Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

iexplorer.exe virus


  • Please log in to reply
37 replies to this topic

#1 trevor12

trevor12

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 03:55 AM

Hi i am pretty sure that my computer may be very welll inffected with the virus iexplorer.exe and it has all the symptoms, my comptuer mutes itself for no reason evey now and then and it gives ranom voice ads that are invisible every now and then and i have 2 iexplorer.exe processes in my task manager, i was wondering if anyone can help thank you.

BC AdBot (Login to Remove)

 


#2 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 03:59 AM

Also when my computer mutes itself, I cannot get the sound back unless I restart my laptop. I am using an Acer Aspire netbook and it is still running right now but it also has muted my laptops sound sound again.

#3 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 05:21 AM

also my malwarebytes anti malware i cannot updagte it, it says "An error has occurred. Please report this issue to our support team (include content of all error message(s) and code(s) in your submission.
PROGRAM_ERROR_UPDATING (0,0, invalid argument)

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:59 PM

Posted 16 January 2013 - 12:11 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#5 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 04:07 PM

heres TDSS killer log, it shows no threats or objects found..15:02:56.0597 6624 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:02:58.0607 6624 ============================================================
15:02:58.0607 6624 Current date / time: 2013/01/16 15:02:58.0607
15:02:58.0607 6624 SystemInfo:
15:02:58.0607 6624
15:02:58.0607 6624 OS Version: 6.1.7601 ServicePack: 1.0
15:02:58.0607 6624 Product type: Workstation
15:02:58.0607 6624 ComputerName: TREVOR-PC
15:02:58.0607 6624 UserName: Trevor
15:02:58.0607 6624 Windows directory: C:\Windows
15:02:58.0607 6624 System windows directory: C:\Windows
15:02:58.0607 6624 Running under WOW64
15:02:58.0607 6624 Processor architecture: Intel x64
15:02:58.0607 6624 Number of processors: 2
15:02:58.0607 6624 Page size: 0x1000
15:02:58.0607 6624 Boot type: Normal boot
15:02:58.0607 6624 ============================================================
15:02:59.0169 6624 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:02:59.0179 6624 ============================================================
15:02:59.0179 6624 \Device\Harddisk0\DR0:
15:02:59.0179 6624 MBR partitions:
15:02:59.0179 6624 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
15:02:59.0179 6624 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x38553000
15:02:59.0179 6624 ============================================================
15:02:59.0219 6624 C: <-> \Device\Harddisk0\DR0\Partition2
15:02:59.0219 6624 ============================================================
15:02:59.0219 6624 Initialize success
15:02:59.0219 6624 ============================================================
15:03:28.0671 2900 ============================================================
15:03:28.0671 2900 Scan started
15:03:28.0671 2900 Mode: Manual; TDLFS;
15:03:28.0671 2900 ============================================================
15:03:28.0951 2900 ================ Scan system memory ========================
15:03:28.0951 2900 System memory - ok
15:03:28.0951 2900 ================ Scan services =============================
15:03:29.0161 2900 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:03:29.0321 2900 1394ohci - ok
15:03:29.0351 2900 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:03:29.0351 2900 ACPI - ok
15:03:29.0361 2900 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:03:29.0381 2900 AcpiPmi - ok
15:03:29.0491 2900 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:03:29.0491 2900 AdobeARMservice - ok
15:03:29.0611 2900 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:03:29.0611 2900 AdobeFlashPlayerUpdateSvc - ok
15:03:29.0651 2900 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:03:29.0661 2900 adp94xx - ok
15:03:29.0701 2900 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:03:29.0711 2900 adpahci - ok
15:03:29.0731 2900 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:03:29.0741 2900 adpu320 - ok
15:03:29.0761 2900 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:03:29.0761 2900 AeLookupSvc - ok
15:03:29.0821 2900 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:03:29.0821 2900 AFD - ok
15:03:29.0831 2900 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:03:29.0831 2900 agp440 - ok
15:03:29.0851 2900 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:03:29.0861 2900 ALG - ok
15:03:29.0871 2900 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:03:29.0871 2900 aliide - ok
15:03:29.0881 2900 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:03:29.0881 2900 amdide - ok
15:03:29.0891 2900 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:03:29.0941 2900 AmdK8 - ok
15:03:29.0951 2900 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:03:29.0991 2900 AmdPPM - ok
15:03:30.0001 2900 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:03:30.0001 2900 amdsata - ok
15:03:30.0011 2900 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:03:30.0401 2900 amdsbs - ok
15:03:30.0421 2900 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:03:30.0421 2900 amdxata - ok
15:03:30.0441 2900 [ 71336E77F98A65EFAAEB950902611D3F ] AmFSM C:\Windows\system32\DRIVERS\amm6460.sys
15:03:30.0451 2900 AmFSM - ok
15:03:30.0491 2900 [ B1A935537BE5C168C223946572E2EDD1 ] APPFLT C:\Windows\system32\Drivers\APPFLT64.SYS
15:03:30.0501 2900 APPFLT - ok
15:03:30.0521 2900 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:03:30.0521 2900 AppID - ok
15:03:30.0541 2900 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:03:30.0541 2900 AppIDSvc - ok
15:03:30.0551 2900 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:03:30.0551 2900 Appinfo - ok
15:03:30.0561 2900 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:03:30.0561 2900 arc - ok
15:03:30.0571 2900 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:03:30.0571 2900 arcsas - ok
15:03:30.0601 2900 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:03:30.0601 2900 AsyncMac - ok
15:03:30.0631 2900 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:03:30.0631 2900 atapi - ok
15:03:30.0711 2900 [ DE9FB3DADE8FD39AE2C587DF22D36B8E ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:03:30.0801 2900 athr - ok
15:03:30.0851 2900 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:03:30.0851 2900 AudioEndpointBuilder - ok
15:03:30.0881 2900 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:03:30.0881 2900 AudioSrv - ok
15:03:30.0921 2900 [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
15:03:30.0921 2900 avgtp - ok
15:03:30.0951 2900 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:03:30.0961 2900 AxInstSV - ok
15:03:31.0011 2900 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:03:31.0341 2900 b06bdrv - ok
15:03:31.0361 2900 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:03:31.0371 2900 b57nd60a - ok
15:03:31.0391 2900 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:03:31.0391 2900 BDESVC - ok
15:03:31.0431 2900 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:03:31.0431 2900 Beep - ok
15:03:31.0501 2900 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:03:31.0511 2900 BFE - ok
15:03:31.0551 2900 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:03:31.0561 2900 BITS - ok
15:03:31.0581 2900 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:03:31.0591 2900 blbdrive - ok
15:03:31.0621 2900 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:03:31.0621 2900 bowser - ok
15:03:31.0631 2900 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:03:31.0641 2900 BrFiltLo - ok
15:03:31.0651 2900 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:03:31.0661 2900 BrFiltUp - ok
15:03:31.0691 2900 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:03:31.0691 2900 Browser - ok
15:03:31.0711 2900 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:03:31.0921 2900 Brserid - ok
15:03:31.0921 2900 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:03:31.0931 2900 BrSerWdm - ok
15:03:31.0931 2900 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:03:31.0931 2900 BrUsbMdm - ok
