33.0902 0456 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:57:33.0902 0456 NetTcpActivator - ok
17:57:33.0917 0456 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:57:33.0917 0456 NetTcpPortSharing - ok
17:57:34.0011 0456 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:57:34.0011 0456 nfrd960 - ok
17:57:34.0073 0456 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:57:34.0073 0456 NlaSvc - ok
17:57:34.0073 0456 NPF - ok
17:57:34.0105 0456 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:57:34.0105 0456 Npfs - ok
17:57:34.0120 0456 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:57:34.0120 0456 nsi - ok
17:57:34.0136 0456 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:57:34.0136 0456 nsiproxy - ok
17:57:34.0339 0456 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:57:34.0401 0456 Ntfs - ok
17:57:34.0541 0456 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:57:34.0541 0456 Null - ok
17:57:34.0573 0456 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:57:34.0573 0456 nvraid - ok
17:57:34.0588 0456 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:57:34.0588 0456 nvstor - ok
17:57:34.0619 0456 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:57:34.0619 0456 nv_agp - ok
17:57:34.0635 0456 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:57:34.0635 0456 ohci1394 - ok
17:57:34.0697 0456 OM0530 (fa5d730ce3f3a3bd21c1040e212230d4) C:\Windows\system32\Drivers\ov530vx.sys
17:57:34.0713 0456 OM0530 - ok
17:57:34.0807 0456 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:57:34.0807 0456 ose - ok
17:57:35.0259 0456 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:57:35.0321 0456 osppsvc - ok
17:57:35.0431 0456 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:57:35.0446 0456 p2pimsvc - ok
17:57:35.0477 0456 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:57:35.0493 0456 p2psvc - ok
17:57:35.0587 0456 Panda Software Controller (78b7642b0c51f24f0835c0226540d58b) C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsCtrls.exe
17:57:35.0587 0456 Panda Software Controller - ok
17:57:35.0618 0456 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:57:35.0618 0456 Parport - ok
17:57:35.0649 0456 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:57:35.0649 0456 partmgr - ok
17:57:35.0696 0456 pavboot (337a81b3ff34f9851d245d42a725fc22) C:\Windows\system32\Drivers\pavboot64.sys
17:57:35.0696 0456 pavboot - ok
17:57:35.0809 0456 PAVFNSVR (ae848c1613c8738bb83adab4f0845e84) C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PavFnSvr.exe
17:57:35.0809 0456 PAVFNSVR - ok
17:57:35.0959 0456 PavPrSrv (2ae3f6b23448443bbef5de207159213b) C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
17:57:35.0959 0456 PavPrSrv - ok
17:57:36.0149 0456 PAVSRV (97005413310966001fb6f4a5c503149c) C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\pavsrvx86.exe
17:57:36.0149 0456 PAVSRV - ok
17:57:36.0179 0456 PavTPK.sys - ok
17:57:36.0309 0456 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:57:36.0329 0456 PcaSvc - ok
17:57:36.0419 0456 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:57:36.0439 0456 pci - ok
17:57:36.0479 0456 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:57:36.0479 0456 pciide - ok
17:57:36.0499 0456 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:57:36.0499 0456 pcmcia - ok
17:57:36.0529 0456 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:57:36.0529 0456 pcw - ok
17:57:36.0559 0456 PdiPorts (c65cebc504de95212232213010db9a51) C:\Windows\system32\DRIVERS\PdiPorts.sys
17:57:36.0559 0456 PdiPorts - ok
17:57:36.0609 0456 PdiService (0a098df98ec8facaa30bd7db4c7aea06) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
17:57:36.0609 0456 PdiService - ok
17:57:36.0669 0456 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:57:36.0689 0456 PEAUTH - ok
17:57:36.0769 0456 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:57:36.0769 0456 PerfHost - ok
17:57:36.0929 0456 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:57:36.0949 0456 pla - ok
17:57:37.0029 0456 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:57:37.0029 0456 PlugPlay - ok
17:57:37.0049 0456 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:57:37.0049 0456 PNRPAutoReg - ok
17:57:37.0089 0456 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:57:37.0089 0456 PNRPsvc - ok
17:57:37.0149 0456 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:57:37.0159 0456 PolicyAgent - ok
17:57:37.0199 0456 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:57:37.0199 0456 Power - ok
17:57:37.0249 0456 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:57:37.0249 0456 PptpMiniport - ok
17:57:37.0269 0456 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:57:37.0269 0456 Processor - ok
17:57:37.0319 0456 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:57:37.0319 0456 ProfSvc - ok
17:57:37.0329 0456 Prot6Flt - ok
17:57:37.0359 0456 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:57:37.0369 0456 ProtectedStorage - ok
17:57:37.0429 0456 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:57:37.0429 0456 Psched - ok
17:57:37.0699 0456 PSHost (532053e8e3bb8fa7166ab4e7685fddcc) c:\program files (x86)\panda security\panda global protection 2012\firewall\PSHOST.EXE
