Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Websites unavailable ou redirects


  • Please log in to reply
12 replies to this topic

#1 Duarte Silva

Duarte Silva

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 23 November 2012 - 11:29 AM

Hello,
For a couple of days I have been dealing with this problem and I have to say that I am not capable of solving it by myself.
I run a Windows Vista Business computer for several years, and now I cannot access Microsoft.com or other anti-virus software using internet explorer or google chrome. Sometimes I get redirected to google others I get the message “Internet Explorer cannot display the webpage”.
The first symptom that I notice was one keystroke puts two characters like this ~~ ´´ `` ^^
I already scanned my system with malwarebytes, spybot, tdss and others and nothing was found.
I’m Portuguese and as you may know we use lots of chars like that in our day basis conversations, so this is really annoying.
Your help will be very appreciated, so I will wait for some. Thanks in advance,

Regards
Duarte

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 AM

Posted 23 November 2012 - 12:11 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Duarte Silva

Duarte Silva
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 24 November 2012 - 06:00 AM

Ok, I'm Doing the requested tasks.
Having little dificulties because some links posted are blocked in my conmputer. Trying to download with another PC and install in the problematic one.
I will post the logs ASAP.

#4 Duarte Silva

Duarte Silva
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 24 November 2012 - 11:11 AM

Hello again,
Already downloaded the tools, only TDSSKiller worked normally, the tool aswMBR was unable to perform the latest virus definitions download but it still run and produced the log posted bellow.ESET online scanner does nothing because it cannot download de virus definitions.

