Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop possibly infected. Can anyone help me verify it?


  • Please log in to reply
19 replies to this topic

#1 duenas77

duenas77

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston TX USA
  • Local time:11:38 AM

Posted 14 April 2013 - 07:03 PM

And if so, clean it?

My wife's son in law says his laptop keeps disconnecting form the interneyt but I have been working with her for a few hours now and it seems fine to me. Is there any way anyone can help me see?

 

Laptop HP Pavilioin dv6700 running Windows vista Home Premium SP1

 

Thanks in advance

 

Martin



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:38 PM

Posted 14 April 2013 - 07:39 PM

Hello Martin,

Let's review a few logs to be sure.

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed

 

 

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

 


Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

 


 

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 duenas77

duenas77
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston TX USA
  • Local time:11:38 AM

Posted 14 April 2013 - 08:45 PM

Thanks for your prompt response. I'll have to do it when I come back from work tomorrow. However... I was working with this machine and got as far as installing sp2 I think. Like I said she seems to be working just fine. Now she is running Vista home premium Sp2

 

Thanks again for your help

 

Martin



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:38 PM

Posted 14 April 2013 - 08:54 PM

No problem, post back when you can


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 duenas77

duenas77
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston TX USA
  • Local time:11:38 AM

Posted 15 April 2013 - 05:02 AM

One last question before I follow instructions. Do I have to repeat in each account? There's 2. Or only one run is going to work in both?

Thanks for you help



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:38 PM

Posted 15 April 2013 - 01:56 PM

No you can just run them..


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 duenas77

duenas77
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston TX USA
  • Local time:11:38 AM

Posted 15 April 2013 - 09:10 PM

I could only run Minitoolbox.

 

When I tried to run TDSSKiller I got this message

 

C:\Users\<user>\Downloads\tdsskiller.exe

 

Windows cannot access the specified device, path or file. You may not  have the appropriate permissions to access the item

 

 

I downloaded it 3 times. I moved it to another folder, I closed the browser and re-opened it and it never worked. The only thing I did not do was a restart.

 

So I did not follow the other steps.

 

Anyhow, here's the log for Minitoolbox

 

I'll reed you in the morning

 

Thx

 

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by jose (administrator) on 15-04-2013 at 20:13:26
Running from "C:\Users\jose\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
::1             localhost
 
127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
 
There are 15268 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : jose-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
   Physical Address. . . . . . . . . : 00-21-00-10-5D-67
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4987:ec60:4829:fd4f%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, April 15, 2013 8:02:17 PM
   Lease Expires . . . . . . . . . . : Tuesday, April 16, 2013 8:02:16 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 352329984
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-9C-0D-20-00-1E-68-4E-65-E1
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-1E-68-4E-65-E1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 7:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{1C11AE53-28A5-4AC7-BA9F-CD4109D7856C}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 17:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c73:2816:3f57:fef5(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::c73:2816:3f57:fef5%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : isatap.gateway.2wire.net
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{1C11AE53-28A5-4AC7-BA9F-CD4109D7856C}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  homeportal
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4000:803::1002
 173.194.46.9
 173.194.46.14
 173.194.46.0
 173.194.46.1
 173.194.46.2
 173.194.46.3
 173.194.46.4
 173.194.46.5
 173.194.46.6
 173.194.46.7
 173.194.46.8
 
 
 
Pinging google.com [173.194.46.4] with 32 bytes of data:
 
Reply from 173.194.46.4: bytes=32 time=28ms TTL=52
 
Reply from 173.194.46.4: bytes=32 time=29ms TTL=52
 
 
 
Ping statistics for 173.194.46.4:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 28ms, Maximum = 29ms, Average = 28ms
 
Server:  homeportal
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=199ms TTL=45
 
Reply from 206.190.36.45: bytes=32 time=137ms TTL=45
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 137ms, Maximum = 199ms, Average = 168ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 11 ...00 21 00 10 5d 67 ...... Broadcom 802.11b/g WLAN
 10 ...00 1e 68 4e 65 e1 ...... Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  isatap.{1C11AE53-28A5-4AC7-BA9F-CD4109D7856C}
 12 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 15 ...00 00 00 00 00 00 00 e0  isatap.gateway.2wire.net
 16 ...00 00 00 00 00 00 00 e0  isatap.{1C11AE53-28A5-4AC7-BA9F-CD4109D7856C}
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.10     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.10    286
     192.168.1.10  255.255.255.255         On-link      192.168.1.10    286
    192.168.1.255  255.255.255.255         On-link      192.168.1.10    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.10    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.10    286
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     18 2001::/32                On-link
 13    266 2001:0:4137:9e76:c73:2816:3f57:fef5/128
                                    On-link
 11    286 fe80::/64                On-link
 13    266 fe80::/64                On-link
 13    266 fe80::c73:2816:3f57:fef5/128
                                    On-link
 11    286 fe80::4987:ec60:4829:fd4f/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
 11    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/15/2013 08:04:16 PM) (Source: Microsoft-Windows-CAPI2) (User: )
 
Error: (04/15/2013 08:02:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/14/2013 08:26:30 PM) (Source: Microsoft-Windows-CAPI2) (User: )
 
Error: (04/14/2013 08:26:03 PM) (Source: ESENT) (User: )
Description: WinMail (3716) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.
 