17:57:37.0709 0456 PSHost - ok
17:57:37.0839 0456 PSIMSVC (196c450f2779d0b462c444da4906ea7f) C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsImSvc.exe
17:57:37.0849 0456 PSIMSVC - ok
17:57:37.0989 0456 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
17:57:37.0989 0456 PSI_SVC_2 - ok
17:57:38.0039 0456 PskSvcRetail (341457b79b3fc31a80c346c767045879) C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PskSvc.exe
17:57:38.0039 0456 PskSvcRetail - ok
17:57:38.0259 0456 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:57:38.0289 0456 ql2300 - ok
17:57:38.0389 0456 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:57:38.0409 0456 ql40xx - ok
17:57:38.0439 0456 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:57:38.0449 0456 QWAVE - ok
17:57:38.0459 0456 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:57:38.0459 0456 QWAVEdrv - ok
17:57:38.0479 0456 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:57:38.0479 0456 RasAcd - ok
17:57:38.0509 0456 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:57:38.0509 0456 RasAgileVpn - ok
17:57:38.0539 0456 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:57:38.0539 0456 RasAuto - ok
17:57:38.0589 0456 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:57:38.0589 0456 Rasl2tp - ok
17:57:38.0679 0456 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:57:38.0689 0456 RasMan - ok
17:57:38.0699 0456 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:57:38.0699 0456 RasPppoe - ok
17:57:38.0719 0456 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:57:38.0719 0456 RasSstp - ok
17:57:38.0749 0456 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:57:38.0749 0456 rdbss - ok
17:57:38.0759 0456 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:57:38.0759 0456 rdpbus - ok
17:57:38.0769 0456 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:57:38.0769 0456 RDPCDD - ok
17:57:38.0789 0456 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:57:38.0789 0456 RDPENCDD - ok
17:57:38.0799 0456 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:57:38.0799 0456 RDPREFMP - ok
17:57:38.0849 0456 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:57:38.0849 0456 RDPWD - ok
17:57:38.0889 0456 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:57:38.0899 0456 rdyboost - ok
17:57:38.0969 0456 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:57:38.0989 0456 RemoteAccess - ok
17:57:39.0069 0456 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:57:39.0089 0456 RemoteRegistry - ok
17:57:39.0189 0456 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
17:57:39.0189 0456 Revoflt - ok
17:57:39.0319 0456 RichVideo (b216b03852df788c7e2afdf6c6e8a9b0) C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
17:57:39.0329 0456 RichVideo - ok
17:57:39.0389 0456 rpcapd (599091edc1013a4a79cfe171638cf262) C:\Program Files (x86)\WinPcap\rpcapd.exe
17:57:39.0389 0456 rpcapd - ok
17:57:39.0419 0456 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:57:39.0419 0456 RpcEptMapper - ok
17:57:39.0439 0456 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:57:39.0439 0456 RpcLocator - ok
17:57:39.0519 0456 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:57:39.0519 0456 RpcSs - ok
17:57:39.0569 0456 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:57:39.0579 0456 rspndr - ok
17:57:39.0649 0456 RTL8167 (e50cfb92986dcab49de93788fd695813) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:57:39.0659 0456 RTL8167 - ok
17:57:39.0689 0456 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:57:39.0689 0456 SamSs - ok
17:57:39.0769 0456 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:57:39.0769 0456 SASDIFSV - ok
17:57:39.0799 0456 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:57:39.0799 0456 SASKUTIL - ok
17:57:39.0919 0456 SbieDrv (495588414f5c62c333f1a69e17e5fb9f) C:\Program Files\Sandboxie\SbieDrv.sys
17:57:39.0929 0456 SbieDrv - ok
17:57:39.0979 0456 SbieSvc (099007b7a80e1917ffa110ce7785a3c9) C:\Program Files\Sandboxie\SbieSvc.exe
17:57:39.0979 0456 SbieSvc - ok
17:57:39.0999 0456 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:57:39.0999 0456 sbp2port - ok
17:57:40.0079 0456 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:57:40.0129 0456 SCardSvr - ok
17:57:40.0199 0456 SCDEmu (9c9df6d9a604178ddcdd703846f6ccec) C:\Windows\system32\drivers\SCDEmu.sys
17:57:40.0199 0456 SCDEmu - ok
17:57:40.0282 0456 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:57:40.0282 0456 scfilter - ok
17:57:40.0498 0456 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:57:40.0518 0456 Schedule - ok
17:57:40.0558 0456 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:57:40.0558 0456 SCPolicySvc - ok
17:57:40.0568 0456 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:57:40.0578 0456 SDRSVC - ok
17:57:40.0678 0456 SeagateDashboardService (2c542fb84b26459d437b22a9bc63c14d) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
17:57:40.0678 0456 SeagateDashboardService - ok
17:57:40.0738 0456 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:57:40.0738 0456 secdrv - ok
17:57:40.0758 0456 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:57:40.0768 0456 seclogon - ok