15:49:11.0715 4672 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:49:12.0011 4672 ============================================================
15:49:12.0011 4672 Current date / time: 2012/11/24 15:49:12.0011
15:49:12.0011 4672 SystemInfo:
15:49:12.0011 4672
15:49:12.0011 4672 OS Version: 6.0.6002 ServicePack: 2.0
15:49:12.0011 4672 Product type: Workstation
15:49:12.0011 4672 ComputerName: DSILVA-POR
15:49:12.0011 4672 UserName: dsilva
15:49:12.0011 4672 Windows directory: C:\Windows
15:49:12.0011 4672 System windows directory: C:\Windows
15:49:12.0011 4672 Processor architecture: Intel x86
15:49:12.0011 4672 Number of processors: 2
15:49:12.0011 4672 Page size: 0x1000
15:49:12.0011 4672 Boot type: Normal boot
15:49:12.0011 4672 ============================================================
15:49:12.0542 4672 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x204E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
15:49:12.0542 4672 Drive \Device\Harddisk1\DR1 - Size: 0xEEC00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:49:12.0557 4672 ============================================================
15:49:12.0557 4672 \Device\Harddisk0\DR0:
15:49:12.0557 4672 MBR partitions:
15:49:12.0557 4672 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x773F800
15:49:12.0557 4672 \Device\Harddisk1\DR1:
15:49:12.0557 4672 MBR partitions:
15:49:12.0557 4672 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x774080
15:49:12.0557 4672 ============================================================
15:49:12.0557 4672 C: <-> \Device\Harddisk0\DR0\Partition1
15:49:12.0557 4672 ============================================================
15:49:12.0557 4672 Initialize success
15:49:12.0557 4672 ============================================================
15:49:41.0433 6256 ============================================================
15:49:41.0433 6256 Scan started
15:49:41.0433 6256 Mode: Manual; TDLFS;
15:49:41.0433 6256 ============================================================
15:49:41.0589 6256 ================ Scan system memory ========================
15:49:41.0589 6256 System memory - ok
15:49:41.0589 6256 ================ Scan services =============================
15:49:41.0651 6256 [ 37E62B1D2BA075E3AD7AB30C873CEFA6 ] 5U875UVC C:\Windows\system32\DRIVERS\5U875.sys
15:49:41.0651 6256 5U875UVC - ok
15:49:41.0667 6256 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
15:49:41.0682 6256 ACPI - ok
15:49:41.0682 6256 [ A125765807A56B6323635CDDC5EF0770 ] AcPrfMgrSvc C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
15:49:41.0698 6256 AcPrfMgrSvc - ok
15:49:41.0698 6256 [ 977457D42BC46E46D1FEA8D375685DE9 ] AcSvc C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
15:49:41.0714 6256 AcSvc - ok
15:49:41.0729 6256 [ 3D691C6BF2B258E738057B42F9F57CCE ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
15:49:41.0729 6256 ADIHdAudAddService - ok
15:49:41.0745 6256 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:49:41.0745 6256 AdobeFlashPlayerUpdateSvc - ok
15:49:41.0760 6256 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:49:41.0776 6256 adp94xx - ok
15:49:41.0792 6256 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:49:41.0792 6256 adpahci - ok
15:49:41.0807 6256 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
15:49:41.0807 6256 adpu160m - ok
15:49:41.0823 6256 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:49:41.0823 6256 adpu320 - ok
15:49:41.0838 6256 [ 1864CB118391446DB5254DB60844E6B0 ] AEADIFilters C:\Windows\system32\AEADISRV.EXE
15:49:41.0838 6256 AEADIFilters - ok
15:49:41.0854 6256 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:49:41.0854 6256 AeLookupSvc - ok
15:49:41.0854 6256 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
15:49:41.0870 6256 AFD - ok
15:49:41.0870 6256 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:49:41.0885 6256 agp440 - ok
15:49:41.0885 6256 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
15:49:41.0885 6256 aic78xx - ok
15:49:41.0901 6256 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
15:49:41.0901 6256 ALG - ok
15:49:41.0901 6256 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
15:49:41.0901 6256 aliide - ok
15:49:41.0916 6256 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:49:41.0916 6256 amdagp - ok
15:49:41.0916 6256 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
15:49:41.0932 6256 amdide - ok
15:49:41.0932 6256 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
15:49:41.0932 6256 AmdK7 - ok
15:49:41.0948 6256 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:49:41.0948 6256 AmdK8 - ok
15:49:41.0948 6256 [ 14660206DC539DB62F37B4A75A984578 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
15:49:41.0963 6256 ApfiltrService - ok
15:49:41.0963 6256 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
15:49:41.0963 6256 Appinfo - ok
15:49:41.0979 6256 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:49:41.0979 6256 Apple Mobile Device - ok
15:49:41.0994 6256 [ BBC83F74C27067929DC3F6D4E1A10299 ] applebmt C:\Windows\system32\DRIVERS\applebmt.sys
15:49:41.0994 6256 applebmt - ok
15:49:41.0994 6256 [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt C:\Windows\System32\appmgmts.dll
15:49:42.0010 6256 AppMgmt - ok
15:49:42.0010 6256 [ 55DE6E658BC63B862AF0D31340484DB1 ] ApRunSvc C:\Program Files\Apoint2K\ApRunSvc.exe
15:49:42.0010 6256 ApRunSvc - ok
15:49:42.0026 6256 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
15:49:42.0026 6256 arc - ok
15:49:42.0026 6256 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:49:42.0026 6256 arcsas - ok
15:49:42.0057 6256 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:49:42.0057 6256 aspnet_state - ok
15:49:42.0072 6256 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:49:42.0072 6256 AsyncMac - ok
15:49:42.0072 6256 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
15:49:42.0072 6256 atapi - ok
15:49:42.0088 6256 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:49:42.0104 6256 AudioEndpointBuilder - ok
15:49:42.0104 6256 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:49:42.0119 6256 Audiosrv - ok
15:49:42.0119 6256 [ 0F4113D4C0FF4FA355E6B204BA824A7A ] Automatic CDROM Monitor C:\Windows\system32\SupportAppPT\ztemon_cd.exe
15:49:42.0119 6256 Automatic CDROM Monitor - ok
15:49:42.0135 6256 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
15:49:42.0135 6256 Beep - ok
15:49:42.0150 6256 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
15:49:42.0166 6256 BFE - ok
15:49:42.0182 6256 [ 0D4A07E5AC9998E4B251D603C96D4F20 ] BITS C:\Windows\System32\qmgr.dll
15:49:42.0197 6256 BITS - ok
15:49:42.0213 6256 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:49:42.0213 6256 blbdrive - ok
15:49:42.0228 6256 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:49:42.0228 6256 Bonjour Service - ok
15:49:42.0244 6256 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:49:42.0244 6256 bowser - ok
15:49:42.0260 6256 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
15:49:42.0260 6256 BrFiltLo - ok
15:49:42.0260 6256 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
15:49:42.0260 6256 BrFiltUp - ok
15:49:42.0275 6256 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
15:49:42.0275 6256 Browser - ok
15:49:42.0275 6256 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
15:49:42.0275 6256 Brserid - ok
15:49:42.0291 6256 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
15:49:42.0291 6256 BrSerWdm - ok
15:49:42.0291 6256 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
15:49:42.0306 6256 BrUsbMdm - ok
15:49:42.0306 6256 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
15:49:42.0306 6256 BrUsbSer - ok
15:49:42.0322 6256 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
15:49:42.0322 6256 BthEnum - ok
15:49:42.0322 6256 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:49:42.0322 6256 BTHMODEM - ok
15:49:42.0338 6256 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:49:42.0338 6256 BthPan - ok
15:49:42.0353 6256 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:49:42.0369 6256 BTHPORT - ok
15:49:42.0384 6256 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
15:49:42.0384 6256 BthServ - ok
15:49:42.0384 6256 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:49:42.0384 6256 BTHUSB - ok
15:49:42.0400 6256 [ 7F256D9FFF384FAA40DF5DB1CB8531D9 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:49:42.0400 6256 btwaudio - ok
15:49:42.0416 6256 [ D87D990131AAABB27D4046790292366D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
15:49:42.0416 6256 btwavdt - ok
15:49:42.0416 6256 [ D02F4D18AA4A38F781BEEFEB1892E144 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:49:42.0416 6256 btwl2cap - ok
15:49:42.0431 6256 [ E1771C0FB49E747AB2B2D29DA50510F9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:49:42.0431 6256 btwrchid - ok
15:49:42.0431 6256 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:49:42.0447 6256 cdfs - ok
15:49:42.0447 6256 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:49:42.0447 6256 cdrom - ok
15:49:42.0462 6256 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
15:49:42.0462 6256 CertPropSvc - ok
15:49:42.0462 6256 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
15:49:42.0462 6256 circlass - ok
15:49:42.0478 6256 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
15:49:42.0478 6256 CLFS - ok
15:49:42.0494 6256 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:49:42.0494 6256 clr_optimization_v2.0.50727_32 - ok
15:49:42.0509 6256 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:49:42.0509 6256 clr_optimization_v4.0.30319_32 - ok
15:49:42.0525 6256 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:49:42.0525 6256 CmBatt - ok
15:49:42.0525 6256 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:49:42.0525 6256 cmdide - ok
15:49:42.0540 6256 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:49:42.0540 6256 Compbatt - ok
15:49:42.0540 6256 COMSysApp - ok
15:49:42.0556 6256 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:49:42.0556 6256 crcdisk - ok
15:49:42.0572 6256 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
15:49:42.0572 6256 Crusoe - ok
15:49:42.0572 6256 Crypkey License - ok
15:49:42.0587 6256 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:49:42.0587 6256 CryptSvc - ok
15:49:42.0603 6256 [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC C:\Windows\system32\drivers\csc.sys
15:49:42.0618 6256 CSC - ok
15:49:42.0634 6256 [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService C:\Windows\System32\cscsvc.dll
15:49:42.0650 6256 CscService - ok
15:49:42.0650 6256 [ 91C1736E77CFF029302728B431D0EEDB ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
15:49:42.0650 6256 dc3d - ok
15:49:42.0681 6256 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:49:42.0681 6256 DcomLaunch - ok
15:49:42.0696 6256 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:49:42.0696 6256 DfsC - ok
15:49:42.0743 6256 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
15:49:42.0790 6256 DFSR - ok
15:49:42.0806 6256 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
15:49:42.0806 6256 Dhcp - ok
15:49:42.0806 6256 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
15:49:42.0821 6256 disk - ok
15:49:42.0821 6256 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:49:42.0821 6256 Dnscache - ok
15:49:42.0837 6256 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:49:42.0837 6256 dot3svc - ok
15:49:42.0852 6256 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
15:49:42.0852 6256 DPS - ok
15:49:42.0868 6256 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:49:42.0868 6256 drmkaud - ok
15:49:42.0884 6256 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:49:42.0884 6256 dtsoftbus01 - ok
15:49:42.0899 6256 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:49:42.0915 6256 DXGKrnl - ok
15:49:42.0930 6256 [ E4563BE48EF4E8D8AD3EDD92BB01AD9A ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
15:49:42.0930 6256 e1express - ok
15:49:42.0946 6256 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
15:49:42.0946 6256 E1G60 - ok
15:49:42.0962 6256 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
15:49:42.0962 6256 EapHost - ok
15:49:42.0977 6256 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
15:49:42.0977 6256 Ecache - ok
15:49:42.0993 6256 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:49:42.0993 6256 elxstor - ok
15:49:43.0024 6256 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
15:49:43.0024 6256 EMDMgmt - ok
15:49:43.0040 6256 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:49:43.0040 6256 ErrDev - ok
15:49:43.0055 6256 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
15:49:43.0055 6256 EventSystem - ok
15:49:43.0086 6256 [ 2D41D7250F73272946DE04FF7A19761E ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:49:43.0102 6256 EvtEng - ok
15:49:43.0118 6256 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
15:49:43.0118 6256 exfat - ok
15:49:43.0133 6256 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:49:43.0133 6256 fastfat - ok
15:49:43.0149 6256 [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax C:\Windows\system32\fxssvc.exe
15:49:43.0164 6256 Fax - ok
15:49:43.0180 6256 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:49:43.0180 6256 fdc - ok
15:49:43.0180 6256 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
15:49:43.0180 6256 fdPHost - ok
15:49:43.0196 6256 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
15:49:43.0196 6256 FDResPub - ok
15:49:43.0211 6256 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:49:43.0211 6256 FileInfo - ok
15:49:43.0227 6256 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:49:43.0227 6256 Filetrace - ok
15:49:43.0242 6256 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:49:43.0258 6256 FLEXnet Licensing Service - ok
15:49:43.0274 6256 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:49:43.0274 6256 flpydisk - ok
15:49:43.0274 6256 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:49:43.0289 6256 FltMgr - ok
15:49:43.0305 6256 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
15:49:43.0320 6256 FontCache - ok
15:49:43.0336 6256 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:49:43.0336 6256 FontCache3.0.0.0 - ok
15:49:43.0352 6256 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:49:43.0352 6256 Fs_Rec - ok
15:49:43.0352 6256 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:49:43.0352 6256 gagp30kx - ok
15:49:43.0367 6256 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:49:43.0367 6256 GEARAspiWDM - ok
15:49:43.0383 6256 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
15:49:43.0398 6256 gpsvc - ok
15:49:43.0414 6256 [ D956358054E99E6FFAC69CD87E893A89 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
15:49:43.0414 6256 grmnusb - ok
15:49:43.0430 6256 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9de0067eed31a C:\Program Files\Google\Update\GoogleUpdate.exe
15:49:43.0430 6256 gupdate1c9de0067eed31a - ok
15:49:43.0445 6256 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:49:43.0445 6256 gupdatem - ok
15:49:43.0461 6256 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:49:43.0461 6256 gusvc - ok
15:49:43.0476 6256 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:49:43.0476 6256 HdAudAddService - ok
15:49:43.0508 6256 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:49:43.0523 6256 HDAudBus - ok
15:49:43.0523 6256 [ FCB3F4BE408F72C1BD81BCABA87FC22F ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:49:43.0523 6256 HidBth - ok
15:49:43.0539 6256 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
15:49:43.0539 6256 HidIr - ok
15:49:43.0539 6256 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
15:49:43.0554 6256 hidserv - ok
15:49:43.0554 6256 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:49:43.0554 6256 HidUsb - ok
15:49:43.0570 6256 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:49:43.0570 6256 hkmsvc - ok
15:49:43.0586 6256 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
15:49:43.0586 6256 HpCISSs - ok
15:49:43.0601 6256 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:49:43.0617 6256 HTTP - ok
15:49:43.0632 6256 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
15:49:43.0632 6256 i2omp - ok
15:49:43.0632 6256 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:49:43.0632 6256 i8042prt - ok
15:49:43.0664 6256 [ ABFEBC5F846C71AFEBD7F8F6BA740C03 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:49:43.0664 6256 iaStor - ok
15:49:43.0679 6256 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
15:49:43.0679 6256 iaStorV - ok
15:49:43.0695 6256 [ FF2DBF3B183516EEC87DAD241EC50E7A ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
15:49:43.0695 6256 IBMPMDRV - ok
15:49:43.0695 6256 [ 41328443D34C1E4D680D9D2766B94354 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
15:49:43.0710 6256 IBMPMSVC - ok
15:49:43.0710 6256 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:49:43.0710 6256 IDriverT - ok
15:49:43.0742 6256 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:49:43.0773 6256 idsvc - ok
15:49:43.0835 6256 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:49:43.0898 6256 igfx - ok
15:49:43.0898 6256 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:49:43.0913 6256 iirsp - ok
15:49:43.0929 6256 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
15:49:43.0929 6256 IKEEXT - ok
15:49:43.0944 6256 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
15:49:43.0944 6256 intelide - ok
15:49:43.0960 6256 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:49:43.0960 6256 intelppm - ok
15:49:43.0960 6256 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:49:43.0976 6256 IPBusEnum - ok
15:49:43.0976 6256 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:49:43.0976 6256 IpFilterDriver - ok
15:49:43.0991 6256 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:49:43.0991 6256 iphlpsvc - ok
15:49:44.0007 6256 IpInIp - ok
15:49:44.0007 6256 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
15:49:44.0022 6256 IPMIDRV - ok
15:49:44.0022 6256 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
15:49:44.0022 6256 IPNAT - ok
15:49:44.0054 6256 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:49:44.0069 6256 iPod Service - ok
15:49:44.0085 6256 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:49:44.0085 6256 IRENUM - ok
15:49:44.0085 6256 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:49:44.0085 6256 isapnp - ok
15:49:44.0100 6256 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:49:44.0100 6256 iScsiPrt - ok
15:49:44.0116 6256 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
15:49:44.0116 6256 iteatapi - ok
15:49:44.0132 6256 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
15:49:44.0132 6256 iteraid - ok
15:49:44.0132 6256 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:49:44.0132 6256 IviRegMgr - ok
15:49:44.0147 6256 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:49:44.0147 6256 kbdclass - ok
15:49:44.0147 6256 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:49:44.0147 6256 kbdhid - ok
15:49:44.0163 6256 [ 3978F3540329E16C0AC3BCF677E5669F ] KeyIso C:\Windows\system32\lsass.exe
15:49:44.0163 6256 KeyIso - ok
15:49:44.0178 6256 [ 86165728AF9BF72D6442A894FDFB4F8B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:49:44.0194 6256 KSecDD - ok
15:49:44.0210 6256 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:49:44.0210 6256 KtmRm - ok
15:49:44.0225 6256 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
15:49:44.0241 6256 LanmanServer - ok
15:49:44.0241 6256 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:49:44.0256 6256 LanmanWorkstation - ok
15:49:44.0256 6256 [ 3C3F7F424E324C6971632C5DE5FF458F ] lenovo.smi C:\Windows\system32\DRIVERS\smiif32.sys
15:49:44.0256 6256 lenovo.smi - ok
15:49:44.0272 6256 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:49:44.0272 6256 lltdio - ok
15:49:44.0288 6256 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:49:44.0288 6256 lltdsvc - ok
15:49:44.0303 6256 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:49:44.0303 6256 lmhosts - ok
15:49:44.0319 6256 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:49:44.0319 6256 LSI_FC - ok
15:49:44.0319 6256 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:49:44.0319 6256 LSI_SAS - ok
15:49:44.0334 6256 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:49:44.0334 6256 LSI_SCSI - ok
15:49:44.0350 6256 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
15:49:44.0350 6256 luafv - ok
15:49:44.0350 6256 [ 200D973A6EC41D29D9CCA21EA75E1EDD ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
15:49:44.0366 6256 McAfeeFramework - ok
15:49:44.0366 6256 mcdbus - ok
15:49:44.0381 6256 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
15:49:44.0381 6256 MDM - ok
15:49:44.0397 6256 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
15:49:44.0397 6256 megasas - ok
15:49:44.0412 6256 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
15:49:44.0428 6256 MegaSR - ok
15:49:44.0444 6256 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
15:49:44.0444 6256 Microsoft Office Groove Audit Service - ok
15:49:44.0444 6256 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
15:49:44.0459 6256 MMCSS - ok
15:49:44.0459 6256 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
15:49:44.0459 6256 Modem - ok
15:49:44.0475 6256 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:49:44.0475 6256 monitor - ok
15:49:44.0475 6256 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:49:44.0475 6256 mouclass - ok
15:49:44.0490 6256 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:49:44.0490 6256 mouhid - ok
15:49:44.0490 6256 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
15:49:44.0506 6256 MountMgr - ok
15:49:44.0506 6256 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
15:49:44.0506 6256 mpio - ok
15:49:44.0522 6256 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:49:44.0522 6256 mpsdrv - ok
15:49:44.0537 6256 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
15:49:44.0553 6256 MpsSvc - ok
15:49:44.0553 6256 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
15:49:44.0553 6256 Mraid35x - ok
15:49:44.0568 6256 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:49:44.0568 6256 MRxDAV - ok
15:49:44.0584 6256 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:49:44.0584 6256 mrxsmb - ok
15:49:44.0600 6256 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:49:44.0600 6256 mrxsmb10 - ok
15:49:44.0600 6256 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:49:44.0615 6256 mrxsmb20 - ok
15:49:44.0615 6256 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
15:49:44.0615 6256 msahci - ok
15:49:44.0631 6256 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:49:44.0631 6256 msdsm - ok
15:49:44.0646 6256 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
15:49:44.0646 6256 MSDTC - ok
15:49:44.0662 6256 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:49:44.0662 6256 Msfs - ok
15:49:44.0662 6256 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:49:44.0678 6256 msisadrv - ok
15:49:44.0678 6256 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:49:44.0693 6256 MSiSCSI - ok
15:49:44.0693 6256 msiserver - ok
15:49:44.0709 6256 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:49:44.0709 6256 MSKSSRV - ok
15:49:44.0709 6256 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:49:44.0709 6256 MSPCLOCK - ok
15:49:44.0724 6256 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:49:44.0724 6256 MSPQM - ok
15:49:44.0724 6256 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:49:44.0740 6256 MsRPC - ok
15:49:44.0740 6256 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:49:44.0740 6256 mssmbios - ok
15:49:44.0756 6256 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:49:44.0756 6256 MSTEE - ok
15:49:44.0771 6256 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
15:49:44.0771 6256 Mup - ok
15:49:44.0787 6256 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
15:49:44.0787 6256 napagent - ok
15:49:44.0802 6256 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:49:44.0802 6256 NativeWifiP - ok
15:49:44.0818 6256 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:49:44.0834 6256 NDIS - ok
15:49:44.0834 6256 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:49:44.0834 6256 NdisTapi - ok
15:49:44.0849 6256 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:49:44.0849 6256 Ndisuio - ok
15:49:44.0865 6256 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:49:44.0865 6256 NdisWan - ok
15:49:44.0865 6256 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:49:44.0865 6256 NDProxy - ok
15:49:44.0880 6256 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:49:44.0880 6256 Net Driver HPZ12 - ok
15:49:44.0896 6256 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
15:49:44.0896 6256 Netaapl - ok
15:49:44.0896 6256 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:49:44.0896 6256 NetBIOS - ok
15:49:44.0912 6256 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
15:49:44.0912 6256 netbt - ok
15:49:44.0927 6256 [ 3978F3540329E16C0AC3BCF677E5669F ] Netlogon C:\Windows\system32\lsass.exe
15:49:44.0927 6256 Netlogon - ok
15:49:44.0943 6256 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
15:49:44.0943 6256 Netman - ok
15:49:44.0958 6256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:49:44.0958 6256 NetMsmqActivator - ok
15:49:44.0974 6256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:49:44.0974 6256 NetPipeActivator - ok
15:49:44.0974 6256 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
15:49:44.0990 6256 netprofm - ok
15:49:45.0005 6256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:49:45.0005 6256 NetTcpActivator - ok
15:49:45.0005 6256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:49:45.0005 6256 NetTcpPortSharing - ok
15:49:45.0068 6256 [ 38D720E0C8B0ECB9A019980265679798 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
15:49:45.0114 6256 NETw4v32 - ok
15:49:45.0192 6256 [ 9CA26DCCF0B84A6FF2B54FBB2A94520B ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
15:49:45.0286 6256 NETw5v32 - ok
15:49:45.0302 6256 [ ED67103F0105EE271CEBA5B7F671EBC1 ] NetworkX C:\Windows\system32\ckldrv.sys
15:49:45.0302 6256 NetworkX - ok