15:03:31.0941 2900 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:03:31.0941 2900 BrUsbSer - ok
15:03:31.0951 2900 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:03:31.0951 2900 BTHMODEM - ok
15:03:31.0991 2900 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:03:31.0991 2900 bthserv - ok
15:03:32.0011 2900 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:03:32.0011 2900 cdfs - ok
15:03:32.0041 2900 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:03:32.0151 2900 cdrom - ok
15:03:32.0181 2900 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:03:32.0181 2900 CertPropSvc - ok
15:03:32.0191 2900 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:03:32.0221 2900 circlass - ok
15:03:32.0241 2900 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:03:32.0241 2900 CLFS - ok
15:03:32.0291 2900 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:03:32.0301 2900 clr_optimization_v2.0.50727_32 - ok
15:03:32.0321 2900 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:03:32.0331 2900 clr_optimization_v2.0.50727_64 - ok
15:03:32.0401 2900 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:03:32.0411 2900 clr_optimization_v4.0.30319_32 - ok
15:03:32.0441 2900 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:03:32.0441 2900 clr_optimization_v4.0.30319_64 - ok
15:03:32.0471 2900 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:03:32.0471 2900 CmBatt - ok
15:03:32.0491 2900 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:03:32.0491 2900 cmdide - ok
15:03:32.0541 2900 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:03:32.0541 2900 CNG - ok
15:03:32.0571 2900 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:03:32.0571 2900 Compbatt - ok
15:03:32.0591 2900 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:03:32.0621 2900 CompositeBus - ok
15:03:32.0631 2900 COMSysApp - ok
15:03:32.0651 2900 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:03:32.0651 2900 crcdisk - ok
15:03:32.0701 2900 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:03:32.0701 2900 CryptSvc - ok
15:03:32.0791 2900 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:03:32.0801 2900 cvhsvc - ok
15:03:32.0831 2900 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:03:32.0841 2900 DcomLaunch - ok
15:03:32.0891 2900 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:03:32.0891 2900 defragsvc - ok
15:03:32.0921 2900 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:03:32.0921 2900 DfsC - ok
15:03:32.0951 2900 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:03:32.0951 2900 Dhcp - ok
15:03:32.0991 2900 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:03:32.0991 2900 discache - ok
15:03:33.0031 2900 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:03:33.0031 2900 Disk - ok
15:03:33.0061 2900 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:03:33.0061 2900 Dnscache - ok
15:03:33.0091 2900 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:03:33.0091 2900 dot3svc - ok
15:03:33.0101 2900 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:03:33.0101 2900 DPS - ok
15:03:33.0121 2900 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:03:33.0121 2900 drmkaud - ok
15:03:33.0151 2900 [ 64648B677D5005749F2FE412254512B7 ] DSAFLT C:\Windows\system32\Drivers\DSAFLT64.SYS
15:03:33.0151 2900 DSAFLT - ok
15:03:33.0231 2900 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
15:03:33.0241 2900 DsiWMIService - ok
15:03:33.0271 2900 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:03:33.0291 2900 DXGKrnl - ok
15:03:33.0341 2900 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:03:33.0341 2900 EapHost - ok
15:03:33.0411 2900 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:03:35.0873 2900 ebdrv - ok
15:03:35.0893 2900 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:03:35.0903 2900 EFS - ok
15:03:35.0943 2900 [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
15:03:35.0943 2900 EgisTec Ticket Service - ok
15:03:36.0013 2900 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:03:36.0023 2900 ehRecvr - ok
15:03:36.0033 2900 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:03:36.0033 2900 ehSched - ok
15:03:36.0073 2900 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:03:36.0083 2900 elxstor - ok
15:03:36.0143 2900 [ 2AEE0416C54A1A86D035366DE192B2F0 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
15:03:36.0143 2900 ePowerSvc - ok
15:03:36.0153 2900 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:03:36.0163 2900 ErrDev - ok
15:03:36.0193 2900 [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys
15:03:36.0203 2900 ETD - ok
15:03:36.0233 2900 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:03:36.0243 2900 EventSystem - ok
15:03:36.0263 2900 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:03:36.0273 2900 exfat - ok
15:03:36.0293 2900 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:03:36.0293 2900 fastfat - ok
15:03:36.0333 2900 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:03:36.0333 2900 Fax - ok
15:03:36.0343 2900 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:03:36.0343 2900 fdc - ok
15:03:36.0373 2900 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:03:36.0373 2900 fdPHost - ok
15:03:36.0383 2900 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:03:36.0383 2900 FDResPub - ok
15:03:36.0403 2900 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:03:36.0403 2900 FileInfo - ok
15:03:36.0423 2900 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:03:36.0423 2900 Filetrace - ok
15:03:36.0473 2900 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:03:36.0493 2900 FLEXnet Licensing Service - ok
15:03:36.0513 2900 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:03:36.0513 2900 flpydisk - ok
15:03:36.0543 2900 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:03:36.0543 2900 FltMgr - ok
15:03:36.0573 2900 [ 50C6C310A98108A94E985FD46B4E150C ] FNETMON C:\Windows\system32\Drivers\fnetm64.SYS
15:03:36.0573 2900 FNETMON - ok
15:03:36.0613 2900 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:03:36.0623 2900 FontCache - ok
15:03:36.0663 2900 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:03:36.0673 2900 FontCache3.0.0.0 - ok
15:03:36.0703 2900 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:03:36.0703 2900 FsDepends - ok
15:03:36.0733 2900 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:03:36.0733 2900 Fs_Rec - ok
15:03:36.0763 2900 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:03:36.0763 2900 fvevol - ok
15:03:36.0793 2900 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:03:36.0793 2900 gagp30kx - ok
15:03:36.0853 2900 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:03:36.0853 2900 GamesAppService - ok
15:03:36.0893 2900 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:03:36.0893 2900 gpsvc - ok
15:03:36.0993 2900 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
15:03:36.0993 2900 GREGService - ok
15:03:37.0083 2900 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:03:37.0083 2900 gupdate - ok
15:03:37.0103 2900 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:03:37.0103 2900 gupdatem - ok
15:03:37.0163 2900 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:03:37.0163 2900 gusvc - ok
15:03:37.0193 2900 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:03:37.0213 2900 hcw85cir - ok
15:03:37.0233 2900 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:03:37.0243 2900 HdAudAddService - ok
15:03:37.0273 2900 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:03:37.0283 2900 HDAudBus - ok
15:03:37.0303 2900 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
15:03:37.0303 2900 HECIx64 - ok
15:03:37.0313 2900 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:03:37.0313 2900 HidBatt - ok
15:03:37.0323 2900 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:03:37.0323 2900 HidBth - ok
15:03:37.0333 2900 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:03:37.0333 2900 HidIr - ok
15:03:37.0353 2900 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:03:37.0353 2900 hidserv - ok
15:03:37.0373 2900 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:03:37.0373 2900 HidUsb - ok
15:03:37.0413 2900 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:03:37.0413 2900 hkmsvc - ok
15:03:37.0433 2900 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:03:37.0443 2900 HomeGroupListener - ok