Error: (04/14/2013 08:13:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/14/2013 08:13:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/14/2013 08:09:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/14/2013 07:15:31 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.19088, time stamp 0x4de07b1b, faulting module PCTBDCore.dll, version 4.0.0.0, time stamp 0x4ec09fad, exception code 0xc000000d, fault offset 0x000fdb2e,
process id 0x6c4, application start time 0xiexplore.exe0.
 
Error: (04/14/2013 06:52:29 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JOSE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3QQD4G8S.DEFAULT\CACHE\9> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (04/14/2013 06:52:29 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JOSE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3QQD4G8S.DEFAULT\CACHE\9> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
 
System errors:
=============
Error: (04/15/2013 08:12:27 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state
 
Error: (04/15/2013 08:12:27 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state
 
Error: (04/15/2013 08:12:27 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) into Staged(Staged) state
 
Error: (04/15/2013 08:12:27 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested(Install Requested) state
 
Error: (04/15/2013 08:12:27 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP(Feature Pack) into Staged(Staged) state
 
Error: (04/15/2013 08:12:27 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested(Install Requested) state
 
Error: (04/15/2013 08:12:27 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state
 
Error: (04/15/2013 08:12:27 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state
 
Error: (04/15/2013 08:12:27 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested(Install Requested) state
 
Error: (04/15/2013 08:12:27 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into Staged(Staged) state
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-04-14 19:22:42.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 19:22:42.476
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 19:22:42.260
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 19:22:42.044
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 19:22:41.829
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 19:22:40.506
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PSINProt.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 19:22:40.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PSINProt.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 19:22:40.074
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PSINProt.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 19:22:39.857
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PSINProt.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 19:22:39.640
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PSINProt.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 6.1.1)
Acrobat.com (Version: 1.7.186)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 1.5.1.8210)
Adobe Reader 9.2 (Version: 9.2.0)
Adobe Shockwave Player (Version: 10.2.0.023)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
AIM 6
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.11.3.0)
AT&T Service & Support Tool
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Wireless LAN Adapter (Version: 4.170.25.12)
Browser Defender 4.0 (Version: 4.0.0.0)
BufferChm (Version: 130.0.331.000)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Copy (Version: 130.0.366.000)
CyberLink YouCam (Version: 1.0.1002)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.372.000)
DJ_AIO_06_F2400_SW_Min (Version: 130.0.373.000)
Drivers Install For Linksys Easylink Advisor (Version: 2.0.9)
DVD Suite (Version: 5.5.0928)
EA Link (Version: 3.1.1.4)
F2400 (Version: 130.0.373.000)
FrostWire 4.21.3 (Version: 4.21.3.0)
Garmin Communicator Plugin (Version: 2.6.1)
Google Chrome (Version: 26.0.1410.64)
Google Update Helper (Version: 1.3.21.135)
GPBaseService2 (Version: 130.0.371.000)
Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (Version: 2.0.25149)
Hewlett-Packard Active Check (Version: 1.1.11.0)
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5)
HP Active Support Library (Version: 3.1.6.1)
HP Customer Experience Enhancements (Version: 5.4.0.2430)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Doc Viewer (Version: 1.02.0001)
HP Easy Setup - Frontend (Version: 5.4.0.2430)
HP Help and Support (Version: 2.0.10.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Print Projects 1.0 (Version: 1.0)
HP Quick Launch Buttons 6.30 E1 (Version: 6.30 E1)
HP QuickPlay 3.6
HP QuickTouch 1.00 C4 (Version: 1.0.7)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Total Care Advisor (Version: 1.4.19.2433)
HP Update (Version: 5.002.008.001)
HP User Guides 0087 (Version: 1.02.0000)
HP Wireless Assistant (Version: 3.00 H2)
HPNetworkAssistant (Version: 1.1.70)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000)
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000)
HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000)
hpphotosmartdisclabelplugin (Version: 2.02.0000)
HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000)
HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000)
HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000)
HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000)
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes (Version: 11.0.1.12)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 2 (Version: 1.6.0.20)
LabelPrint (Version: 2.20.2128)
LightScribe System Software  1.10.13.1 (Version: 1.10.13.1)
Linksys EasyLink Advisor 1.6 (0032)
MarketResearch (Version: 130.0.374.000)
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.6.0)
Motorola SM56 Data Fax Modem
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 6.1 (Version: 6.10.050)
My HP Games (Version: HPCMPQ1902)
Panda Cloud Antivirus (Version: 2.0.0)
Panda Cloud Antivirus (Version: 4.02.00.0000)
Panda Security Toolbar (Version: 3.0.0.9b)
Panda Security URL Filtering (Version: 2.0.0.13)
PC Tools AntiVirus Free 9.0 (Version: 9.0)
Power2Go (Version: 5.6.3327)
PowerDirector (Version: 6.5.2129)
PSSWCORE (Version: 2.02.0000)
QuickPlay SlingPlayer 0.4.6 (Version: 0.4.6)
QuickTime (Version: 7.73.80.64)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5384)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (Version: 3.51.01)
Safari (Version: 5.34.57.2)
Scan (Version: 140.0.80.000)
Shop for HP Supplies (Version: 13.0)
Slingbox Flash Tour (Version: 1.0.0)
SlingPlayer (Version: 1.04.0206)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 130.0.373.000)
Synaptics Pointing Device Driver (Version: 10.2.4.0)
The Sims™ Life Stories (Version: 1.00.0000)
ThreatFire
Toolbar Cleaner 1.0
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Trend Micro AntiVirus (Version: 16.05)
TurboTax 2008
TurboTax 2008 WinPerFedFormset (Version: 008.000.0318)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0212)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0161)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.0947)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0396)
TurboTax 2008 wrapper (Version: 008.000.0062)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.3337)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0407)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0195)
TurboTax 2010 wrapper (Version: 010.000.0155)
TurboTax 2010 wtniper (Version: 010.000.0988)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2596)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0424)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0209)
TurboTax 2011 wrapper (Version: 011.000.0120)
TurboTax 2011 wtniper (Version: 011.000.1376)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoToolkit01 (Version: 100.0.128.000)
Viewpoint Media Player
WeatherBug Gadget (Version: 1.0.0.6)
WebReg (Version: 130.0.132.017)
Yahoo! Install Manager
Yahoo! Toolbar
 