17:57:40.0788 0456 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:57:40.0788 0456 SENS - ok
17:57:40.0808 0456 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:57:40.0808 0456 SensrSvc - ok
17:57:40.0838 0456 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:57:40.0838 0456 Serenum - ok
17:57:40.0848 0456 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:57:40.0848 0456 Serial - ok
17:57:40.0858 0456 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:57:40.0858 0456 sermouse - ok
17:57:40.0888 0456 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:57:40.0888 0456 SessionEnv - ok
17:57:40.0898 0456 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:57:40.0898 0456 sffdisk - ok
17:57:40.0898 0456 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:57:40.0898 0456 sffp_mmc - ok
17:57:40.0918 0456 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:57:40.0918 0456 sffp_sd - ok
17:57:40.0928 0456 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:57:40.0928 0456 sfloppy - ok
17:57:41.0098 0456 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:57:41.0108 0456 Sftfs - ok
17:57:41.0308 0456 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:57:41.0368 0456 sftlist - ok
17:57:41.0408 0456 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:57:41.0408 0456 Sftplay - ok
17:57:41.0428 0456 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:57:41.0428 0456 Sftredir - ok
17:57:41.0448 0456 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:57:41.0448 0456 Sftvol - ok
17:57:41.0518 0456 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:57:41.0568 0456 sftvsa - ok
17:57:41.0638 0456 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:57:41.0648 0456 SharedAccess - ok
17:57:41.0718 0456 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:57:41.0728 0456 ShellHWDetection - ok
17:57:41.0768 0456 ShldFlt (03639a3b26aa808bae79d89fdb4b151c) C:\Windows\system32\DRIVERS\ShldFlt.sys
17:57:41.0778 0456 ShldFlt - ok
17:57:41.0808 0456 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:57:41.0808 0456 SiSRaid2 - ok
17:57:41.0818 0456 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:57:41.0828 0456 SiSRaid4 - ok
17:57:41.0848 0456 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:57:41.0848 0456 Smb - ok
17:57:41.0888 0456 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:57:41.0888 0456 SNMPTRAP - ok
17:57:41.0898 0456 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:57:41.0898 0456 spldr - ok
17:57:41.0958 0456 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:57:41.0968 0456 Spooler - ok
17:57:42.0278 0456 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:57:42.0298 0456 sppsvc - ok
17:57:42.0609 0456 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:57:42.0609 0456 sppuinotify - ok
17:57:42.0703 0456 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:57:42.0734 0456 srv - ok
17:57:42.0781 0456 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:57:42.0843 0456 srv2 - ok
17:57:42.0874 0456 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:57:42.0874 0456 srvnet - ok
17:57:42.0921 0456 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:57:42.0921 0456 SSDPSRV - ok
17:57:42.0952 0456 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:57:42.0952 0456 SstpSvc - ok
17:57:42.0968 0456 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:57:42.0968 0456 stexstor - ok
17:57:43.0003 0456 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:57:43.0003 0456 StillCam - ok
17:57:43.0113 0456 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:57:43.0133 0456 stisvc - ok
17:57:43.0153 0456 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:57:43.0153 0456 swenum - ok
17:57:43.0183 0456 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:57:43.0193 0456 swprv - ok
17:57:43.0413 0456 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:57:43.0443 0456 SysMain - ok
17:57:43.0613 0456 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:57:43.0613 0456 TabletInputService - ok
17:57:43.0663 0456 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:57:43.0683 0456 TapiSrv - ok
17:57:43.0693 0456 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:57:43.0703 0456 TBS - ok
17:57:43.0873 0456 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:57:43.0903 0456 Tcpip - ok
17:57:44.0193 0456 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:57:44.0203 0456 TCPIP6 - ok
17:57:44.0293 0456 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:57:44.0293 0456 tcpipreg - ok
17:57:44.0323 0456 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:57:44.0323 0456 TDPIPE - ok
17:57:44.0363 0456 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:57:44.0363 0456 TDTCP - ok
17:57:44.0423 0456 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:57:44.0433 0456 tdx - ok
17:57:44.0453 0456 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:57:44.0453 0456 TermDD - ok
17:57:44.0643 0456 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:57:44.0663 0456 TermService - ok
17:57:44.0713 0456 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:57:44.0713 0456 Themes - ok
17:57:44.0753 0456 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:57:44.0753 0456 THREADORDER - ok