15:49:45.0302 6256 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:49:45.0302 6256 nfrd960 - ok
15:49:45.0317 6256 [ 6F123DB2BF6A4113260EF4127D255315 ] NitroDriverReadSpool2 C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
15:49:45.0333 6256 NitroDriverReadSpool2 - ok
15:49:45.0333 6256 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:49:45.0348 6256 NlaSvc - ok
15:49:45.0348 6256 [ 0543FA119CF3FD2203851FD71202FFE1 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
15:49:45.0364 6256 nlsX86cc - ok
15:49:45.0364 6256 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:49:45.0380 6256 Npfs - ok
15:49:45.0380 6256 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
15:49:45.0380 6256 nsi - ok
15:49:45.0395 6256 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:49:45.0395 6256 nsiproxy - ok
15:49:45.0426 6256 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:49:45.0458 6256 Ntfs - ok
15:49:45.0473 6256 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
15:49:45.0473 6256 ntrigdigi - ok
15:49:45.0473 6256 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
15:49:45.0473 6256 Null - ok
15:49:45.0489 6256 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:49:45.0489 6256 nvraid - ok
15:49:45.0489 6256 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:49:45.0504 6256 nvstor - ok
15:49:45.0504 6256 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:49:45.0504 6256 nv_agp - ok
15:49:45.0520 6256 NwlnkFlt - ok
15:49:45.0520 6256 NwlnkFwd - ok
15:49:45.0536 6256 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:49:45.0551 6256 odserv - ok
15:49:45.0567 6256 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:49:45.0567 6256 ohci1394 - ok
15:49:45.0567 6256 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:49:45.0567 6256 ose - ok
15:49:45.0598 6256 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
15:49:45.0614 6256 p2pimsvc - ok
15:49:45.0629 6256 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
15:49:45.0645 6256 p2psvc - ok
15:49:45.0660 6256 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:49:45.0660 6256 Parport - ok
15:49:45.0660 6256 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:49:45.0660 6256 partmgr - ok
15:49:45.0676 6256 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:49:45.0676 6256 Parvdm - ok
15:49:45.0692 6256 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
15:49:45.0692 6256 PcaSvc - ok
15:49:45.0692 6256 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
15:49:45.0692 6256 pccsmcfd - ok
15:49:45.0707 6256 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
15:49:45.0707 6256 pci - ok
15:49:45.0723 6256 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
15:49:45.0723 6256 pciide - ok
15:49:45.0738 6256 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:49:45.0738 6256 pcmcia - ok
15:49:45.0754 6256 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:49:45.0785 6256 PEAUTH - ok
15:49:45.0801 6256 [ D6D0971BA3055645294A13BAF6031CA0 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:49:45.0832 6256 PeerDistSvc - ok
15:49:45.0879 6256 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
15:49:45.0910 6256 pla - ok
15:49:45.0926 6256 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:49:45.0941 6256 PlugPlay - ok
15:49:45.0941 6256 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:49:45.0957 6256 Pml Driver HPZ12 - ok
15:49:45.0972 6256 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
15:49:45.0972 6256 PNRPAutoReg - ok
15:49:46.0004 6256 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
15:49:46.0004 6256 PNRPsvc - ok
15:49:46.0019 6256 [ 60A044879C4FA76314494F5FDDC43B93 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
15:49:46.0019 6256 Point32 - ok
15:49:46.0035 6256 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:49:46.0035 6256 PolicyAgent - ok
15:49:46.0050 6256 [ 4B38479A103B08832CDFAD43994D268D ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
15:49:46.0050 6256 Power Manager DBC Service - ok
15:49:46.0066 6256 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:49:46.0066 6256 PptpMiniport - ok
15:49:46.0066 6256 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
15:49:46.0082 6256 Processor - ok
15:49:46.0082 6256 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
15:49:46.0097 6256 ProfSvc - ok
15:49:46.0097 6256 [ 3978F3540329E16C0AC3BCF677E5669F ] ProtectedStorage C:\Windows\system32\lsass.exe
15:49:46.0097 6256 ProtectedStorage - ok
15:49:46.0113 6256 [ F8A25F1DD8B2C332CBC663E3579566E7 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
15:49:46.0113 6256 psadd - ok
15:49:46.0113 6256 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
15:49:46.0128 6256 PSched - ok
15:49:46.0128 6256 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
15:49:46.0128 6256 PxHelp20 - ok
15:49:46.0160 6256 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:49:46.0191 6256 ql2300 - ok
15:49:46.0206 6256 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:49:46.0206 6256 ql40xx - ok
15:49:46.0222 6256 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
15:49:46.0222 6256 QWAVE - ok
15:49:46.0238 6256 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:49:46.0238 6256 QWAVEdrv - ok
15:49:46.0253 6256 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
15:49:46.0253 6256 RapiMgr - ok
15:49:46.0253 6256 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:49:46.0269 6256 RasAcd - ok
15:49:46.0269 6256 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
15:49:46.0269 6256 RasAuto - ok
15:49:46.0284 6256 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:49:46.0284 6256 Rasl2tp - ok
15:49:46.0300 6256 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
15:49:46.0316 6256 RasMan - ok
15:49:46.0316 6256 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:49:46.0316 6256 RasPppoe - ok
15:49:46.0331 6256 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:49:46.0331 6256 RasSstp - ok
15:49:46.0347 6256 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:49:46.0347 6256 rdbss - ok
15:49:46.0362 6256 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:49:46.0362 6256 RDPCDD - ok
15:49:46.0378 6256 [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
15:49:46.0378 6256 rdpdr - ok
15:49:46.0394 6256 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:49:46.0394 6256 RDPENCDD - ok
15:49:46.0394 6256 [ 30BFBDFB7F95559EDE971F9DDB9A00BA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:49:46.0409 6256 RDPWD - ok
15:49:46.0425 6256 [ ED8C9F16E10C1E4C4C5D16CD04966E24 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:49:46.0425 6256 RegSrvc - ok
15:49:46.0440 6256 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:49:46.0440 6256 RemoteAccess - ok
15:49:46.0456 6256 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:49:46.0456 6256 RemoteRegistry - ok
15:49:46.0472 6256 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:49:46.0487 6256 RFCOMM - ok
15:49:46.0487 6256 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
15:49:46.0487 6256 RpcLocator - ok
15:49:46.0503 6256 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
15:49:46.0518 6256 RpcSs - ok
15:49:46.0534 6256 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:49:46.0534 6256 rspndr - ok
15:49:46.0534 6256 [ 3978F3540329E16C0AC3BCF677E5669F ] SamSs C:\Windows\system32\lsass.exe
15:49:46.0534 6256 SamSs - ok
15:49:46.0550 6256 [ A4A640A4923E225C80012A902D95510D ] Samsung UPD Service C:\Windows\system32\SUPDSvc.exe
15:49:46.0550 6256 Samsung UPD Service - ok
15:49:46.0565 6256 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:49:46.0565 6256 sbp2port - ok
15:49:46.0596 6256 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
15:49:46.0628 6256 SBSDWSCService - ok
15:49:46.0643 6256 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:49:46.0643 6256 SCardSvr - ok
15:49:46.0659 6256 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
15:49:46.0690 6256 Schedule - ok
15:49:46.0690 6256 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:49:46.0690 6256 SCPolicySvc - ok
15:49:46.0706 6256 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:49:46.0706 6256 SDRSVC - ok
15:49:46.0721 6256 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:49:46.0721 6256 SeaPort - ok
15:49:46.0721 6256 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:49:46.0721 6256 secdrv - ok
15:49:46.0737 6256 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
15:49:46.0737 6256 seclogon - ok
15:49:46.0752 6256 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
15:49:46.0752 6256 SENS - ok
15:49:46.0768 6256 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:49:46.0768 6256 Serenum - ok
15:49:46.0768 6256 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:49:46.0768 6256 Serial - ok
15:49:46.0784 6256 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:49:46.0784 6256 sermouse - ok
15:49:46.0799 6256 [ 7D3903AF48E6C1DC2704EAFCB608D031 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:49:46.0815 6256 ServiceLayer - ok
15:49:46.0846 6256 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
15:49:46.0846 6256 SessionEnv - ok
15:49:46.0862 6256 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:49:46.0862 6256 sffdisk - ok
15:49:46.0862 6256 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:49:46.0862 6256 sffp_mmc - ok
15:49:46.0877 6256 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:49:46.0877 6256 sffp_sd - ok
15:49:46.0893 6256 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:49:46.0893 6256 sfloppy - ok
15:49:46.0908 6256 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:49:46.0908 6256 SharedAccess - ok
15:49:46.0924 6256 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:49:46.0924 6256 ShellHWDetection - ok
15:49:46.0940 6256 [ 1310C5E81966E86B2CED7AE8CE3D74F1 ] Shockprf C:\Windows\system32\DRIVERS\Apsx86.sys
15:49:46.0940 6256 Shockprf - ok
15:49:46.0955 6256 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:49:46.0955 6256 sisagp - ok
15:49:46.0971 6256 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
15:49:46.0971 6256 SiSRaid2 - ok
15:49:46.0986 6256 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:49:46.0986 6256 SiSRaid4 - ok
15:49:47.0064 6256 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:49:47.0127 6256 Skype C2C Service - ok
15:49:47.0142 6256 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:49:47.0142 6256 SkypeUpdate - ok
15:49:47.0236 6256 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
15:49:47.0314 6256 slsvc - ok
15:49:47.0330 6256 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
15:49:47.0330 6256 SLUINotify - ok
15:49:47.0345 6256 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:49:47.0345 6256 Smb - ok
15:49:47.0345 6256 [ FCC8EDD602B50247C3E75BD23D4FACE6 ] smihlp2 C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys
15:49:47.0361 6256 smihlp2 - ok
15:49:47.0376 6256 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:49:47.0376 6256 SNMPTRAP - ok
15:49:47.0376 6256 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
15:49:47.0392 6256 spldr - ok
15:49:47.0392 6256 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
15:49:47.0408 6256 Spooler - ok
15:49:47.0408 6256 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:49:47.0408 6256 SQLWriter - ok
15:49:47.0423 6256 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:49:47.0439 6256 srv - ok
15:49:47.0439 6256 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:49:47.0454 6256 srv2 - ok
15:49:47.0454 6256 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:49:47.0454 6256 srvnet - ok
15:49:47.0470 6256 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:49:47.0486 6256 SSDPSRV - ok
15:49:47.0486 6256 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:49:47.0501 6256 SstpSvc - ok
15:49:47.0501 6256 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:49:47.0501 6256 StillCam - ok
15:49:47.0517 6256 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
15:49:47.0532 6256 stisvc - ok
15:49:47.0548 6256 [ B384A999C5326BA7BC940347A26FC0B9 ] SUService C:\Program Files\Lenovo\System Update\SUService.exe
15:49:47.0548 6256 SUService - ok
15:49:47.0548 6256 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:49:47.0564 6256 swenum - ok
15:49:47.0564 6256 [ 7390C1889DBF097E2E9A1130E5C57191 ] SWNC8U01 C:\Windows\system32\DRIVERS\SWNC8U01.sys
15:49:47.0564 6256 SWNC8U01 - ok
15:49:47.0579 6256 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
15:49:47.0595 6256 swprv - ok
15:49:47.0595 6256 [ 7D3BD1EF302997506362E9CA4181412C ] SWUMX01 C:\Windows\system32\DRIVERS\swumx01.sys
15:49:47.0595 6256 SWUMX01 - ok
15:49:47.0610 6256 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
15:49:47.0610 6256 Symc8xx - ok
15:49:47.0626 6256 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
15:49:47.0626 6256 Sym_hi - ok
15:49:47.0626 6256 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
15:49:47.0626 6256 Sym_u3 - ok
15:49:47.0657 6256 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
15:49:47.0673 6256 SysMain - ok
15:49:47.0673 6256 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:49:47.0688 6256 TabletInputService - ok
15:49:47.0688 6256 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:49:47.0704 6256 TapiSrv - ok
15:49:47.0720 6256 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
15:49:47.0720 6256 TBS - ok
15:49:47.0751 6256 [ 2756186E287139310997090797E0182B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:49:47.0766 6256 Tcpip - ok
15:49:47.0798 6256 [ 2756186E287139310997090797E0182B ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
15:49:47.0798 6256 Tcpip6 - ok
15:49:47.0813 6256 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:49:47.0813 6256 tcpipreg - ok
15:49:47.0829 6256 [ 72B9E77565DA5FA564581976E000D29B ] TcUsb C:\Windows\system32\Drivers\tcusb.sys
15:49:47.0829 6256 TcUsb - ok
15:49:47.0829 6256 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:49:47.0829 6256 TDPIPE - ok
15:49:47.0844 6256 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:49:47.0844 6256 TDTCP - ok
15:49:47.0844 6256 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:49:47.0860 6256 tdx - ok
15:49:47.0922 6256 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
15:49:47.0985 6256 TeamViewer7 - ok
15:49:47.0985 6256 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:49:48.0000 6256 TermDD - ok
15:49:48.0016 6256 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
15:49:48.0016 6256 TermService - ok
15:49:48.0032 6256 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
15:49:48.0047 6256 Themes - ok
15:49:48.0063 6256 [ EB90A37AABAEFD7B4F4F92BEFEA8C2E2 ] ThinkVantage Registry Monitor Service C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
15:49:48.0078 6256 ThinkVantage Registry Monitor Service - ok
15:49:48.0094 6256 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
15:49:48.0094 6256 THREADORDER - ok
15:49:48.0094 6256 [ D7A29E343632E2FC5F7EBFC886F12675 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM86.sys
15:49:48.0110 6256 TPDIGIMN - ok
15:49:48.0110 6256 [ 51B679F627A43A25EF9444AD23BBFF9A ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG.exe
15:49:48.0110 6256 TPHDEXLGSVC - ok
15:49:48.0125 6256 [ 576B670378253341B2041CB042BB753C ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
15:49:48.0125 6256 TPHKSVC - ok
15:49:48.0125 6256 [ CB258C2F726F1BE73C507022BE33EBB3 ] TPM C:\Windows\system32\drivers\tpm.sys
15:49:48.0141 6256 TPM - ok
15:49:48.0141 6256 [ 1BD5719EF160E0AB739CD0FF3BA5E298 ] TPPWRIF C:\Windows\system32\drivers\Tppwr32v.sys
15:49:48.0141 6256 TPPWRIF - ok
15:49:48.0156 6256 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
15:49:48.0156 6256 TrkWks - ok
15:49:48.0156 6256 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:49:48.0156 6256 TrustedInstaller - ok
15:49:48.0188 6256 [ 4A4FFDEB90A151B734A0BEA3D420FD3B ] TSSCoreService C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
15:49:48.0203 6256 TSSCoreService - ok
15:49:48.0219 6256 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:49:48.0219 6256 tssecsrv - ok
15:49:48.0234 6256 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
15:49:48.0234 6256 tunmp - ok
15:49:48.0234 6256 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:49:48.0234 6256 tunnel - ok
15:49:48.0250 6256 [ 550EB190CB6444C9E5DCAB810D2057BD ] TVT Backup Protection Service C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
15:49:48.0266 6256 TVT Backup Protection Service - ok
15:49:48.0297 6256 [ 8FAAFB3994A45F39FB8E4F87A417D59E ] TVT Backup Service C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
15:49:48.0312 6256 TVT Backup Service - ok
15:49:48.0344 6256 [ 5D355B9077CBE87C8E8EB1EAFEFF9F38 ] TVT Scheduler c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
15:49:48.0375 6256 TVT Scheduler - ok
15:49:48.0375 6256 [ 49258A02A1E8D304ED88B0F1C56B1738 ] tvtfilter C:\Windows\system32\DRIVERS\tvtfilter.sys
15:49:48.0375 6256 tvtfilter - ok
15:49:48.0390 6256 [ 7E66DDA1EF146BFC3A6E36E08E036602 ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
15:49:48.0390 6256 TVTI2C - ok
15:49:48.0390 6256 [ 2D1EC233C89416BA8187C9D7D49A075A ] tvtumon C:\Windows\system32\DRIVERS\tvtumon.sys
15:49:48.0406 6256 tvtumon - ok
15:49:48.0406 6256 [ BDC35CCF46EC3FDFA6A3DC4501A9689B ] TVT_UpdateMonitor C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
15:49:48.0422 6256 TVT_UpdateMonitor - ok
15:49:48.0422 6256 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:49:48.0422 6256 uagp35 - ok
15:49:48.0437 6256 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:49:48.0453 6256 udfs - ok
15:49:48.0453 6256 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:49:48.0468 6256 UI0Detect - ok
15:49:48.0468 6256 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:49:48.0484 6256 uliagpkx - ok
15:49:48.0484 6256 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
15:49:48.0500 6256 uliahci - ok
15:49:48.0500 6256 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
15:49:48.0515 6256 UlSata - ok
15:49:48.0515 6256 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
15:49:48.0515 6256 ulsata2 - ok
15:49:48.0531 6256 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:49:48.0531 6256 umbus - ok
15:49:48.0546 6256 [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService C:\Windows\System32\umrdp.dll
15:49:48.0546 6256 UmRdpService - ok
15:49:48.0562 6256 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
15:49:48.0578 6256 upnphost - ok
15:49:48.0593 6256 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
15:49:48.0593 6256 USBAAPL - ok
15:49:48.0593 6256 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:49:48.0609 6256 usbccgp - ok
15:49:48.0609 6256 [ 32C068EAF37C92D7194EEE1FAA1E7853 ] USBCCID C:\Windows\system32\DRIVERS\usbccid.sys
15:49:48.0609 6256 USBCCID - ok
15:49:48.0624 6256 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:49:48.0624 6256 usbcir - ok
15:49:48.0624 6256 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:49:48.0640 6256 usbehci - ok
15:49:48.0640 6256 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:49:48.0656 6256 usbhub - ok
15:49:48.0656 6256 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:49:48.0656 6256 usbohci - ok
15:49:48.0671 6256 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:49:48.0671 6256 usbprint - ok
15:49:48.0671 6256 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\drivers\usbser.sys
15:49:48.0671 6256 usbser - ok
15:49:48.0687 6256 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:49:48.0687 6256 USBSTOR - ok
15:49:48.0702 6256 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:49:48.0702 6256 usbuhci - ok
15:49:48.0702 6256 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:49:48.0718 6256 usbvideo - ok
15:49:48.0718 6256 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:49:48.0718 6256 usb_rndisx - ok
15:49:48.0734 6256 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
15:49:48.0734 6256 UxSms - ok
15:49:48.0749 6256 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
15:49:48.0765 6256 vds - ok
15:49:48.0765 6256 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:49:48.0780 6256 vga - ok
15:49:48.0780 6256 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
15:49:48.0780 6256 VgaSave - ok
15:49:48.0796 6256 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:49:48.0796 6256 viaagp - ok
15:49:48.0796 6256 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
15:49:48.0796 6256 ViaC7 - ok
15:49:48.0812 6256 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
15:49:48.0812 6256 viaide - ok
15:49:48.0812 6256 VMnetAdapter - ok
15:49:48.0827 6256 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:49:48.0827 6256 volmgr - ok
15:49:48.0843 6256 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:49:48.0858 6256 volmgrx - ok
15:49:48.0858 6256 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:49:48.0874 6256 volsnap - ok
15:49:48.0874 6256 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:49:48.0890 6256 vsmraid - ok
15:49:48.0921 6256 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
15:49:48.0952 6256 VSS - ok
15:49:48.0952 6256 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
15:49:48.0968 6256 W32Time - ok
15:49:48.0983 6256 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:49:48.0983 6256 WacomPen - ok
15:49:48.0983 6256 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
15:49:48.0983 6256 Wanarp - ok
15:49:48.0999 6256 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:49:48.0999 6256 Wanarpv6 - ok
15:49:49.0030 6256 [ 20B23332885DFB93FE0185362EE811E9 ] wbengine C:\Windows\system32\wbengine.exe
15:49:49.0046 6256 wbengine - ok
15:49:49.0061 6256 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
15:49:49.0077 6256 WcesComm - ok
15:49:49.0092 6256 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:49:49.0108 6256 wcncsvc - ok
15:49:49.0108 6256 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:49:49.0124 6256 WcsPlugInService - ok
15:49:49.0124 6256 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
15:49:49.0124 6256 Wd - ok
15:49:49.0139 6256 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:49:49.0155 6256 Wdf01000 - ok
15:49:49.0170 6256 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:49:49.0170 6256 WdiServiceHost - ok
15:49:49.0170 6256 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:49:49.0186 6256 WdiSystemHost - ok
15:49:49.0186 6256 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
15:49:49.0202 6256 WebClient - ok
15:49:49.0202 6256 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:49:49.0217 6256 Wecsvc - ok
15:49:49.0217 6256 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:49:49.0233 6256 wercplsupport - ok
15:49:49.0233 6256 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
15:49:49.0248 6256 WerSvc - ok
15:49:49.0248 6256 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:49:49.0248 6256 WimFltr - ok
15:49:49.0264 6256 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:49:49.0280 6256 WinDefend - ok
15:49:49.0280 6256 WinHttpAutoProxySvc - ok
15:49:49.0311 6256 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:49:49.0311 6256 Winmgmt - ok
15:49:49.0342 6256 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
15:49:49.0373 6256 WinRM - ok
15:49:49.0389 6256 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:49:49.0404 6256 Wlansvc - ok
15:49:49.0420 6256 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:49:49.0420 6256 WmiAcpi - ok
15:49:49.0436 6256 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:49:49.0436 6256 wmiApSrv - ok
15:49:49.0467 6256 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:49:49.0482 6256 WMPNetworkSvc - ok
15:49:49.0498 6256 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:49:49.0498 6256 WPDBusEnum - ok
15:49:49.0514 6256 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
15:49:49.0514 6256 WpdUsb - ok
15:49:49.0545 6256 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:49:49.0560 6256 WPFFontCache_v0400 - ok
15:49:49.0576 6256 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:49:49.0576 6256 ws2ifsl - ok
15:49:49.0576 6256 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
15:49:49.0592 6256 wscsvc - ok
15:49:49.0592 6256 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:49:49.0592 6256 WSDPrintDevice - ok
15:49:49.0607 6256 WSearch - ok
15:49:49.0654 6256 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:49:49.0701 6256 wuauserv - ok
15:49:49.0716 6256 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:49:49.0716 6256 WudfPf - ok
15:49:49.0732 6256 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:49:49.0732 6256 WUDFRd - ok
15:49:49.0732 6256 [ 2C0206FF8D2C75AC027D1096FA2FAFDA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:49:49.0748 6256 wudfsvc - ok
15:49:49.0763 6256 ================ Scan global ===============================
15:49:49.0779 6256 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
15:49:49.0794 6256 [ 9A7A3BC8DC7E7ECABA2478CED4C38CBD ] C:\Windows\system32\winsrv.dll
15:49:49.0826 6256 [ 9A7A3BC8DC7E7ECABA2478CED4C38CBD ] C:\Windows\system32\winsrv.dll
15:49:49.0841 6256 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
15:49:49.0841 6256 [Global] - ok
15:49:49.0841 6256 ================ Scan MBR ==================================
15:49:49.0857 6256 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:49:49.0997 6256 \Device\Harddisk0\DR0 - ok
15:49:49.0997 6256 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
15:49:50.0138 6256 \Device\Harddisk1\DR1 - ok
15:49:50.0138 6256 ================ Scan VBR ==================================
15:49:50.0138 6256 [ C850134697AA61E15DAC9C8BB68A87E5 ] \Device\Harddisk0\DR0\Partition1
15:49:50.0153 6256 \Device\Harddisk0\DR0\Partition1 - ok
15:49:50.0153 6256 [ D7D1ACF4740250C987D94F11C59F6739 ] \Device\Harddisk1\DR1\Partition1
15:49:50.0153 6256 \Device\Harddisk1\DR1\Partition1 - ok
15:49:50.0153 6256 ============================================================
15:49:50.0153 6256 Scan finished
15:49:50.0153 6256 ============================================================
15:49:50.0169 1440 Detected object count: 0
15:49:50.0169 1440 Actual detected object count: 0
15:50:53.0380 1544 Deinitialize success



aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-24 15:51:18
-----------------------------
15:51:18.668 OS Version: Windows 6.0.6002 Service Pack 2
15:51:18.668 Number of processors: 2 586 0xF0B
15:51:18.668 ComputerName: DSILVA-POR UserName: dsilva
15:51:19.323 Initialize success
15:51:22.153 AVAST engine download error: 404
15:52:58.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
15:52:58.203 Disk 0 Vendor: SAMSUNG_ PS10 Size: 61057MB BusType: 3
15:52:58.218 Disk 0 MBR read successfully
15:52:58.218 Disk 0 MBR scan
15:52:58.218 Disk 0 Windows VISTA default MBR code
15:52:58.218 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 61055 MB offset 2048
15:52:58.234 Disk 0 scanning sectors +125042688
15:52:58.234 Disk 0 scanning C:\Windows\system32\drivers
15:52:59.965 Service scanning
15:53:04.505 Modules scanning
15:53:06.096 Disk 0 trace - called modules:
15:53:06.096 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
15:53:06.112 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865e0920]
15:53:06.611 3 CLASSPNP.SYS[889c88b3] -> nt!IofCallDriver -> [0x84c3b700]
15:53:06.611 5 acpi.sys[8068f6bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85649028]
15:53:06.611 Scan finished successfully
15:53:33.709 Disk 0 MBR has been saved successfully to "C:\Users\dsilva\Desktop\MBR.dat"
15:53:33.725 The log file has been saved successfully to "C:\Users\dsilva\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 AM