========================= Memory info: ===================================
 
Percentage of memory in use: 56%
Total physical RAM: 3061.68 MB
Available physical RAM: 1333.82 MB
Total Pagefile: 6333.61 MB
Available Pagefile: 4379.62 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.98 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:221.18 GB) (Free:155.11 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.71 GB) (Free:2.02 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JOSE-PC
 
Administrator            Guest                    irma                     
jose                     
 
 
**** End of log ****


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:38 PM

Posted 15 April 2013 - 09:43 PM

Try right clicking on the Icons and select... Run As Administrator.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 duenas77

duenas77
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston TX USA
  • Local time:11:38 AM

Posted 16 April 2013 - 06:27 PM

I also did that



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:38 PM

Posted 16 April 2013 - 07:45 PM

I think we should get a deeper look. Malware is protecting itself.
Please follow this Preparation Guide and post in a new topic.
 
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 duenas77

duenas77
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston TX USA
  • Local time:11:38 AM

Posted 17 April 2013 - 01:41 PM

Hello boopme

 

I understand I should follow your instructions. However I renamed TDDSKiller to "Matador" (Haha!) and it work. As I write this it is running on the problem laptop. Is it possible to keep this thread active?

 

Thanks again for your help



#12 duenas77

duenas77
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston TX USA
  • Local time:11:38 AM

Posted 17 April 2013 - 08:03 PM

Hi.

 

I may just have to start a new thread right?

 

Well just in case you happen to see this thread here are the logs

 

TDDSKiller

 

 