15:03:37.0473 2900 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:03:37.0473 2900 HomeGroupProvider - ok
15:03:37.0473 2900 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:03:37.0483 2900 HpSAMD - ok
15:03:37.0503 2900 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:03:37.0513 2900 HTTP - ok
15:03:37.0533 2900 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:03:37.0533 2900 hwpolicy - ok
15:03:37.0553 2900 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:03:37.0563 2900 i8042prt - ok
15:03:37.0613 2900 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:03:37.0623 2900 iaStor - ok
15:03:37.0683 2900 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:03:37.0683 2900 IAStorDataMgrSvc - ok
15:03:37.0713 2900 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:03:38.0053 2900 iaStorV - ok
15:03:38.0083 2900 [ E3FC339DAC4DDF4A12188313DC4DA94F ] IDSFLT C:\Windows\system32\Drivers\IDSFLT64.SYS
15:03:38.0353 2900 IDSFLT - ok
15:03:38.0403 2900 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:03:38.0423 2900 idsvc - ok
15:03:38.0683 2900 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:03:39.0063 2900 igfx - ok
15:03:39.0113 2900 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:03:39.0433 2900 iirsp - ok
15:03:39.0483 2900 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:03:39.0483 2900 IKEEXT - ok
15:03:39.0523 2900 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
15:03:39.0533 2900 Impcd - ok
15:03:39.0613 2900 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:03:39.0723 2900 IntcAzAudAddService - ok
15:03:39.0753 2900 [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:03:39.0763 2900 IntcDAud - ok
15:03:39.0793 2900 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:03:39.0793 2900 intelide - ok
15:03:39.0823 2900 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:03:39.0823 2900 intelppm - ok
15:03:39.0853 2900 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:03:39.0863 2900 IPBusEnum - ok
15:03:39.0863 2900 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:03:40.0243 2900 IpFilterDriver - ok
15:03:40.0323 2900 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:03:40.0323 2900 iphlpsvc - ok
15:03:40.0333 2900 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:03:40.0333 2900 IPMIDRV - ok
15:03:40.0353 2900 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:03:40.0643 2900 IPNAT - ok
15:03:40.0673 2900 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:03:40.0673 2900 IRENUM - ok
15:03:40.0683 2900 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:03:40.0683 2900 isapnp - ok
15:03:40.0713 2900 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:03:40.0713 2900 iScsiPrt - ok
15:03:40.0763 2900 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
15:03:40.0773 2900 k57nd60a - ok
15:03:40.0813 2900 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:03:40.0813 2900 kbdclass - ok
15:03:40.0833 2900 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:03:40.0833 2900 kbdhid - ok
15:03:40.0853 2900 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:03:40.0853 2900 KeyIso - ok
15:03:40.0883 2900 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:03:40.0883 2900 KSecDD - ok
15:03:40.0923 2900 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:03:40.0923 2900 KSecPkg - ok
15:03:40.0943 2900 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:03:40.0943 2900 ksthunk - ok
15:03:40.0973 2900 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:03:40.0983 2900 KtmRm - ok
15:03:41.0013 2900 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:03:41.0023 2900 LanmanServer - ok
15:03:41.0043 2900 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:03:41.0043 2900 LanmanWorkstation - ok
15:03:41.0103 2900 [ 93B73DED2BC688F140C6AE2FBAD45789 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:03:41.0103 2900 Live Updater Service - ok
15:03:41.0123 2900 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:03:41.0133 2900 lltdio - ok
15:03:41.0163 2900 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:03:41.0173 2900 lltdsvc - ok
15:03:41.0193 2900 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:03:41.0193 2900 lmhosts - ok
15:03:41.0233 2900 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:03:41.0233 2900 LMS - ok
15:03:41.0263 2900 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:03:41.0273 2900 LSI_FC - ok
15:03:41.0293 2900 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:03:41.0293 2900 LSI_SAS - ok
15:03:41.0303 2900 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:03:41.0303 2900 LSI_SAS2 - ok
15:03:41.0313 2900 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:03:41.0313 2900 LSI_SCSI - ok
15:03:41.0323 2900 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:03:41.0333 2900 luafv - ok
15:03:41.0363 2900 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:03:41.0373 2900 Mcx2Svc - ok
15:03:41.0373 2900 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:03:41.0383 2900 megasas - ok
15:03:41.0403 2900 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:03:41.0693 2900 MegaSR - ok
15:03:41.0703 2900 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:03:41.0703 2900 MMCSS - ok
15:03:41.0713 2900 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:03:41.0713 2900 Modem - ok
15:03:41.0723 2900 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:03:41.0723 2900 monitor - ok
15:03:41.0743 2900 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:03:41.0743 2900 mouclass - ok
15:03:41.0753 2900 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:03:41.0753 2900 mouhid - ok
15:03:41.0763 2900 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:03:41.0763 2900 mountmgr - ok
15:03:41.0773 2900 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:03:41.0773 2900 mpio - ok
15:03:41.0793 2900 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:03:41.0793 2900 mpsdrv - ok
15:03:41.0853 2900 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:03:41.0863 2900 MpsSvc - ok
15:03:41.0863 2900 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:03:41.0873 2900 MRxDAV - ok
15:03:41.0883 2900 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:03:41.0893 2900 mrxsmb - ok
15:03:41.0913 2900 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:03:41.0913 2900 mrxsmb10 - ok
15:03:41.0933 2900 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:03:41.0933 2900 mrxsmb20 - ok
15:03:41.0943 2900 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:03:41.0943 2900 msahci - ok
15:03:41.0953 2900 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:03:41.0963 2900 msdsm - ok
15:03:41.0983 2900 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:03:41.0993 2900 MSDTC - ok
15:03:42.0013 2900 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:03:42.0013 2900 Msfs - ok
15:03:42.0033 2900 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:03:42.0043 2900 mshidkmdf - ok
15:03:42.0043 2900 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:03:42.0043 2900 msisadrv - ok
15:03:42.0083 2900 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:03:42.0083 2900 MSiSCSI - ok
15:03:42.0093 2900 msiserver - ok
15:03:42.0113 2900 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:03:42.0113 2900 MSKSSRV - ok
15:03:42.0123 2900 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:03:42.0123 2900 MSPCLOCK - ok
15:03:42.0133 2900 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:03:42.0143 2900 MSPQM - ok
15:03:42.0163 2900 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:03:42.0163 2900 MsRPC - ok
15:03:42.0173 2900 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:03:42.0173 2900 mssmbios - ok
15:03:42.0193 2900 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:03:42.0193 2900 MSTEE - ok
15:03:42.0213 2900 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:03:42.0223 2900 MTConfig - ok
15:03:42.0233 2900 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:03:42.0233 2900 Mup - ok
15:03:42.0263 2900 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
15:03:42.0263 2900 mwlPSDFilter - ok
15:03:42.0273 2900 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
15:03:42.0283 2900 mwlPSDNServ - ok
15:03:42.0293 2900 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
15:03:42.0303 2900 mwlPSDVDisk - ok
15:03:42.0323 2900 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:03:42.0333 2900 napagent - ok