Posted 24 November 2012 - 01:33 PM

Try running from safemode with networking

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#6 Duarte Silva

Duarte Silva
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 24 November 2012 - 02:11 PM

RESULTS:

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by dsilva (administrator) on 24-11-2012 at 18:59:53
Windows Vista ™ Business Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: proxy.sinfic.pt:8080

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Connected)
Intel® 82566MM Gigabit Network Connection = Local Area Connection (Media disconnected)
Sierra Wireless HSDPA Network Adapter = UMTS Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.2.1 metric=0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : dsilva-por
Primary Dns Suffix . . . . . . . : sinfic.pt
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sinfic.pt
lan

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-21-5C-81-06-A1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.78(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : s bado, 24 de Novembro de 2012 15:33:22
Lease Expires . . . . . . . . . . : s bado, 24 de Novembro de 2012 19:33:25
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DNS Servers . . . . . . . . . . . : 192.168.1.254
192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter UMTS Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Sierra Wireless HSDPA Network Adapter
Physical Address. . . . . . . . . : 00-A0-D5-FF-FF-85
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82566MM Gigabit Network Connection
Physical Address. . . . . . . . . : 00-21-86-5C-58-6A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{4D515FA1-1F38-40AF-B7E8-FB6225703A1A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:383b:3caf:3f57:feb1(Preferred)
Link-local IPv6 Address . . . . . : fe80::383b:3caf:3f57:feb1%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{5104BD90-5BB2-4EC7-9DB7-9A0557F46CBB}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dsldevice.lan
Address: 192.168.1.254