13:34:37.0422 5560  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:34:38.0149 5560  ============================================================
13:34:38.0150 5560  Current date / time: 2013/04/17 13:34:38.0149
13:34:38.0150 5560  SystemInfo:
13:34:38.0150 5560  
13:34:38.0150 5560  OS Version: 6.0.6002 ServicePack: 2.0
13:34:38.0150 5560  Product type: Workstation
13:34:38.0150 5560  ComputerName: JOSE-PC
13:34:38.0151 5560  UserName: jose
13:34:38.0151 5560  Windows directory: C:\Windows
13:34:38.0151 5560  System windows directory: C:\Windows
13:34:38.0151 5560  Processor architecture: Intel x86
13:34:38.0151 5560  Number of processors: 2
13:34:38.0151 5560  Page size: 0x1000
13:34:38.0151 5560  Boot type: Normal boot
13:34:38.0151 5560  ============================================================
13:34:39.0758 5560  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:34:39.0762 5560  ============================================================
13:34:39.0762 5560  \Device\Harddisk0\DR0:
13:34:39.0763 5560  MBR partitions:
13:34:39.0763 5560  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BA5B54A
13:34:39.0763 5560  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BA5B589, BlocksNum 0x1768FF8
13:34:39.0763 5560  ============================================================
13:34:39.0829 5560  C: <-> \Device\Harddisk0\DR0\Partition1
13:34:39.0884 5560  D: <-> \Device\Harddisk0\DR0\Partition2
13:34:39.0884 5560  ============================================================
13:34:39.0885 5560  Initialize success
13:34:39.0885 5560  ============================================================
13:36:53.0836 5084  ============================================================
13:36:53.0837 5084  Scan started
13:36:53.0837 5084  Mode: Manual; TDLFS; 
13:36:53.0837 5084  ============================================================
13:36:54.0540 5084  ================ Scan system memory ========================
13:36:54.0540 5084  System memory - ok
13:36:54.0541 5084  ================ Scan services =============================
13:36:54.0901 5084  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
13:36:54.0907 5084  ACPI - ok
13:36:54.0996 5084  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:36:55.0003 5084  AdobeFlashPlayerUpdateSvc - ok
13:36:55.0070 5084  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:36:55.0084 5084  adp94xx - ok
13:36:55.0111 5084  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:36:55.0121 5084  adpahci - ok
13:36:55.0162 5084  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
13:36:55.0166 5084  adpu160m - ok
13:36:55.0221 5084  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:36:55.0227 5084  adpu320 - ok
13:36:55.0291 5084  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:36:55.0293 5084  AeLookupSvc - ok
13:36:55.0349 5084  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
13:36:55.0356 5084  AFD - ok
13:36:55.0401 5084  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:36:55.0405 5084  agp440 - ok
13:36:55.0438 5084  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:36:55.0443 5084  aic78xx - ok
13:36:55.0480 5084  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
13:36:55.0482 5084  ALG - ok
13:36:55.0516 5084  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:36:55.0528 5084  aliide - ok
13:36:55.0567 5084  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
13:36:55.0571 5084  amdagp - ok
13:36:55.0603 5084  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:36:55.0606 5084  amdide - ok
13:36:55.0636 5084  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
13:36:55.0639 5084  AmdK7 - ok
13:36:55.0665 5084  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:36:55.0669 5084  AmdK8 - ok
13:36:55.0710 5084  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
13:36:55.0712 5084  Appinfo - ok
13:36:55.0850 5084  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:36:55.0853 5084  Apple Mobile Device - ok
13:36:55.0882 5084  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
13:36:55.0886 5084  arc - ok
13:36:55.0921 5084  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:36:55.0926 5084  arcsas - ok
13:36:55.0963 5084  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:36:55.0966 5084  AsyncMac - ok
13:36:56.0013 5084  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:36:56.0016 5084  atapi - ok
13:36:56.0067 5084  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:36:56.0076 5084  AudioEndpointBuilder - ok
13:36:56.0090 5084  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:36:56.0095 5084  Audiosrv - ok
13:36:56.0173 5084  [ 58DA4A879DAEDC2EF91C0694415417D9 ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
13:36:56.0200 5084  BCM43XV - ok
13:36:56.0243 5084  [ 58DA4A879DAEDC2EF91C0694415417D9 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
13:36:56.0256 5084  BCM43XX - ok
13:36:56.0293 5084  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:36:56.0295 5084  Beep - ok
13:36:56.0341 5084  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
13:36:56.0350 5084  BFE - ok
13:36:56.0422 5084  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
13:36:56.0444 5084  BITS - ok
13:36:56.0463 5084  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:36:56.0467 5084  blbdrive - ok
13:36:56.0566 5084  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:36:56.0576 5084  Bonjour Service - ok