15:03:42.0383 2900 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:03:42.0393 2900 NativeWifiP - ok
15:03:42.0453 2900 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:03:42.0463 2900 NDIS - ok
15:03:42.0483 2900 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:03:42.0493 2900 NdisCap - ok
15:03:42.0513 2900 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:03:42.0513 2900 NdisTapi - ok
15:03:42.0533 2900 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:03:42.0533 2900 Ndisuio - ok
15:03:42.0553 2900 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:03:42.0553 2900 NdisWan - ok
15:03:42.0573 2900 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:03:42.0583 2900 NDProxy - ok
15:03:42.0593 2900 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:03:42.0593 2900 NetBIOS - ok
15:03:42.0613 2900 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:03:42.0613 2900 NetBT - ok
15:03:42.0663 2900 [ BA99A34A9B5EB737CE54BC0A7C596609 ] NETFLTDI C:\Windows\system32\Drivers\NETTDI64.SYS
15:03:42.0963 2900 NETFLTDI - ok
15:03:42.0993 2900 [ FD0BFED656D9B26C22E439CC0EF5C771 ] NETIMFLT01060044 C:\Windows\system32\DRIVERS\n64i1644.sys
15:03:42.0993 2900 NETIMFLT01060044 - ok
15:03:43.0003 2900 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:03:43.0013 2900 Netlogon - ok
15:03:43.0043 2900 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:03:43.0043 2900 Netman - ok
15:03:43.0053 2900 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:03:43.0063 2900 netprofm - ok
15:03:43.0083 2900 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:03:43.0083 2900 NetTcpPortSharing - ok
15:03:43.0123 2900 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:03:43.0123 2900 nfrd960 - ok
15:03:43.0143 2900 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:03:43.0153 2900 NlaSvc - ok
15:03:43.0283 2900 [ 9D037C4705ACE5B69E4CE9AAE8B0A0D0 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
15:03:43.0303 2900 NOBU - ok
15:03:43.0313 2900 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:03:43.0323 2900 Npfs - ok
15:03:43.0343 2900 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:03:43.0343 2900 nsi - ok
15:03:43.0363 2900 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:03:43.0363 2900 nsiproxy - ok
15:03:43.0433 2900 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:03:43.0473 2900 Ntfs - ok
15:03:43.0513 2900 [ 874C6BEB44845D56D5F6B01ABE409E9C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
15:03:43.0523 2900 NTI IScheduleSvc - ok
15:03:43.0543 2900 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
15:03:43.0553 2900 NTIDrvr - ok
15:03:43.0553 2900 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:03:43.0553 2900 Null - ok
15:03:43.0573 2900 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:03:43.0683 2900 nvraid - ok
15:03:43.0693 2900 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:03:43.0703 2900 nvstor - ok
15:03:43.0723 2900 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:03:43.0723 2900 nv_agp - ok
15:03:43.0733 2900 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:03:43.0743 2900 ohci1394 - ok
15:03:43.0773 2900 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:03:44.0913 2900 ose - ok
15:03:45.0043 2900 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:03:45.0143 2900 osppsvc - ok
15:03:45.0183 2900 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:03:45.0183 2900 p2pimsvc - ok
15:03:45.0223 2900 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:03:45.0223 2900 p2psvc - ok
15:03:45.0313 2900 [ 78B7642B0C51F24F0835C0226540D58B ] Panda Software Controller C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe
15:03:45.0313 2900 Panda Software Controller - ok
15:03:45.0333 2900 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:03:45.0343 2900 Parport - ok
15:03:45.0363 2900 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:03:45.0363 2900 partmgr - ok
15:03:45.0403 2900 [ 337A81B3FF34F9851D245D42A725FC22 ] pavboot C:\Windows\system32\Drivers\pavboot64.sys
15:03:45.0403 2900 pavboot - ok
15:03:45.0443 2900 [ 3BB71BD8B4873C5FECA890EFC6BF9257 ] PAVFNSVR C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe
15:03:45.0443 2900 PAVFNSVR - ok
15:03:45.0483 2900 [ 2AE3F6B23448443BBEF5DE207159213B ] PavPrSrv C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
15:03:45.0493 2900 PavPrSrv - ok
15:03:45.0533 2900 [ 97005413310966001FB6F4A5C503149C ] PAVSRV C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe
15:03:45.0533 2900 PAVSRV - ok
15:03:45.0553 2900 PavTPK.sys - ok
15:03:45.0583 2900 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:03:45.0583 2900 PcaSvc - ok
15:03:45.0613 2900 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:03:45.0613 2900 pci - ok
15:03:45.0633 2900 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:03:45.0633 2900 pciide - ok
15:03:45.0653 2900 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:03:45.0663 2900 pcmcia - ok
15:03:45.0673 2900 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:03:45.0673 2900 pcw - ok
15:03:45.0703 2900 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:03:45.0713 2900 PEAUTH - ok
15:03:45.0863 2900 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:03:45.0883 2900 PerfHost - ok
15:03:45.0943 2900 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:03:45.0993 2900 pla - ok
15:03:46.0053 2900 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:03:46.0053 2900 PlugPlay - ok
15:03:46.0063 2900 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:03:46.0063 2900 PNRPAutoReg - ok
15:03:46.0093 2900 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:03:46.0093 2900 PNRPsvc - ok
15:03:46.0123 2900 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:03:46.0133 2900 PolicyAgent - ok
15:03:46.0153 2900 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:03:46.0163 2900 Power - ok
15:03:46.0193 2900 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:03:46.0193 2900 PptpMiniport - ok
15:03:46.0213 2900 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:03:46.0253 2900 Processor - ok
15:03:46.0283 2900 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:03:46.0283 2900 ProfSvc - ok
15:03:46.0303 2900 Prot6Flt - ok
15:03:46.0323 2900 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:03:46.0323 2900 ProtectedStorage - ok
15:03:46.0343 2900 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:03:46.0343 2900 Psched - ok
15:03:46.0383 2900 [ 532053E8E3BB8FA7166AB4E7685FDDCC ] PSHost C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\Firewall\PSHOST.EXE
15:03:46.0393 2900 PSHost - ok
15:03:46.0413 2900 [ 196C450F2779D0B462C444DA4906EA7F ] PSIMSVC C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe
15:03:46.0413 2900 PSIMSVC - ok
15:03:46.0433 2900 [ 341457B79B3FC31A80C346C767045879 ] PskSvcRetail C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe
15:03:46.0433 2900 PskSvcRetail - ok
15:03:46.0473 2900 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:03:46.0873 2900 ql2300 - ok
15:03:46.0893 2900 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:03:47.0163 2900 ql40xx - ok
15:03:47.0193 2900 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:03:47.0203 2900 QWAVE - ok
15:03:47.0223 2900 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:03:47.0223 2900 QWAVEdrv - ok
15:03:47.0243 2900 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:03:47.0243 2900 RasAcd - ok
15:03:47.0283 2900 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:03:47.0293 2900 RasAgileVpn - ok
15:03:47.0303 2900 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:03:47.0313 2900 RasAuto - ok
15:03:47.0333 2900 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:03:47.0343 2900 Rasl2tp - ok
15:03:47.0353 2900 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:03:47.0353 2900 RasMan - ok
15:03:47.0373 2900 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:03:47.0383 2900 RasPppoe - ok
15:03:47.0393 2900 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:03:47.0403 2900 RasSstp - ok
15:03:47.0433 2900 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:03:47.0433 2900 rdbss - ok
15:03:47.0453 2900 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:03:47.0453 2900 rdpbus - ok
15:03:47.0463 2900 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:03:47.0463 2900 RDPCDD - ok