Name: google.com
Addresses: 2a00:1450:4004:803::1004
173.194.41.192
173.194.41.196
173.194.41.194
173.194.41.201
173.194.41.206
173.194.41.200
173.194.41.198
173.194.41.197
173.194.41.199
173.194.41.193
173.194.41.195



Pinging google.com [173.194.41.192] with 32 bytes of data:

Reply from 173.194.41.192: bytes=32 time=12ms TTL=58

Reply from 173.194.41.192: bytes=32 time=9ms TTL=58



Ping statistics for 173.194.41.192:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 9ms, Maximum = 12ms, Average = 10ms

Server: dsldevice.lan
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=693ms TTL=50

Reply from 98.139.183.24: bytes=32 time=613ms TTL=50



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 613ms, Maximum = 693ms, Average = 653ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
14 ...00 21 5c 81 06 a1 ...... Intel® Wireless WiFi Link 4965AGN
13 ...00 a0 d5 ff ff 85 ...... Sierra Wireless HSDPA Network Adapter
10 ...00 21 86 5c 58 6a ...... Intel® 82566MM Gigabit Network Connection
1 ........................... Software Loopback Interface 1
20 ...00 00 00 00 00 00 00 e0 isatap.{4D515FA1-1F38-40AF-B7E8-FB6225703A1A}
22 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
16 ...00 00 00 00 00 00 00 e0 isatap.{5104BD90-5BB2-4EC7-9DB7-9A0557F46CBB}
29 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.78 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.78 286
192.168.1.78 255.255.255.255 On-link 192.168.1.78 286
192.168.1.255 255.255.255.255 On-link 192.168.1.78 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.78 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.78 286
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.2.1 0
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 18 ::/0 On-link
1 306 ::1/128 On-link
19 18 2001::/32 On-link
19 266 2001:0:5ef5:79fd:383b:3caf:3f57:feb1/128
On-link
19 266 fe80::/64 On-link
19 266 fe80::383b:3caf:3f57:feb1/128
On-link
1 306 ff00::/8 On-link
19 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/24/2012 11:18:55 AM) (Source: MsiInstaller) (User: SINFIC)
Description: Produto: McAfee Agent -- O McAfee Agent não pode ser removido enquanto estiver em modo gerenciado.

Error: (11/24/2012 11:17:50 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (11/24/2012 11:14:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2012 11:12:30 AM) (Source: MsiInstaller) (User: SINFIC)
Description: Produto: McAfee Agent -- O McAfee Agent não pode ser removido enquanto estiver em modo gerenciado.

Error: (11/24/2012 11:07:42 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (11/24/2012 11:07:11 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (11/24/2012 11:03:01 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (11/24/2012 10:59:59 AM) (Source: ESENT) (User: )
Description: WinMail (7476) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (11/23/2012 01:34:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2012 01:43:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/24/2012 03:17:24 PM) (Source: TPM) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (11/24/2012 03:17:24 PM) (Source: Microsoft-Windows-TBS) (User: NT AUTHORITY)
Description: 0x8007045d

Error: (11/24/2012 03:17:19 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain SINFIC due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (11/24/2012 11:20:41 AM) (Source: Microsoft-Windows-GroupPolicy) (User: SINFIC)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/24/2012 11:18:12 AM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (11/24/2012 11:16:34 AM) (Source: Microsoft-Windows-GroupPolicy) (User: SINFIC)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/24/2012 11:15:58 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: 0x80070032

Error: (11/24/2012 11:15:56 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/24/2012 11:15:12 AM) (Source: Service Control Manager) (User: )
Description: tvtumon

Error: (11/24/2012 11:15:12 AM) (Source: Service Control Manager) (User: )
Description: SQL Server VSS Writer1


Microsoft Office Sessions:
=========================
Error: (02/01/2012 03:06:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 5535 seconds with 900 seconds of active time. This session ended with a crash.

Error: (02/22/2011 11:18:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 120589 seconds with 300 seconds of active time. This session ended with a crash.

Error: (09/14/2009 09:36:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/11/2009 01:22:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/11/2009 01:13:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/11/2009 01:07:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/11/2009 01:07:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/11/2009 01:06:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/11/2009 10:18:47 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 4653 seconds with 1800 seconds of active time. This session ended with a crash.

Error: (09/11/2009 10:01:31 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2012-11-22 17:47:19.694
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\igdumd32.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-22 17:47:19.428
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\igdumd32.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-22 17:21:51.314
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\igdumd32.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-22 17:21:51.043
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\igdumd32.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 17:01:11.740
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 17:01:11.506
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 17:01:11.241
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 17:01:10.430
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 17:01:10.149
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 17:01:09.900
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 6.1.2)
3GP Player 2008 (Version: 1.9)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Actualização do Microsoft Office Excel 2007 Help (KB963678)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669)
Actualização do Microsoft Office Word 2007 Help (KB963665)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (Version: 9.0.0)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player Plugin (Version: 9.0.124.0)
Adobe Reader 9.1 (Version: 9.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
AirPort (Version: 5.5.3.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
AT&T Service Activation (Version: 1.5.55.0)
Bing Bar (Version: 6.3.2322.0)
Bing Bar Platform (Version: 6.3.2322.0)
Bonjour (Version: 3.0.0.10)
Camera Center (Version: 1.0.22)
Canon MP160
Cartão de Cidadão (Version: 1.24.594.32)
CDBurnerXP (Version: 4.3.8.2631)
Client Security - Password Manager (Version: 8.20.0023.00)
DAEMON Tools Lite (Version: 4.45.2.0287)
DAEMON Tools Toolbar (Version: 1.1.4.0024)
Escala-Facil
Google Chrome (Version: 23.0.1271.64)
Google Update Helper (Version: 1.3.21.123)
Google Updater (Version: 2.4.2432.1652)
Help Center (Version: 2.00h)
HP Officejet 6500 E710a-f Basic Device Software (Version: 22.50.231.0)
iCloud (Version: 2.0.2.187)
Integrated Camera Driver Installer Package Ver.1.18.500.0 (Version: 1.18.500.0)
Integrated Camera TWAIN (Version: 1.0.28.0415)
Intel PROSet Wireless (Version: 11.5.0.API)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
InterVideo Register Manager (Version: 1.0.4.0)
InterVideo WinDVD (Version: 5.0-B11.1243)
IRS - Modelo 3 v1.0.4 (Version: v1.0.4)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 20 (Version: 6.0.200)
Java™ 6 Update 26 (Version: 6.0.260)
Lenovo Registration
Lenovo System Interface Driver (Version: 1.01)
McAfee Agent (Version: 4.5.0.1499)
mDriver (Version: 11.03.0000)
Message Center (Version: 2.01d)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 11.0.5510)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Language Pack 2007 - Portuguese/Português (Version: 12.0.6425.1000)
Microsoft Office O MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Project 2007 Service Pack 2 (SP2)
Microsoft Office Project Language Pack 2007 - Portuguese/Português (Version: 12.0.6425.1000)
Microsoft Office Project MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Project MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Project Professional 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Portuguese (Portugal)) 2007 (Version: 12.0.4518.1029)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office SharePoint Designer MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio Language Pack 2007 - Portuguese/Português (Version: 12.0.6425.1000)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Visio MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6425.1000)
Microsoft Office VisMUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Office X MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6425.1000)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual J# 2.0 Redistributable Package - SE
Microsoft Visual J# 2.0 Redistributable Package - SE (Version: 2.0.50728)
Mobile Broadband Connect (Version: 3.0.9027)
mpegable DS decoder (Version: 2.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nitro Pro 7 (Version: 7.5.0.29)
On Screen Display (Version: 5.12.00)
OpenOffice Calc Password Recovery v1.0 (remove only) (Version: 1.0)
OpenOffice.org 3.2 (Version: 3.2.9502)
PC Connectivity Solution (Version: 10.50.2.0)
PDFCreator (Version: 1.2.3)
PM FASTrack v6 (Version: 6.0.0)
Presentation Director (Version: 4.01)
Productivity Center Supplement for ThinkPad (Version: 3.00b)
QuickTime (Version: 7.72.80.56)
QvPluginSetup (Version: 11.0.11414.0)
Registry patch for Windows Vista USB S3 PM Enablement (Version: 1.00)
Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista (Version: 1.01)
Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista (Version: 1.01)
Registry patch to improve USB device detection on resume from sleep for Windows Vista (Version: 1.01.0000)
Rescue and Recovery (Version: 4.21.0015.00)
Royal TS (Version: 1.3.2)
Safari (Version: 5.34.57.2)
Serviços de Impressão do Bonjour (Version: 2.0.2.0)
Sierra Wireless HSDPA MiniCard (Version: 7.0.2.1300)
Skype Click to Call (Version: 6.3.11079)
Skype™ 5.10 (Version: 5.10.116)
Software WiFi do Intel® PROSet/Wireless (Version: 12.00.4000)
Sonic Icons for Lenovo (Version: 1.0.2)
SoundMAX (Version: 6.10.1.5840)
Spybot - Search & Destroy (Version: 1.6.2)
SSH Secure Shell
Suporte para Aplicações Apple (Version: 2.2.2)
System Migration Assistant (Version: 5.20.0163)
System Update (Version: 3.14.0017)
TeamViewer 7 (Version: 7.0.13989)
ThinkPad Bluetooth with Enhanced Data Rate Software 6.1.0.2200 (Version: 6.1.0.2200)
ThinkPad EasyEject Utility (Version: 2.36)
ThinkPad FullScreen Magnifier (Version: 2.02)
ThinkPad Keyboard Customizer Utility (Version: 1.0.01)
ThinkPad Mobility Center Customization (Version: 1.50.0000)
ThinkPad Power Management Driver (Version: 1.51)
ThinkPad Power Manager (Version: 2.36)
ThinkPad UltraNav Driver (Version: 7.0.1602.9)
ThinkPad UltraNav Utility (Version: 2.04)
ThinkVantage Access Connections (Version: 5.02)
ThinkVantage Active Protection System (Version: 1.61)
ThinkVantage Fingerprint Software 5.8 (Version: 5.8.2.4462)
ThinkVantage Productivity Center (Version: 3.00b)
ThinkVantage Technologies Welcome Message (Version: 1.19)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Project 2007 Help (KB963668)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2553110)
Vim 7.3 (self-installing)
VMware Infrastructure Client 2.5 (Version: 2.5.0.64218)
VMware vSphere Client 4.1 (Version: 4.1.0.12319)
Wallpapers
Windows Driver Package - Apple Inc. Apple Wireless Mouse (09/17/2009 3.0.0.5) (Version: 09/17/2009 3.0.0.5)
Windows Driver Package - Intel (e1express) Net (09/12/2007 9.7.251.0) (Version: 09/12/2007 9.7.251.0)
Windows Driver Package - Intel (iaStor) hdc (09/29/2007 7.8.0.1012) (Version: 09/29/2007 7.8.0.1012)
Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011) (Version: 11/15/2006 8.2.0.1011)
Windows Driver Package - Intel hdc (12/06/2006 6.8.0.3002) (Version: 12/06/2006 6.8.0.3002)
Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) (Version: 09/15/2006 7.0.0.1011)
Windows Driver Package - Intel System (09/15/2006 8.0.0.1008) (Version: 09/15/2006 8.0.0.1008)
Windows Driver Package - Intel System (09/15/2006 8.0.0.1010) (Version: 09/15/2006 8.0.0.1010)
Windows Driver Package - Intel System (09/15/2006 8.2.0.1000) (Version: 09/15/2006 8.2.0.1000)
Windows Driver Package - Intel USB (09/15/2006 8.0.0.1008) (Version: 09/15/2006 8.0.0.1008)
Windows Driver Package - Lenovo 1.44 (11/02/2007 1.44) (Version: 11/02/2007 1.44)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 68%
Total physical RAM: 2005.61 MB
Available physical RAM: 630.1 MB
Total Pagefile: 4250.24 MB
Available Pagefile: 2034.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.06 MB