13:36:56.0614 5084  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:36:56.0618 5084  bowser - ok
13:36:56.0659 5084  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
13:36:56.0662 5084  BrFiltLo - ok
13:36:56.0677 5084  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
13:36:56.0679 5084  BrFiltUp - ok
13:36:56.0710 5084  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
13:36:56.0714 5084  Browser - ok
13:36:56.0853 5084  [ 8FFAFD696F94EC213BC6AD47008127EA ] Browser Defender Update Service C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
13:36:56.0861 5084  Browser Defender Update Service - ok
13:36:56.0898 5084  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
13:36:56.0902 5084  Brserid - ok
13:36:56.0935 5084  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
13:36:56.0939 5084  BrSerWdm - ok
13:36:56.0978 5084  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
13:36:56.0981 5084  BrUsbMdm - ok
13:36:56.0997 5084  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
13:36:57.0001 5084  BrUsbSer - ok
13:36:57.0030 5084  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:36:57.0034 5084  BTHMODEM - ok
13:36:57.0066 5084  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:36:57.0069 5084  cdfs - ok
13:36:57.0128 5084  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:36:57.0131 5084  cdrom - ok
13:36:57.0190 5084  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:36:57.0192 5084  CertPropSvc - ok
13:36:57.0217 5084  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
13:36:57.0220 5084  circlass - ok
13:36:57.0266 5084  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
13:36:57.0274 5084  CLFS - ok
13:36:57.0332 5084  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:36:57.0337 5084  clr_optimization_v2.0.50727_32 - ok
13:36:57.0413 5084  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:36:57.0417 5084  clr_optimization_v4.0.30319_32 - ok
13:36:57.0449 5084  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:36:57.0451 5084  CmBatt - ok
13:36:57.0468 5084  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:36:57.0471 5084  cmdide - ok
13:36:57.0580 5084  [ D8774ACE03B46C9B01A49818055F9AD4 ] Com4Qlb         C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
13:36:57.0585 5084  Com4Qlb - ok
13:36:57.0606 5084  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:36:57.0609 5084  Compbatt - ok
13:36:57.0619 5084  COMSysApp - ok
13:36:57.0639 5084  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:36:57.0642 5084  crcdisk - ok
13:36:57.0659 5084  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
13:36:57.0662 5084  Crusoe - ok
13:36:57.0732 5084  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:36:57.0737 5084  CryptSvc - ok
13:36:57.0792 5084  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:36:57.0809 5084  DcomLaunch - ok
13:36:57.0824 5084  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:36:57.0827 5084  DfsC - ok
13:36:57.0913 5084  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
13:36:57.0979 5084  DFSR - ok
13:36:58.0035 5084  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
13:36:58.0041 5084  Dhcp - ok
13:36:58.0106 5084  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
13:36:58.0108 5084  disk - ok
13:36:58.0156 5084  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:36:58.0161 5084  Dnscache - ok
13:36:58.0195 5084  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:36:58.0201 5084  dot3svc - ok
13:36:58.0256 5084  [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
13:36:58.0262 5084  Dot4 - ok
13:36:58.0293 5084  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:36:58.0296 5084  Dot4Print - ok
13:36:58.0331 5084  [ C55004CA6B419B6695970DFE849B122F ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
13:36:58.0334 5084  dot4usb - ok
13:36:58.0389 5084  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
13:36:58.0393 5084  DPS - ok
13:36:58.0454 5084  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:36:58.0456 5084  drmkaud - ok
13:36:58.0530 5084  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:36:58.0545 5084  DXGKrnl - ok
13:36:58.0587 5084  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
13:36:58.0592 5084  E1G60 - ok
13:36:58.0639 5084  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
13:36:58.0643 5084  EapHost - ok
13:36:58.0692 5084  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
13:36:58.0698 5084  Ecache - ok
13:36:58.0738 5084  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:36:58.0746 5084  ehRecvr - ok
13:36:58.0762 5084  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
13:36:58.0766 5084  ehSched - ok
13:36:58.0777 5084  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
13:36:58.0779 5084  ehstart - ok
13:36:58.0832 5084  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:36:58.0844 5084  elxstor - ok
13:36:58.0887 5084  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
13:36:58.0902 5084  EMDMgmt - ok
13:36:58.0936 5084  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:36:58.0940 5084  ErrDev - ok
13:36:58.0975 5084  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
13:36:58.0983 5084  EventSystem - ok
13:36:59.0044 5084  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
13:36:59.0049 5084  exfat - ok
13:36:59.0097 5084  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:36:59.0101 5084  fastfat - ok