15:03:47.0503 2900 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:03:47.0503 2900 RDPENCDD - ok
15:03:47.0523 2900 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:03:47.0523 2900 RDPREFMP - ok
15:03:47.0573 2900 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:03:47.0583 2900 RdpVideoMiniport - ok
15:03:47.0603 2900 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:03:47.0613 2900 RDPWD - ok
15:03:47.0653 2900 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:03:47.0653 2900 rdyboost - ok
15:03:47.0703 2900 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:03:47.0703 2900 RemoteAccess - ok
15:03:47.0753 2900 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:03:47.0763 2900 RemoteRegistry - ok
15:03:47.0783 2900 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:03:47.0783 2900 RpcEptMapper - ok
15:03:47.0813 2900 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:03:47.0813 2900 RpcLocator - ok
15:03:47.0833 2900 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:03:47.0843 2900 RpcSs - ok
15:03:47.0883 2900 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:03:47.0883 2900 rspndr - ok
15:03:47.0933 2900 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:03:47.0943 2900 RSUSBSTOR - ok
15:03:47.0953 2900 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:03:47.0953 2900 SamSs - ok
15:03:47.0973 2900 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:03:47.0973 2900 sbp2port - ok
15:03:48.0003 2900 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:03:48.0013 2900 SCardSvr - ok
15:03:48.0033 2900 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:03:48.0053 2900 scfilter - ok
15:03:48.0103 2900 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:03:48.0113 2900 Schedule - ok
15:03:48.0143 2900 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:03:48.0143 2900 SCPolicySvc - ok
15:03:48.0173 2900 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:03:48.0183 2900 SDRSVC - ok
15:03:48.0203 2900 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:03:48.0213 2900 secdrv - ok
15:03:48.0223 2900 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:03:48.0233 2900 seclogon - ok
15:03:48.0243 2900 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:03:48.0243 2900 SENS - ok
15:03:48.0253 2900 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:03:48.0253 2900 SensrSvc - ok
15:03:48.0283 2900 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:03:48.0283 2900 Serenum - ok
15:03:48.0303 2900 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:03:48.0373 2900 Serial - ok
15:03:48.0373 2900 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:03:48.0373 2900 sermouse - ok
15:03:48.0403 2900 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:03:48.0403 2900 SessionEnv - ok
15:03:48.0413 2900 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:03:48.0413 2900 sffdisk - ok
15:03:48.0423 2900 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:03:48.0433 2900 sffp_mmc - ok
15:03:48.0443 2900 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:03:48.0443 2900 sffp_sd - ok
15:03:48.0443 2900 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:03:48.0453 2900 sfloppy - ok
15:03:48.0503 2900 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:03:48.0523 2900 Sftfs - ok
15:03:48.0593 2900 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:03:48.0653 2900 sftlist - ok
15:03:48.0673 2900 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:03:49.0013 2900 Sftplay - ok
15:03:49.0023 2900 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:03:49.0023 2900 Sftredir - ok
15:03:49.0033 2900 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:03:49.0033 2900 Sftvol - ok
15:03:49.0073 2900 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:03:49.0083 2900 sftvsa - ok
15:03:49.0123 2900 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:03:49.0143 2900 SharedAccess - ok
15:03:49.0173 2900 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:03:49.0183 2900 ShellHWDetection - ok
15:03:49.0213 2900 [ 03639A3B26AA808BAE79D89FDB4B151C ] ShldFlt C:\Windows\system32\DRIVERS\ShldFlt.sys
15:03:49.0213 2900 ShldFlt - ok
15:03:49.0233 2900 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:03:49.0233 2900 SiSRaid2 - ok
15:03:49.0243 2900 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:03:49.0253 2900 SiSRaid4 - ok
15:03:49.0403 2900 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:03:49.0433 2900 Skype C2C Service - ok
15:03:49.0503 2900 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:03:49.0503 2900 SkypeUpdate - ok
15:03:49.0533 2900 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:03:49.0533 2900 Smb - ok
15:03:49.0583 2900 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:03:49.0583 2900 SNMPTRAP - ok
15:03:49.0613 2900 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:03:49.0613 2900 spldr - ok
15:03:49.0653 2900 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:03:49.0663 2900 Spooler - ok
15:03:49.0763 2900 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:03:49.0793 2900 sppsvc - ok
15:03:49.0813 2900 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:03:49.0813 2900 sppuinotify - ok
15:03:49.0823 2900 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:03:49.0833 2900 srv - ok
15:03:49.0843 2900 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:03:49.0843 2900 srv2 - ok
15:03:49.0863 2900 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:03:49.0863 2900 srvnet - ok
15:03:49.0873 2900 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:03:49.0873 2900 SSDPSRV - ok
15:03:49.0893 2900 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:03:49.0893 2900 SstpSvc - ok
15:03:49.0913 2900 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:03:49.0913 2900 stexstor - ok
15:03:49.0973 2900 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:03:49.0993 2900 stisvc - ok
15:03:50.0013 2900 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:03:50.0013 2900 swenum - ok
15:03:50.0033 2900 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:03:50.0043 2900 swprv - ok
15:03:50.0093 2900 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:03:50.0113 2900 SysMain - ok
15:03:50.0133 2900 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:03:50.0133 2900 TabletInputService - ok
15:03:50.0163 2900 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:03:50.0173 2900 TapiSrv - ok
15:03:50.0183 2900 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:03:50.0183 2900 TBS - ok
15:03:50.0253 2900 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:03:50.0303 2900 Tcpip - ok
15:03:50.0343 2900 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:03:50.0353 2900 TCPIP6 - ok
15:03:50.0393 2900 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:03:50.0393 2900 tcpipreg - ok
15:03:50.0423 2900 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:03:50.0433 2900 TDPIPE - ok
15:03:50.0463 2900 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:03:50.0463 2900 TDTCP - ok
15:03:50.0483 2900 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:03:50.0493 2900 tdx - ok
15:03:50.0513 2900 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:03:50.0523 2900 TermDD - ok
15:03:50.0553 2900 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:03:50.0563 2900 TermService - ok
15:03:50.0573 2900 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:03:50.0573 2900 Themes - ok
15:03:50.0603 2900 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:03:50.0603 2900 THREADORDER - ok
15:03:50.0633 2900 [ 71D19B5D542B6EEA00C99D9984DC901F ] TPSrv C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe
15:03:50.0633 2900 TPSrv - ok
15:03:50.0653 2900 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:03:50.0653 2900 TrkWks - ok
15:03:50.0713 2900 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:03:50.0713 2900 TrustedInstaller - ok
15:03:50.0723 2900 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:03:50.0733 2900 tssecsrv - ok
15:03:50.0793 2900 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:03:50.0833 2900 TsUsbFlt - ok
15:03:50.0873 2900 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:03:50.0893 2900 TsUsbGD - ok
15:03:50.0943 2900 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:03:51.0243 2900 tunnel - ok
15:03:51.0263 2900 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:03:51.0263 2900 uagp35 - ok