========================= Partitions: =====================================

1 Drive c: (SW_Preload) (Fixed) (Total:59.62 GB) (Free:6.48 GB) NTFS

========================= Users: ========================================

User accounts for \\DSILVA-POR

Administrator ASPNET Guest

========================= Restore Points ==================================


**** End of log ****





Farbar Service Scanner Version: 09-11-2012
Ran by dsilva (administrator) on 24-11-2012 at 19:01:48
Running from "C:\Users\dsilva\Desktop"
Windows Vista ™ Business Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2011-10-06 09:39] - [2011-06-17 20:13] - 0905104 ____A (Microsoft Corporation) 2756186E287139310997090797E0182B

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-11-11 10:54] - [2009-10-09 21:55] - 0584704 ____A (Microsoft Corporation) 0D4A07E5AC9998E4B251D603C96D4F20

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-21 02:24] - [2008-01-21 02:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 AM

Posted 24 November 2012 - 03:09 PM

I'm not finding any issues with your internet access.Can you browse in safemode with networking?

#8 Duarte Silva

Duarte Silva
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 26 November 2012 - 10:25 AM

Sorry for the late reply,
Yes it's true I'm able to browse microsoft and anti virus sites in safe mode with networking. The double char problem with only one keystroke also doesn’t happen in safe mode.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 AM

Posted 27 November 2012 - 12:24 AM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#10 Duarte Silva

Duarte Silva
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 28 November 2012 - 11:33 AM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/28/2012 04:23:23 PM in x86 mode.
Windows Version: Windows Vista ™ Business Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\system32\SupportAppPT\ztemon_cd.exe (PID: 2044) [WD-HEUR]
* C:\Windows\system32\crypserv.exe (PID: 2104) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* WPCSvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/28/2012 04:23:38 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)