13:36:59.0149 5084  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:36:59.0152 5084  fdc - ok
13:36:59.0181 5084  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:36:59.0184 5084  fdPHost - ok
13:36:59.0202 5084  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:36:59.0205 5084  FDResPub - ok
13:36:59.0240 5084  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:36:59.0244 5084  FileInfo - ok
13:36:59.0268 5084  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:36:59.0271 5084  Filetrace - ok
13:36:59.0295 5084  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:36:59.0298 5084  flpydisk - ok
13:36:59.0331 5084  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:36:59.0337 5084  FltMgr - ok
13:36:59.0428 5084  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
13:36:59.0450 5084  FontCache - ok
13:36:59.0517 5084  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:36:59.0519 5084  FontCache3.0.0.0 - ok
13:36:59.0594 5084  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:36:59.0596 5084  Fs_Rec - ok
13:36:59.0639 5084  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:36:59.0643 5084  gagp30kx - ok
13:36:59.0700 5084  [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
13:36:59.0706 5084  GameConsoleService - ok
13:36:59.0776 5084  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:36:59.0778 5084  GEARAspiWDM - ok
13:36:59.0827 5084  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:36:59.0842 5084  gpsvc - ok
13:36:59.0956 5084  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:36:59.0963 5084  gupdate - ok
13:36:59.0974 5084  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:36:59.0977 5084  gupdatem - ok
13:37:00.0028 5084  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:37:00.0035 5084  HdAudAddService - ok
13:37:00.0106 5084  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:37:00.0119 5084  HDAudBus - ok
13:37:00.0150 5084  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:37:00.0153 5084  HidBth - ok
13:37:00.0191 5084  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:37:00.0194 5084  HidIr - ok
13:37:00.0238 5084  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
13:37:00.0241 5084  hidserv - ok
13:37:00.0277 5084  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:37:00.0280 5084  HidUsb - ok
13:37:00.0313 5084  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:37:00.0317 5084  hkmsvc - ok
13:37:00.0365 5084  [ 89F9E1984C1CD9E5F4FE39642D886E11 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
13:37:00.0367 5084  HP Health Check Service - ok
13:37:00.0399 5084  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
13:37:00.0403 5084  HpCISSs - ok
13:37:00.0547 5084  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:37:00.0552 5084  hpqcxs08 - ok
13:37:00.0597 5084  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:37:00.0600 5084  hpqddsvc - ok
13:37:00.0622 5084  [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
13:37:00.0624 5084  HpqKbFiltr - ok
13:37:00.0655 5084  [ 115C0933B3ED51DFBEC4449348C8065B ] HpqRemHid       C:\Windows\system32\DRIVERS\HpqRemHid.sys
13:37:00.0670 5084  HpqRemHid - ok
13:37:00.0702 5084  [ 04C1DCBB226C6AE647B794833CE3CEB6 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
13:37:00.0706 5084  hpqwmiex - ok
13:37:00.0758 5084  [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
13:37:00.0765 5084  HSFHWAZL - ok
13:37:00.0830 5084  [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV         C:\Windows\system32\DRIVERS\VSTDPV3.SYS
13:37:00.0854 5084  HSF_DPV - ok
13:37:00.0906 5084  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:37:00.0916 5084  HTTP - ok
13:37:00.0952 5084  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
13:37:00.0956 5084  i2omp - ok
13:37:00.0999 5084  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:37:01.0001 5084  i8042prt - ok
13:37:01.0069 5084  [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:37:01.0078 5084  IAANTMON - ok
13:37:01.0137 5084  [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:37:01.0141 5084  iaStor - ok
13:37:01.0186 5084  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
13:37:01.0194 5084  iaStorV - ok
13:37:01.0252 5084  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:37:01.0257 5084  IDriverT - ok
13:37:01.0341 5084  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:37:01.0362 5084  idsvc - ok
13:37:01.0471 5084  [ 9378D57E2B96C0A185D844770AD49948 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
13:37:01.0537 5084  igfx - ok
13:37:01.0560 5084  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:37:01.0563 5084  iirsp - ok
13:37:01.0623 5084  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:37:01.0635 5084  IKEEXT - ok
13:37:01.0764 5084  [ 8D7EB1FD498FD0A34C95A298685EC1C7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:37:01.0803 5084  IntcAzAudAddService - ok
13:37:01.0829 5084  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:37:01.0832 5084  intelide - ok
13:37:01.0844 5084  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:37:01.0846 5084  intelppm - ok
13:37:01.0945 5084  [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
13:37:01.0947 5084  IntuitUpdateService - ok
13:37:02.0050 5084  [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
13:37:02.0052 5084  IntuitUpdateServiceV4 - ok