17:57:44.0923 0456 TPSrv (b88c4d29cee2bf7465fa4bf426a24e4e) C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\TPSrvWow.exe
17:57:44.0933 0456 TPSrv - ok
17:57:44.0993 0456 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:57:44.0993 0456 TrkWks - ok
17:57:45.0118 0456 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:57:45.0181 0456 TrustedInstaller - ok
17:57:45.0227 0456 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:57:45.0227 0456 tssecsrv - ok
17:57:45.0259 0456 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:57:45.0259 0456 TsUsbFlt - ok
17:57:45.0274 0456 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:57:45.0274 0456 TsUsbGD - ok
17:57:45.0368 0456 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:57:45.0383 0456 tunnel - ok
17:57:45.0399 0456 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:57:45.0415 0456 uagp35 - ok
17:57:45.0555 0456 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:57:45.0571 0456 udfs - ok
17:57:45.0649 0456 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:57:45.0649 0456 UI0Detect - ok
17:57:45.0695 0456 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:57:45.0695 0456 uliagpkx - ok
17:57:45.0758 0456 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:57:45.0758 0456 umbus - ok
17:57:45.0773 0456 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:57:45.0773 0456 UmPass - ok
17:57:45.0851 0456 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:57:45.0867 0456 upnphost - ok
17:57:46.0054 0456 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:57:46.0070 0456 usbaudio - ok
17:57:46.0163 0456 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:57:46.0163 0456 usbccgp - ok
17:57:46.0195 0456 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:57:46.0195 0456 usbcir - ok
17:57:46.0210 0456 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:57:46.0210 0456 usbehci - ok
17:57:46.0273 0456 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
17:57:46.0288 0456 usbhub - ok
17:57:46.0319 0456 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:57:46.0319 0456 usbohci - ok
17:57:46.0351 0456 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:57:46.0351 0456 usbprint - ok
17:57:46.0366 0456 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:57:46.0366 0456 usbscan - ok
17:57:46.0382 0456 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:57:46.0382 0456 USBSTOR - ok
17:57:46.0429 0456 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:57:46.0429 0456 usbuhci - ok
17:57:46.0444 0456 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:57:46.0460 0456 UxSms - ok
17:57:46.0475 0456 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:57:46.0475 0456 VaultSvc - ok
17:57:46.0507 0456 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:57:46.0507 0456 vdrvroot - ok
17:57:46.0585 0456 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:57:46.0600 0456 vds - ok
17:57:46.0616 0456 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:57:46.0616 0456 vga - ok
17:57:46.0631 0456 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:57:46.0631 0456 VgaSave - ok
17:57:46.0678 0456 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:57:46.0694 0456 vhdmp - ok
17:57:46.0694 0456 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:57:46.0694 0456 viaide - ok
17:57:46.0725 0456 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:57:46.0725 0456 volmgr - ok
17:57:46.0772 0456 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:57:46.0803 0456 volmgrx - ok
17:57:46.0850 0456 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:57:46.0850 0456 volsnap - ok
17:57:46.0890 0456 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:57:46.0890 0456 vsmraid - ok
17:57:47.0040 0456 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:57:47.0070 0456 VSS - ok
17:57:47.0160 0456 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:57:47.0160 0456 vwifibus - ok
17:57:47.0190 0456 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:57:47.0190 0456 vwififlt - ok
17:57:47.0220 0456 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:57:47.0220 0456 vwifimp - ok
17:57:47.0260 0456 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:57:47.0270 0456 W32Time - ok
17:57:47.0290 0456 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:57:47.0290 0456 WacomPen - ok
17:57:47.0310 0456 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:57:47.0310 0456 WANARP - ok
17:57:47.0320 0456 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:57:47.0320 0456 Wanarpv6 - ok
17:57:47.0440 0456 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:57:47.0460 0456 WatAdminSvc - ok
17:57:47.0570 0456 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:57:47.0590 0456 wbengine - ok
17:57:47.0680 0456 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:57:47.0690 0456 WbioSrvc - ok
17:57:47.0730 0456 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:57:47.0730 0456 wcncsvc - ok
17:57:47.0750 0456 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:57:47.0750 0456 WcsPlugInService - ok
17:57:47.0760 0456 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:57:47.0760 0456 Wd - ok
17:57:47.0810 0456 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:57:47.0820 0456 Wdf01000 - ok