"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 8.0" "AcroTray" "Adobe Systems Inc." "c:\program files\adobe\acrobat 9.0\acrobat\acrotray.exe"
+ "ACTray" "ThinkVantage Access Connections AC Tray Module" "Lenovo" "c:\program files\thinkpad\connectutilities\actray.exe"
+ "ACWLIcon" "ThinkVantage Access Connections Wireless lan Icon Module" "Lenovo" "c:\program files\thinkpad\connectutilities\acwlicon.exe"
+ "Adobe Acrobat Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\acrobat 9.0\acrobat\acrobat_sl.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "AirPort Base Station Agent" "AirPort Base Station Agent" "Apple Inc." "c:\program files\airport\apagent.exe"
+ "AMSG" "Message Center" "LENOVO" "c:\program files\thinkvantage\amsg\amsg.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "BLOG" "" "" "c:\program files\thinkpad\utilities\btvlogex.dll"
+ "CameraApplicationLauncher" "CameraApplicationLaunchPadLauncher" "" "c:\program files\lenovo\camera center\bin\cameraapplicationlaunchpadlauncher.exe"
+ "Certificate Import" "Portugal eID TrayApplet" "" "c:\program files\cartão de cidadão\pteidtrayapplet.exe"
+ "cssauth" "CSS Authentication Provider" "Lenovo Group Limited" "c:\program files\lenovo\client security solution\cssauth.exe"
+ "EZEJMNAP" "ThinkPad EasyEject Support Application" "Lenovo Group Ltd." "c:\program files\thinkpad\utilities\ezejmnap.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovemonitor.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "LPMailChecker" "ThinkVantage Productivity Center MailChecker" "Lenovo Group Limited" "c:\program files\thinkvantage\prdctr\lpmlchk.exe"
+ "LPManager" "ThinkVantage Productivity Center Manager" "Lenovo Group Limited" "c:\program files\thinkvantage\prdctr\lpmgr.exe"
+ "MSCRM" "Microsoft ® CRM client for Microsoft Office Outlook setup" "Microsoft Corporation" "c:\program files\microsoft dynamics crm\client\configwizard\crmforoutlookinstaller.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "PWMTRV" "ThinkPad Power Manager Background Monitor and Tray Battery Gauge" "Lenovo Group Limited" "c:\program files\thinkpad\utilities\pwmtr32v.dll"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SoundMAX" "SoundMAX Audio Settings (32-bit)" "Analog Devices, Inc." "c:\program files\analog devices\soundmax\soundmax.exe"
+ "SoundMAXPnP" "SMax4PNP" "Analog Devices, Inc." "c:\program files\analog devices\core\smax4pnp.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "TPFNF7" "Presentation Director Fn+F7 handler" "Lenovo Group Limited" "c:\program files\lenovo\npdirect\tpfnf7sp.exe"
+ "TPHOTKEY" "On screen display message generator for ThinkPad" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\tposdsvc.exe"
+ "TPKMAPHELPER" "Keyboard Customizer" "Lenovo" "c:\program files\thinkpad\utilities\tpkmapap.exe"
+ "TpShocks" "ThinkVantage Active Protection System" "Lenovo." "c:\windows\system32\tpshocks.exe"
+ "TVT Scheduler Proxy" "scheduler_proxy Application" "Lenovo Group Limited" "c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe"
+ "Wanliteconnect" "Mobile Broadband Connect" "Lenovo" "c:\program files\lenovo\mobile broadband connect\wananc.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\thinkpad\bluetooth software\bttray.exe"
"C:\Users\dsilva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.2.lnk" "" "" "c:\program files\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files\daemon tools lite\dtlite.exe"
+ "iCloudServices" "iCloud" "Apple Inc." "c:\program files\common files\apple\internet services\icloudservices.exe"
+ "MobileDocuments" "" "" "File not found: C:\Program Files\Common Files\Apple\Internet Services\ubd.exe"
+ "MsnMsgr" "" "" "File not found: C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files\spybot - search & destroy\teatimer.exe"
+ "TomTomHOME.exe" "" "" "File not found: C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
+ "Zyalru" "" "" "c:\users\dsilva\appdata\roaming\koydfa\eclu.exe"
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
+ "BTW Setup Wizard" "BtWizard Module" "Broadcom Corporation." "c:\windows\system32\btwizard.dll"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "grooveLocalGWS" "GrooveSystemServices Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovesystemservices.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "qvp" "QlikView Protocol 11.00 SR2" "QlikTech AB" "c:\program files\qlikview\qvprotocol\qvp.dll"
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files\adobe\acrobat 9.0\acrobat elements\contextmenu.dll"
+ "gvim" "A small project for the context menu of gvim!" "Tianmiao Hu's Developer Studio" "c:\program files\vim\vim73\gvimext.dll"
+ "NPShellExtension" "Nitro Pro ShellExtension " "" "c:\program files\nitro pdf\professional 7\npshellextension.dll"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files\common files\apple\internet services\shellstreams.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\windows\system32\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files\adobe\acrobat 9.0\acrobat elements\contextmenu.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar BHO" "Bing Bar" "Microsoft Corporation" "c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll"
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "IePasswordManagerHelper Class" "Password Manager IE BHO" "Lenovo Group Limited" "c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "SmartSelect Class" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files\spybot - search & destroy\sdhelper.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100" "Bing Bar" "Microsoft Corporation" "c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll"
+ "Adobe PDF" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "DAEMON Tools Toolbar" "ToolBand Module" "" "c:\program files\daemon tools toolbar\dttoolbar.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Lenovo Password Manager..." "Password Manager IE BHO" "Lenovo Group Limited" "c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\thinkpad\bluetooth software\btsendto_ie.htm"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Spybot - Search && Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\Google Software Updater" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\TabletPC\InputPersonalization" "Input Personalization Server" "Microsoft Corporation" "c:\program files\common files\microsoft shared\ink\inputpersonalization.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\PMTask" "ThinkPad Power Manager Idle Task" "Lenovo Group Limited" "c:\program files\thinkpad\utilities\pwmidtsv.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AcPrfMgrSvc" "ThinkVantage Access Connections Profile Manager Service" "Lenovo" "c:\program files\thinkpad\connectutilities\acprfmgrsvc.exe"
+ "AcSvc" "ThinkVantage Access Connections Main Service" "Lenovo" "c:\program files\thinkpad\connectutilities\acsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AEADIFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\windows\system32\aeadisrv.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "ApRunSvc" "Launches an application with administrative privilege" "" "c:\program files\apoint2k\aprunsvc.exe"
+ "Automatic CDROM Monitor" "" "" "c:\windows\system32\supportapppt\ztemon_cd.exe"
+ "Bonjour Service" "Permite a configuração na rede e detecção automática de dispositivos e serviços." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Crypkey License" "CrypKey License Service" "CrypKey (Canada) Ltd." "c:\windows\system32\crypserv.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Macrovision Europe Ltd." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gupdate1c9de0067eed31a" "Mantém o software Google actualizado. Se este serviço for desactivado ou interrompido, o software Google não ficará actualizado, o que significa que não será possível corrigir eventuais vulnerabilidades de segurança e as funcionalidades poderão não funcionar. Esta tarefa desinstala-se quando não está a ser utilizada por nenhum software Google." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Mantém o software Google actualizado. Se este serviço for desactivado ou interrompido, o software Google não ficará actualizado, o que significa que não será possível corrigir eventuais vulnerabilidades de segurança e as funcionalidades poderão não funcionar. Esta tarefa desinstala-se quando não está a ser utilizada por nenhum software Google." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IBMPMSVC" "ThinkPad Power Management Service" "Lenovo" "c:\windows\system32\ibmpmsvc.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "Serviços de gestão de hardware do iPod" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "IviRegMgr" "RegMgr Module" "InterVideo" "c:\program files\common files\intervideo\regmgr\iviregmgr.exe"
+ "McAfeeFramework" "Estrutura de componentes compartilhados para produtos McAfee" "McAfee, Inc." "c:\program files\mcafee\common framework\frameworkservice.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files\common files\microsoft shared\vs7debug\mdm.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveauditservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NitroDriverReadSpool2" "Nitro PDF Driver Read Spool 2" "Nitro PDF Software" "c:\program files\nitro pdf\professional 7\nitropdfdriverservice2.exe"
+ "nlsX86cc" "Nalpeiron Licensing Service" "Nalpeiron Ltd." "c:\windows\system32\nlssrv32.exe"
+ "odserv" "Executar partes dos Diagnósticos do Microsoft Office." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Guarda os ficheiros de instalação utilizados para actualizações e reparações e é necessário para a transferência de actualizações de configuração e relatórios de erros do Watson." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "Power Manager DBC Service" "Power Manager Dynamic Brightness Control Service" "Lenovo" "c:\program files\thinkpad\utilities\pwmdbsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "Samsung UPD Service" "Samsung UPD Service" "Samsung Electronics CO., LTD." "c:\windows\system32\supdsvc.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files\spybot - search & destroy\sdwinsec.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files\microsoft\search enhancement pack\seaport\seaport.exe"
+ "ServiceLayer" "ServiceLayer Module" "Nokia" "c:\program files\pc connectivity solution\servicelayer.exe"
+ "Skype C2C Service" "Skype Click to Call Update Service" "Skype Technologies S.A." "c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "SUService" "ThinkVantage System Update" "Lenovo Group Limited" "c:\program files\lenovo\system update\suservice.exe"
+ "TeamViewer7" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files\teamviewer\version7\teamviewer_service.exe"
+ "ThinkVantage Registry Monitor Service" "ThinkVantage Registry Monitor Service" "Lenovo Group Limited" "c:\program files\common files\lenovo\tvt_reg_monitor_svc.exe"
+ "TPHDEXLGSVC" "ThinkVantage Active Protection System - HDD Logger Module" "Lenovo." "c:\windows\system32\tphdexlg.exe"
+ "TPHKSVC" "On screen display Fn+Fx handler" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\tphksvc.exe"
+ "TSSCoreService" "tvttcsd Application" "Lenovo" "c:\program files\lenovo\client security solution\tvttcsd.exe"
+ "TVT Backup Protection Service" "rrpservice Module" "" "c:\program files\lenovo\rescue and recovery\rrpservice.exe"
+ "TVT Backup Service" "Rescue and Recovery Backup Service" "Lenovo Group Limited" "c:\program files\lenovo\rescue and recovery\rrservice.exe"
+ "TVT Scheduler" "ThinkVantage Scheduler" "Lenovo Group Limited" "c:\program files\common files\lenovo\scheduler\tvtsched.exe"
+ "TVT_UpdateMonitor" "Monitors operating system files changed by Windows update and backup them from TVT Rescure And Recovery" "Lenovo Group Limited" "c:\program files\lenovo\rescue and recovery\updatemonitor.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "5U875UVC" "Ricoh USB Camera driver" "Ricoh co.,Ltd." "c:\windows\system32\drivers\5u875.sys"
+ "ADIHdAudAddService" "High Definition Audio Function Driver" "Analog Devices, Inc." "c:\windows\system32\drivers\adihdaud.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "applebmt" "Apple Wireless Mouse" "Apple Inc." "c:\windows\system32\drivers\applebmt.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "IBMPMDRV" "ThinkPad Power Management Driver" "Lenovo." "c:\windows\system32\drivers\ibmpmdrv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "lenovo.smi" "SMI Driver for Lenovo system" "Lenovo Group Limited" "c:\windows\system32\drivers\smiif32.sys"
+ "mcdbus" "" "" "File not found: system32\DRIVERS\mcdbus.sys"
+ "Netaapl" "Apple Mobile Device Ethernet" "Apple Inc." "c:\windows\system32\drivers\netaapl.sys"
+ "NETw4v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw4v32.sys"
+ "NETw5v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v32.sys"
+ "NetworkX" "" "" "c:\windows\system32\ckldrv.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "pccsmcfd" "PCCS Mode Change Filter Driver" "Nokia" "c:\windows\system32\drivers\pccsmcfd.sys"
+ "psadd" "SMBIOS Driver" "Lenovo (United States) Inc." "c:\windows\system32\drivers\psadd.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Shockprf" "Shockproof Disk Driver" "Lenovo." "c:\windows\system32\drivers\apsx86.sys"
+ "smihlp2" "SMI helper driver" "UPEK Inc." "c:\program files\common files\thinkvantage fingerprint software\drivers\smihlp.sys"
+ "SWNC8U01" "Sierra Wireless NDIS Driver" "Sierra Wireless Inc." "c:\windows\system32\drivers\swnc8u01.sys"
+ "SWUMX01" "Sierra Wireless USB MUX Driver" "Sierra Wireless Inc." "c:\windows\system32\drivers\swumx01.sys"
+ "TcUsb" "TouchChip USB Kernel Driver" "UPEK Inc." "c:\windows\system32\drivers\tcusb.sys"
+ "TPDIGIMN" "APS Digitizer Activity Monitor" "Lenovo." "c:\windows\system32\drivers\apshm86.sys"
+ "TPPWRIF" "" "" "c:\windows\system32\drivers\tppwr32v.sys"
+ "tvtfilter" "tvtfilter Filter Driver" "Lenovo" "c:\windows\system32\drivers\tvtfilter.sys"
+ "TVTI2C" "SMBUS Driver" "Lenovo (United States) Inc." "c:\windows\system32\drivers\tvti2c.sys"
+ "tvtumon" "Windows Update Monitor Driver" "Lenovo" "c:\windows\system32\drivers\tvtumon.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "VMnetAdapter" "Driver for VMware's Virtual Ethernet Adapters Ver. 2" "" "File not found: system32\DRIVERS\vmnetadapter.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Convision JPEG Server Push Input" "JPEG Server Push Filter" "Convision Technology GmbH" "c:\windows\system32\jpegserverpush.ax"
+ "Convision RTP Stream Input" "RTP Stream Input Filter" "Convision Technology GmbH" "c:\windows\system32\rtpstream.ax"
+ "dicas AMR Audio Decoder" "dsamrauddec" "dicas digital image coding GmbH" "c:\program files\mpegable\ds\dsamrauddec.ax"
+ "dicas MPEG-4 Audio Decoder" "dsmpeg4auddec" "dicas digital image coding GmbH" "c:\program files\mpegable\ds\dsmpeg4auddec.ax"
+ "dicas MPEG-4 File Reader" "dsmp4filereader" "dicas digital image coding GmbH" "c:\program files\mpegable\ds\dsmp4filereader.ax"
+ "dicas MPEG-4 RTP Reader" "dsmpeg4rtpreader" "dicas digital image coding GmbH" "c:\program files\mpegable\ds\dsmpeg4rtpreader.ax"
+ "dicas MPEG-4 Video Decoder" "dsmpeg4viddec" "dicas digital image coding GmbH" "c:\program files\mpegable\ds\dsmpeg4viddec.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "InterVideo Audio Decoder" "IVIAUDIO LOGID.59963" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Audio Processor" "" "" "c:\program files\intervideo\common\bin\iviaudioprocess.ax"
+ "Intervideo CDSF Filter" "Bouncing Ball Filter (Sample)" "Microsoft Corporation" "c:\program files\intervideo\common\bin\ivicdsf.ax"
+ "InterVideo Navigator" "IVINAV LOGID.59963" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivinav.ax"
+ "InterVideo Video Decoder" "IVIVIDEO LOGID.59963" " InterVideo Inc." "c:\program files\intervideo\common\bin\ivivideo.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "Provider Object" "Windows Vista Credential Provider" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\provider.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "Provider Filter Object" "Windows Vista Credential Provider" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\provider.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "psfus" "Logon stub" "UPEK Inc." "c:\windows\system32\psqlpwd.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Adobe PDF Port Monitor" "Adobe PDF Port Monitor DLL" "Adobe Systems Inc" "c:\windows\system32\adobepdf.dll"
+ "BJ Language Monitor3_2" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm3_2.dll"
+ "Canon BJ Language Monitor MP160" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm83.dll"
+ "HP 5512 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts5512lm.dll"
+ "HP Discovery Port Monitor (HP Officejet 6500 E710a-f)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopm5512.dll"
+ "KM Language Monitor" "KM language monitor" "KYOCERA MITA Corporation" "c:\windows\system32\kmpjlmn.dll"
+ "Nitro PDF Port Monitor" "Windows NT Nitro Print PDF Interface Driver" "Nitro PDF Software" "c:\windows\system32\nitrolocalmon2.dll"
+ "PCL hpz3llhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3llhn.dll"
+ "PDFCreator" "" "" "c:\windows\system32\pdfcmnnt.dll"
+ "spd__ Langmon" "Language Monitor for Status Monitor" "" "c:\windows\system32\spd__l.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "ACGina" "" "" "File not found: ACGina"
+ "psqlpwd" "Logon stub" "UPEK Inc." "c:\windows\system32\psqlpwd.dll"
"C:\Users\dsilva\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-us\Gadget.xml"
+ "Screen Snaper" "Screen Snaper Tool" "Dany Cantin" "C:\Users\dsilva\AppData\Local\Microsoft\Windows Sidebar\Gadgets\ScreenSnaperV2.7.Gadget\Gadget.xml"
+ "Slide Show" "Show a continuous slide show of your pictures." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-us\Gadget.xml"

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 AM

Posted 28 November 2012 - 05:05 PM

Launch autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Zyalru" "" "" "c:\users\dsilva\appdata\roaming\koydfa\eclu.exe"

Restart the PC and delete this file

c:\users\dsilva\appdata\roaming\koydfa\eclu.exe

let me know if you still have issues

#12 Duarte Silva

Duarte Silva
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 28 November 2012 - 06:46 PM

Everything works just fine.
You guys are the best. Thank you very much.
Do I need to do anything to close this issue/post?

Regards
Duarte Silva

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 AM

Posted 28 November 2012 - 08:35 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users