15:03:51.0283 2900 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
15:03:51.0293 2900 UBHelper - ok
15:03:51.0313 2900 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:03:51.0323 2900 udfs - ok
15:03:51.0353 2900 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:03:51.0353 2900 UI0Detect - ok
15:03:51.0373 2900 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:03:51.0383 2900 uliagpkx - ok
15:03:51.0403 2900 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:03:51.0433 2900 umbus - ok
15:03:51.0453 2900 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:03:51.0463 2900 UmPass - ok
15:03:51.0543 2900 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:03:51.0553 2900 UNS - ok
15:03:51.0603 2900 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:03:51.0603 2900 upnphost - ok
15:03:51.0623 2900 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:03:51.0633 2900 usbccgp - ok
15:03:51.0643 2900 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:03:51.0713 2900 usbcir - ok
15:03:51.0743 2900 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:03:51.0743 2900 usbehci - ok
15:03:51.0763 2900 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
15:03:51.0773 2900 usbhub - ok
15:03:51.0783 2900 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:03:51.0783 2900 usbohci - ok
15:03:51.0793 2900 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:03:51.0793 2900 usbprint - ok
15:03:51.0803 2900 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
15:03:51.0803 2900 USBSTOR - ok
15:03:51.0813 2900 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:03:51.0813 2900 usbuhci - ok
15:03:51.0833 2900 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:03:51.0843 2900 usbvideo - ok
15:03:51.0853 2900 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:03:51.0853 2900 UxSms - ok
15:03:51.0873 2900 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:03:51.0873 2900 VaultSvc - ok
15:03:51.0903 2900 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:03:51.0903 2900 vdrvroot - ok
15:03:51.0933 2900 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:03:51.0953 2900 vds - ok
15:03:51.0953 2900 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:03:51.0953 2900 vga - ok
15:03:51.0973 2900 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:03:51.0973 2900 VgaSave - ok
15:03:51.0983 2900 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:03:51.0993 2900 vhdmp - ok
15:03:51.0993 2900 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:03:52.0003 2900 viaide - ok
15:03:52.0013 2900 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:03:52.0023 2900 volmgr - ok
15:03:52.0043 2900 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:03:52.0053 2900 volmgrx - ok
15:03:52.0053 2900 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:03:52.0063 2900 volsnap - ok
15:03:52.0083 2900 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:03:52.0083 2900 vsmraid - ok
15:03:52.0133 2900 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:03:52.0143 2900 VSS - ok
15:03:52.0253 2900 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
15:03:52.0253 2900 vToolbarUpdater13.2.0 - ok
15:03:52.0273 2900 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:03:52.0293 2900 vwifibus - ok
15:03:52.0323 2900 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:03:52.0323 2900 vwififlt - ok
15:03:52.0353 2900 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:03:52.0353 2900 W32Time - ok
15:03:52.0363 2900 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:03:52.0363 2900 WacomPen - ok
15:03:52.0403 2900 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:03:52.0403 2900 WANARP - ok
15:03:52.0413 2900 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:03:52.0413 2900 Wanarpv6 - ok
15:03:52.0473 2900 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:03:52.0503 2900 WatAdminSvc - ok
15:03:52.0553 2900 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:03:52.0613 2900 wbengine - ok
15:03:52.0653 2900 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:03:52.0663 2900 WbioSrvc - ok
15:03:52.0683 2900 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:03:52.0693 2900 wcncsvc - ok
15:03:52.0713 2900 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:03:52.0723 2900 WcsPlugInService - ok
15:03:52.0743 2900 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:03:52.0753 2900 Wd - ok
15:03:52.0793 2900 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:03:52.0803 2900 Wdf01000 - ok
15:03:52.0813 2900 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:03:52.0823 2900 WdiServiceHost - ok
15:03:52.0823 2900 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:03:52.0823 2900 WdiSystemHost - ok
15:03:52.0843 2900 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:03:52.0863 2900 WebClient - ok
15:03:52.0883 2900 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:03:52.0893 2900 Wecsvc - ok
15:03:52.0903 2900 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:03:52.0903 2900 wercplsupport - ok
15:03:52.0943 2900 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:03:52.0943 2900 WerSvc - ok
15:03:52.0973 2900 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:03:52.0973 2900 WfpLwf - ok
15:03:53.0003 2900 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:03:53.0003 2900 WIMMount - ok
15:03:53.0013 2900 WinHttpAutoProxySvc - ok
15:03:53.0083 2900 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:03:53.0083 2900 Winmgmt - ok
15:03:53.0143 2900 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:03:53.0243 2900 WinRM - ok
15:03:53.0333 2900 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:03:53.0353 2900 Wlansvc - ok
15:03:53.0433 2900 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:03:53.0433 2900 wlcrasvc - ok
15:03:53.0513 2900 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:03:53.0523 2900 wlidsvc - ok
15:03:53.0563 2900 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:03:53.0563 2900 WmiAcpi - ok
15:03:53.0603 2900 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:03:53.0613 2900 wmiApSrv - ok
15:03:53.0663 2900 WMPNetworkSvc - ok
15:03:53.0683 2900 [ C1B61612FCCC6E750AD0A6E19C77EE85 ] WNMFLT C:\Windows\system32\Drivers\WNMFLT64.SYS
15:03:53.0683 2900 WNMFLT - ok
15:03:53.0713 2900 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:03:53.0723 2900 WPCSvc - ok
15:03:53.0733 2900 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:03:53.0733 2900 WPDBusEnum - ok
15:03:53.0763 2900 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:03:53.0763 2900 ws2ifsl - ok
15:03:53.0773 2900 WSearch - ok
15:03:53.0873 2900 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:03:53.0893 2900 wuauserv - ok
15:03:53.0923 2900 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:03:53.0923 2900 WudfPf - ok
15:03:53.0953 2900 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:03:53.0953 2900 wudfsvc - ok
15:03:53.0983 2900 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:03:53.0983 2900 WwanSvc - ok
15:03:54.0013 2900 ================ Scan global ===============================
15:03:54.0043 2900 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:03:54.0083 2900 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:03:54.0093 2900 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:03:54.0123 2900 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:03:54.0143 2900 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:03:54.0143 2900 [Global] - ok
15:03:54.0153 2900 ================ Scan MBR ==================================
15:03:54.0163 2900 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:03:54.0833 2900 \Device\Harddisk0\DR0 - ok
15:03:54.0833 2900 ================ Scan VBR ==================================
15:03:54.0833 2900 [ 12FF2AE30AB7C7111459C614FBC53C42 ] \Device\Harddisk0\DR0\Partition1
15:03:54.0843 2900 \Device\Harddisk0\DR0\Partition1 - ok
15:03:54.0863 2900 [ 42844EA6172C9CDE15E27B51A1E7E174 ] \Device\Harddisk0\DR0\Partition2
15:03:54.0863 2900 \Device\Harddisk0\DR0\Partition2 - ok
15:03:54.0863 2900 ============================================================
15:03:54.0863 2900 Scan finished
15:03:54.0863 2900 ============================================================
15:03:54.0873 5488 Detected object count: 0
15:03:54.0873 5488 Actual detected object count: 0