17:57:47.0860 0456 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:57:47.0860 0456 WdiServiceHost - ok
17:57:47.0860 0456 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:57:47.0860 0456 WdiSystemHost - ok
17:57:47.0990 0456 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:57:48.0020 0456 WebClient - ok
17:57:48.0050 0456 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:57:48.0060 0456 Wecsvc - ok
17:57:48.0070 0456 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:57:48.0080 0456 wercplsupport - ok
17:57:48.0100 0456 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:57:48.0100 0456 WerSvc - ok
17:57:48.0150 0456 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:57:48.0150 0456 WfpLwf - ok
17:57:48.0200 0456 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:57:48.0200 0456 WIMMount - ok
17:57:48.0260 0456 WinDefend - ok
17:57:48.0270 0456 WinHttpAutoProxySvc - ok
17:57:48.0350 0456 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:57:48.0360 0456 Winmgmt - ok
17:57:48.0510 0456 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:57:48.0540 0456 WinRM - ok
17:57:48.0660 0456 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:57:48.0660 0456 WinUsb - ok
17:57:48.0740 0456 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:57:48.0740 0456 Wlansvc - ok
17:57:48.0810 0456 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:57:48.0810 0456 wlcrasvc - ok
17:57:49.0180 0456 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:57:49.0200 0456 wlidsvc - ok
17:57:49.0321 0456 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:57:49.0321 0456 WmiAcpi - ok
17:57:49.0368 0456 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:57:49.0383 0456 wmiApSrv - ok
17:57:49.0430 0456 WMPNetworkSvc - ok
17:57:49.0524 0456 WNMFLT (c1b61612fccc6e750ad0a6e19c77ee85) C:\Windows\system32\Drivers\WNMFLT64.SYS
17:57:49.0539 0456 WNMFLT - ok
17:57:49.0586 0456 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:57:49.0602 0456 WPCSvc - ok
17:57:49.0633 0456 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:57:49.0633 0456 WPDBusEnum - ok
17:57:49.0711 0456 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:57:49.0711 0456 ws2ifsl - ok
17:57:49.0758 0456 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:57:49.0773 0456 wscsvc - ok
17:57:49.0773 0456 WSearch - ok
17:57:49.0961 0456 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:57:50.0007 0456 wuauserv - ok
17:57:50.0101 0456 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:57:50.0101 0456 WudfPf - ok
17:57:50.0132 0456 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:57:50.0132 0456 WUDFRd - ok
17:57:50.0163 0456 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:57:50.0163 0456 wudfsvc - ok
17:57:50.0195 0456 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:57:50.0195 0456 WwanSvc - ok
17:57:50.0335 0456 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
17:57:50.0366 0456 YahooAUService - ok
17:57:50.0397 0456 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:57:50.0616 0456 \Device\Harddisk0\DR0 - ok
17:57:50.0616 0456 Boot (0x1200) (5ad2e44c0f02bb111aa5b5b67ae33ee3) \Device\Harddisk0\DR0\Partition0
17:57:50.0631 0456 \Device\Harddisk0\DR0\Partition0 - ok
17:57:50.0631 0456 Boot (0x1200) (91142a2515fb9210580bfdd8a7658448) \Device\Harddisk0\DR0\Partition1
17:57:50.0631 0456 \Device\Harddisk0\DR0\Partition1 - ok
17:57:50.0631 0456 ============================================================
17:57:50.0631 0456 Scan finished
17:57:50.0631 0456 ============================================================
17:57:50.0647 5968 Detected object count: 0
17:57:50.0647 5968 Actual detected object count: 0


















Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
Panda Global Protection 2012
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

SpywareBlaster 4.6
Panda ActiveScan Cleaner
Java™ 6 Update 31
Adobe Flash Player 11.3.300.265
Adobe Reader X (10.1.3)
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
panda security panda global protection 2012 firewall PSHOST.EXE
``````````End of Log````````````

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:39 PM

Posted 23 July 2012 - 06:10 PM

I don't see much there.

I'd suggest....

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 cowboys2006

cowboys2006
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 23 July 2012 - 08:25 PM

i have already posted on the other forum about it but i was not able to attach the file it says that i have used 512k out of the whatever limit it is. should i just post them or have to attach it not sure how to clear the upload on this forum

thank you for your help

#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:39 PM

Posted 23 July 2012 - 08:28 PM

All logs should be pasted not attached.
If any log is too long split it between couple of replies.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#14 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,959 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:39 PM

Posted 24 July 2012 - 12:19 AM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic462165.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users