13:37:02.0106 5084  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:37:02.0111 5084  IPBusEnum - ok
13:37:02.0130 5084  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:37:02.0136 5084  IpFilterDriver - ok
13:37:02.0172 5084  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:37:02.0179 5084  iphlpsvc - ok
13:37:02.0187 5084  IpInIp - ok
13:37:02.0224 5084  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
13:37:02.0227 5084  IPMIDRV - ok
13:37:02.0249 5084  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
13:37:02.0255 5084  IPNAT - ok
13:37:02.0334 5084  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:37:02.0343 5084  iPod Service - ok
13:37:02.0362 5084  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:37:02.0365 5084  IRENUM - ok
13:37:02.0395 5084  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:37:02.0399 5084  isapnp - ok
13:37:02.0457 5084  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:37:02.0462 5084  iScsiPrt - ok
13:37:02.0481 5084  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
13:37:02.0484 5084  iteatapi - ok
13:37:02.0501 5084  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
13:37:02.0515 5084  iteraid - ok
13:37:02.0555 5084  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:37:02.0557 5084  kbdclass - ok
13:37:02.0608 5084  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:37:02.0610 5084  kbdhid - ok
13:37:02.0664 5084  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
13:37:02.0668 5084  KeyIso - ok
13:37:02.0702 5084  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:37:02.0715 5084  KSecDD - ok
13:37:02.0749 5084  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:37:02.0761 5084  KtmRm - ok
13:37:02.0805 5084  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:37:02.0813 5084  LanmanServer - ok
13:37:02.0842 5084  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:37:02.0851 5084  LanmanWorkstation - ok
13:37:02.0895 5084  [ A1043645D16915DF12A6F2E049922A18 ] LexBceS         C:\Windows\System32\LEXBCES.EXE
13:37:02.0908 5084  LexBceS - ok
13:37:02.0949 5084  [ 53710476495886D9961BE46983A6A33F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
13:37:02.0952 5084  LightScribeService - ok
13:37:02.0986 5084  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:37:02.0989 5084  lltdio - ok
13:37:03.0035 5084  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:37:03.0047 5084  lltdsvc - ok
13:37:03.0076 5084  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:37:03.0080 5084  lmhosts - ok
13:37:03.0109 5084  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:37:03.0113 5084  LSI_FC - ok
13:37:03.0148 5084  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:37:03.0152 5084  LSI_SAS - ok
13:37:03.0183 5084  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:37:03.0188 5084  LSI_SCSI - ok
13:37:03.0211 5084  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
13:37:03.0216 5084  luafv - ok
13:37:03.0305 5084  [ E6CB119EF2E148EAA1A247343550756E ] McciCMService   C:\Program Files\Common Files\Motive\McciCMService.exe
13:37:03.0314 5084  McciCMService - ok
13:37:03.0342 5084  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:37:03.0348 5084  Mcx2Svc - ok
13:37:03.0386 5084  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:37:03.0389 5084  megasas - ok
13:37:03.0415 5084  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
13:37:03.0430 5084  MegaSR - ok
13:37:03.0466 5084  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
13:37:03.0472 5084  MMCSS - ok
13:37:03.0493 5084  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
13:37:03.0495 5084  Modem - ok
13:37:03.0558 5084  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:37:03.0559 5084  monitor - ok
13:37:03.0577 5084  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:37:03.0579 5084  mouclass - ok
13:37:03.0600 5084  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:37:03.0604 5084  mouhid - ok
13:37:03.0627 5084  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
13:37:03.0630 5084  MountMgr - ok
13:37:03.0712 5084  [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:37:03.0716 5084  MozillaMaintenance - ok
13:37:03.0754 5084  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:37:03.0759 5084  mpio - ok
13:37:03.0781 5084  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:37:03.0783 5084  mpsdrv - ok
13:37:03.0822 5084  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:37:03.0835 5084  MpsSvc - ok
13:37:03.0886 5084  [ 43C047A20981F3880D00CA09734557B4 ] MR97310_VGA_DUAL_CAMERA C:\Windows\system32\DRIVERS\mr97310v.sys
13:37:03.0890 5084  MR97310_VGA_DUAL_CAMERA - ok
13:37:03.0920 5084  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
13:37:03.0924 5084  Mraid35x - ok
13:37:04.0000 5084  [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
13:37:04.0003 5084  MREMP50 - ok
13:37:04.0009 5084  MREMPR5 - ok
13:37:04.0020 5084  MRENDIS5 - ok
13:37:04.0061 5084  [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
13:37:04.0063 5084  MRESP50 - ok
13:37:04.0107 5084  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:37:04.0111 5084  MRxDAV - ok
13:37:04.0148 5084  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:37:04.0151 5084  mrxsmb - ok
13:37:04.0191 5084  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:37:04.0196 5084  mrxsmb10 - ok
13:37:04.0206 5084  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:37:04.0209 5084  mrxsmb20 - ok