#6 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 04:33 PM

here is aswMBR log file, i hope this helps you and me out :)aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-16 15:09:24
-----------------------------
15:09:24.571 OS Version: Windows x64 6.1.7601 Service Pack 1
15:09:24.571 Number of processors: 2 586 0x2505
15:09:24.571 ComputerName: TREVOR-PC UserName: Trevor
15:09:25.821 Initialize success
15:10:49.446 AVAST engine defs: 13011600
15:11:05.976 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:11:05.986 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
15:11:05.996 Disk 0 MBR read successfully
15:11:05.996 Disk 0 MBR scan
15:11:06.006 Disk 0 Windows 7 default MBR code
15:11:06.006 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
15:11:06.026 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
15:11:06.046 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461478 MB offset 31664128
15:11:06.066 Disk 0 scanning C:\Windows\system32\drivers
15:11:25.426 Service scanning
15:12:18.228 Modules scanning
15:12:18.228 Disk 0 trace - called modules:
15:12:18.248 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:12:18.258 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006a3c060]
15:12:18.258 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006854050]
15:12:20.168 AVAST engine scan C:\Windows
15:12:24.008 AVAST engine scan C:\Windows\system32
15:16:27.892 AVAST engine scan C:\Windows\system32\drivers
15:16:50.812 AVAST engine scan C:\Users\Trevor
15:25:03.982 AVAST engine scan C:\ProgramData
15:30:26.533 Scan finished successfully
15:30:45.555 Disk 0 MBR has been saved successfully to "C:\Users\Trevor\Desktop\MBR.dat"
15:30:45.565 The log file has been saved successfully to "C:\Users\Trevor\Desktop\aswMBR.txt"

#7 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 06:24 PM

this is all the ESET san found, that one took a while
C:\Users\Trevor\AppData\Local\Temp\YontooSetup-S.exe multiple threats cleaned by deleting - quarantined

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:59 PM

Posted 16 January 2013 - 07:04 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#9 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 07:11 PM

i keep getting an update error on malwarebytes.

same error i get that i posted in number 3

#10 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 07:12 PM

should i continue with minitool box and everything else?

#11 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 07:20 PM

minitool box log
MiniToolBox by Farbar Version:10-01-2013
Ran by Trevor (administrator) on 16-01-2013 at 18:14:46
Running from "C:\Users\Trevor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PMRNBV23"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost


127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5B97 Wireless Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Trevor-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter
Physical Address. . . . . . . . . : 60-D8-19-13-A3-57
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::31eb:f2c0:a66b:19e9%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.100.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : January-16-13 5:43:59 PM
Lease Expires . . . . . . . . . . : January-17-13 5:43:58 PM
Default Gateway . . . . . . . . . : 192.168.100.254
DHCP Server . . . . . . . . . . . : 192.168.100.254
DHCPv6 IAID . . . . . . . . . . . : 392222745
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-74-2D-14-B8-70-F4-E6-AE-AC
DNS Servers . . . . . . . . . . . : 192.168.100.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : B8-70-F4-E6-AE-AC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3440:38d1:305e:e2d0(Preferred)
Link-local IPv6 Address . . . . . : fe80::3440:38d1:305e:e2d0%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: home
Address: 192.168.100.254

Name: google.com
Addresses: 2607:f8b0:400b:801::1005
74.125.226.41
74.125.226.46
74.125.226.32
74.125.226.33
74.125.226.34
74.125.226.35
74.125.226.36
74.125.226.37
74.125.226.38
74.125.226.39
74.125.226.40


Pinging google.com [74.125.226.40] with 32 bytes of data:
Reply from 74.125.226.40: bytes=32 time=46ms TTL=58
Reply from 74.125.226.40: bytes=32 time=44ms TTL=58

Ping statistics for 74.125.226.40:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 44ms, Maximum = 46ms, Average = 45ms
Server: home
Address: 192.168.100.254

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=95ms TTL=54
Reply from 206.190.36.45: bytes=32 time=88ms TTL=54

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 88ms, Maximum = 95ms, Average = 91ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...60 d8 19 13 a3 57 ......Atheros AR5B97 Wireless Network Adapter
11...b8 70 f4 e6 ae ac ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.100.254 192.168.100.105 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.100.0 255.255.255.0 On-link 192.168.100.105 281
192.168.100.105 255.255.255.255 On-link 192.168.100.105 281
192.168.100.255 255.255.255.255 On-link 192.168.100.105 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.100.105 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.100.105 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:3440:38d1:305e:e2d0/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
12 281 fe80::31eb:f2c0:a66b:19e9/128
On-link
13 306 fe80::3440:38d1:305e:e2d0/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/16/2013 05:44:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2013 03:34:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/16/2013 03:18:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2013 00:30:58 AM) (Source: Application Hang) (User: )
Description: The program PokerStars.exe version 6.5.9.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2e44

Start Time: 01cdf3b2d66f8ef1

Termination Time: 10

Application Path: C:\Program Files (x86)\PokerStars\PokerStars.exe

Report Id: 3bbd2281-5fa6-11e2-aa01-b870f4e6aeac

Error: (01/15/2013 07:08:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16457, time stamp: 0x50a2f9e3
Faulting module name: PavLspHookWow.DLL, version: 9.2.2.1, time stamp: 0x4fbb9911
Exception code: 0xc0000005
Fault offset: 0x00001b51
Faulting process id: 0x1628
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (01/15/2013 11:10:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2013 10:04:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2013 00:37:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/13/2013 06:26:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 01:02:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/16/2013 05:48:27 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004002

Error: (01/16/2013 05:46:08 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147467262.

Error: (01/16/2013 05:46:08 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004002

Error: (01/16/2013 05:45:51 PM) (Source: Service Control Manager) (User: )
Description: The Diagnostic System Host service hung on starting.

Error: (01/16/2013 05:43:59 PM) (Source: NETLOGON) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (01/16/2013 04:44:02 AM) (Source: Service Control Manager) (User: )
Description: The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/16/2013 03:22:01 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004002

Error: (01/16/2013 03:20:04 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147467262.

Error: (01/16/2013 03:20:02 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004002

Error: (01/16/2013 03:19:45 AM) (Source: Service Control Manager) (User: )
Description: The Diagnostic System Host service hung on starting.


Microsoft Office Sessions:
=========================
Error: (01/16/2013 05:44:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2013 03:34:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Trevor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1NEP6YLC\esetsmartinstaller_enu.exe

Error: (01/16/2013 03:18:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2013 00:30:58 AM) (Source: Application Hang)(User: )
Description: PokerStars.exe6.5.9.82e4401cdf3b2d66f8ef110C:\Program Files (x86)\PokerStars\PokerStars.exe3bbd2281-5fa6-11e2-aa01-b870f4e6aeac

Error: (01/15/2013 07:08:00 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1645750a2f9e3PavLspHookWow.DLL9.2.2.14fbb9911c000000500001b51162801cdf35ce333ff7eC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\WINDOWS\SYSWOW64\PavLspHookWow.DLL2aeab9f0-5f79-11e2-aa01-b870f4e6aeac

Error: (01/15/2013 11:10:06 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2013 10:04:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2013 00:37:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/13/2013 06:26:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 01:02:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2012-07-02 22:35:21.079
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-07-02 22:35:21.069
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-07-02 22:35:18.280
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-07-02 22:35:18.260
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-07-02 22:33:06.869
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-07-02 22:33:06.849
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-07-02 22:33:00.399
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-07-02 22:33:00.379
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-07-02 22:31:11.541
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-07-02 22:31:11.525
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

3D Pinball (Version: 5.1.2600.5512)
Acer Backup Manager (Version: 2.0.0.72)
Acer Crystal Eye Webcam (Version: 1.5.2904.00)
Acer ePower Management (Version: 5.00.3009)
Acer eRecovery Management (Version: 4.05.3500)
Acer Games (Version: 1.0.2.5)
Acer Registration (Version: 1.04.3504)
Acer ScreenSaver (Version: 1.1.0517.2011)
Acer Updater (Version: 1.02.3502)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader X (10.1.5) MUI (Version: 10.1.5)
Agatha Christie - Death on the Nile (Version: 2.2.0.98)
µTorrent (Version: 3.2.0)
AVG Security Toolbar (Version: 13.2.0.5)
Backup Manager Basic (Version: 2.0.0.72)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3)
Build-a-lot 4 - Power Source (Version: 2.2.0.97)
Chronicles of Albian (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Company of Heroes (Version: 1.0.0.78)
Contrôle ActiveX Windows Live Mesh pour connexions ŕ distance (Version: 15.4.5722.2)
Cradle of Rome 2 (Version: 2.2.0.95)
CyberLink PowerDVD 9 (Version: 9.0.3817.50)
D3DX10 (Version: 15.4.2368.0902)
Device Doctor v2.1 (Version: 2.1)
Dora's World Adventure (Version: 2.2.0.95)
ESET Online Scanner v3
ETDWare PS/2-x64 7.0.6.5_WHQL (Version: 7.0.6.5)
Express Burn
FATE: The Cursed King (Version: 2.2.0.97)
Final Drive: Nitro (Version: 2.2.0.95)
FixCleaner (Version: 2.0.4556)
Full Tilt Poker (Version: 4.48.2.WIN.FullTilt.COM)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
GamesBar 2.0.1.82 (Version: 2.0.1.82)
Google Chrome (Version: 24.0.1312.52)
Google Earth (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hardware Helper (Version: 12.0)
Identity Card (Version: 1.00.3501)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Jewel Match 3 (Version: 2.2.0.97)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 4.0.14)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Mystery of Mortlake Mansion (Version: 2.2.0.98)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (Version: 4.0.14.27)
MyWinLocker Suite (Version: 4.0.14.19)
newsXpresso (Version: 1.0.0.40)
Norton Online Backup (Version: 2.6.0.86)
NTI Media Maker 9 (Version: 9.0.2.9002)
Panda ActiveScan Cleaner (Version: 1.0.12)
Panda Antivirus Pro 2012 (Version: 11.00.00)
Panda Secure Vault 5
PartyPoker
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poker at bet365
PokerStars
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30124)
Shredder (Version: 2.0.8.9)
Skype Click to Call (Version: 6.5.11422)
Skype™ 5.10 (Version: 5.10.116)
STOPzilla (Version: 6.0.3.73)
Titan Poker
Torchlight (Version: 2.2.0.97)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
Welcome Center (Version: 1.02.3504)
WildTangent Games App (Acer Games) (Version: 4.0.5.14)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma's Revenge (Version: 2.2.0.97)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 5814.71 MB
Available physical RAM: 3353.68 MB
Total Pagefile: 11627.61 MB
Available Pagefile: 9064.37 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.17 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:381.07 GB) NTFS

========================= Users: ========================================

User accounts for \\TREVOR-PC

Administrator Guest Trevor

========================= Restore Points ==================================

02-01-2013 13:14:44 Scheduled Checkpoint
07-01-2013 19:50:53 DLL-Files Fixer Mon, Jan 07, 13 13:50
08-01-2013 22:02:36 Installed SpyHunter
08-01-2013 22:48:33 Removed SpyHunter
08-01-2013 22:49:22 Removed SpyHunter
08-01-2013 22:50:58 Windows Update
08-01-2013 23:33:20 Windows Update
08-01-2013 23:55:37 Installed Microsoft Fix it 50195
09-01-2013 00:58:27 Windows Update
16-01-2013 11:22:51 Scheduled Checkpoint
16-01-2013 23:36:52 Installed STOPzilla. Available with Windows Installer version 1.2 and later.
16-01-2013 23:46:08 StopZILLA! Restore Point.

**** End of log ****

#12 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 07:25 PM

hi i tried downloading fss.exe but it wont start or run, i tried everything, saving it first then running it but it wont even save, also i tried running it several times and it just wont finish downloading nothing happens,

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:59 PM

Posted 16 January 2013 - 07:28 PM

Ignore FSS.

Uninstall Malwarebytes using this tool

https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/_clean

Install malwarebytes again.let me know if that works

#14 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 07:51 PM

the junkware removal
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.3 (01.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by Trevor on 16/01/2013 at 18:33:10.88
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-3338287601-4112246178-3484598039-1000\software\microsoft\internet explorer\searchscopes\\DefaultScope



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\1clickdownload
Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\fixcleaner
Successfully deleted: [Registry Key] hkey_local_machine\software\fixcleaner
Successfully deleted: [Registry Key] hkey_local_machine\software\iminent
Successfully deleted: [Registry Key] hkey_current_user\software\mediafinder
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\crossrider
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\i want this
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\pricegong
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\scripthelper.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\viprotocol.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\mf
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\s
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3196716
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3201318
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{171debeb-c3d4-40b7-ac73-056a5eba4a7e}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{36377dd7-b3eb-42f5-986f-680baf59ba9d}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{95b7759c-8c7f-4bf1-b163-73684a933233}



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\speedmaxpc"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Trevor\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Trevor\AppData\Roaming\fixcleaner"
Successfully deleted: [Folder] "C:\Users\Trevor\AppData\Roaming\speedmaxpc"
Successfully deleted: [Folder] "C:\Users\Trevor\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Trevor\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\fixcleaner"
Successfully deleted: [Folder] "C:\Program Files (x86)\gamesbar"
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Trevor\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Successfully deleted: [Registry Key] hkey_current_user\software\google\chrome\extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\ejpbbhjlbipncjklfjjaedaieimbmdda



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/01/2013 at 18:48:10.32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#15 trevor12

trevor12
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 16 January 2013 - 07:59 PM

the link for malwarebytes worked and it updated successfully am currently scanning now




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users