13:37:04.0242 5084  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
13:37:04.0245 5084  msahci - ok
13:37:04.0272 5084  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:37:04.0277 5084  msdsm - ok
13:37:04.0299 5084  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
13:37:04.0306 5084  MSDTC - ok
13:37:04.0337 5084  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:37:04.0339 5084  Msfs - ok
13:37:04.0361 5084  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:37:04.0365 5084  msisadrv - ok
13:37:04.0395 5084  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:37:04.0401 5084  MSiSCSI - ok
13:37:04.0409 5084  msiserver - ok
13:37:04.0428 5084  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:37:04.0431 5084  MSKSSRV - ok
13:37:04.0483 5084  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:37:04.0486 5084  MSPCLOCK - ok
13:37:04.0503 5084  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:37:04.0505 5084  MSPQM - ok
13:37:04.0552 5084  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:37:04.0558 5084  MsRPC - ok
13:37:04.0579 5084  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:37:04.0580 5084  mssmbios - ok
13:37:04.0603 5084  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:37:04.0606 5084  MSTEE - ok
13:37:04.0628 5084  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
13:37:04.0632 5084  Mup - ok
13:37:04.0665 5084  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
13:37:04.0677 5084  napagent - ok
13:37:04.0722 5084  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:37:04.0727 5084  NativeWifiP - ok
13:37:04.0780 5084  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:37:04.0792 5084  NDIS - ok
13:37:04.0816 5084  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:37:04.0818 5084  NdisTapi - ok
13:37:04.0832 5084  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:37:04.0834 5084  Ndisuio - ok
13:37:04.0876 5084  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:37:04.0880 5084  NdisWan - ok
13:37:04.0905 5084  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:37:04.0907 5084  NDProxy - ok
13:37:04.0943 5084  [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:37:04.0946 5084  Net Driver HPZ12 - ok
13:37:04.0978 5084  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:37:04.0980 5084  NetBIOS - ok
13:37:05.0022 5084  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
13:37:05.0035 5084  netbt - ok
13:37:05.0053 5084  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
13:37:05.0057 5084  Netlogon - ok
13:37:05.0079 5084  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
13:37:05.0089 5084  Netman - ok
13:37:05.0116 5084  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
13:37:05.0127 5084  netprofm - ok
13:37:05.0172 5084  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:37:05.0177 5084  NetTcpPortSharing - ok
13:37:05.0223 5084  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:37:05.0227 5084  nfrd960 - ok
13:37:05.0253 5084  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:37:05.0261 5084  NlaSvc - ok
13:37:05.0316 5084  [ CFEE15A88280D369672DA0E378BBC702 ] NNSALPC         C:\Windows\system32\DRIVERS\NNSAlpc.sys
13:37:05.0319 5084  NNSALPC - ok
13:37:05.0339 5084  [ 2708799ADC223C4412341F0C68D032E3 ] NNSHTTP         C:\Windows\system32\DRIVERS\NNSHttp.sys
13:37:05.0346 5084  NNSHTTP - ok
13:37:05.0356 5084  [ 533F19056B98D9CCE466B64186905BC1 ] NNSIDS          C:\Windows\system32\DRIVERS\NNSIds.sys
13:37:05.0362 5084  NNSIDS - ok
13:37:05.0423 5084  [ BF5295EC6F9E4737F891F58FEA879B31 ] NNSNAHSL        C:\Windows\system32\DRIVERS\NNSNAHSL.sys
13:37:05.0425 5084  NNSNAHSL - ok
13:37:05.0446 5084  [ 1F054C5CA627FCD3983538D74574016B ] NNSPICC         C:\Windows\system32\DRIVERS\NNSPicc.sys
13:37:05.0449 5084  NNSPICC - ok
13:37:05.0504 5084  [ A15B00ECD15DACFB9DD33F0CE26EE60D ] NNSPIHSW        C:\Windows\system32\DRIVERS\NNSPihsw.sys
13:37:05.0515 5084  NNSPIHSW - ok
13:37:05.0525 5084  [ 5F8C023775B8F4A0A8FFC93DD0A27285 ] NNSPOP3         C:\Windows\system32\DRIVERS\NNSPop3.sys
13:37:05.0529 5084  NNSPOP3 - ok
13:37:05.0563 5084  [ CA541CE4A1FC034EEC8CFD6C155B9D30 ] NNSPROT         C:\Windows\system32\DRIVERS\NNSProt.sys
13:37:05.0571 5084  NNSPROT - ok
13:37:05.0626 5084  [ 938E8CCC7AC5922F2E3DBDF3E7A3035C ] NNSPRV          C:\Windows\system32\DRIVERS\NNSPrv.sys
13:37:05.0631 5084  NNSPRV - ok
13:37:05.0650 5084  [ 2458E950F0A0DD9AD08385209B5E1702 ] NNSSMTP         C:\Windows\system32\DRIVERS\NNSSmtp.sys
13:37:05.0653 5084  NNSSMTP - ok
13:37:05.0670 5084  [ 75D990651236A570C4C80ED56BFB4009 ] NNSSTRM         C:\Windows\system32\DRIVERS\NNSStrm.sys
13:37:05.0676 5084  NNSSTRM - ok
13:37:05.0698 5084  [ 9D526B79E7D438056ED7D382AB94019A ] NNSTLSC         C:\Windows\system32\DRIVERS\NNSTlsc.sys
13:37:05.0701 5084  NNSTLSC - ok
13:37:05.0747 5084  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:37:05.0749 5084  Npfs - ok
13:37:05.0776 5084  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
13:37:05.0781 5084  nsi - ok
13:37:05.0801 5084  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:37:05.0803 5084  nsiproxy - ok
13:37:05.0873 5084  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:37:05.0899 5084  Ntfs - ok
13:37:05.0939 5084  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
13:37:05.0943 5084  ntrigdigi - ok
13:37:05.0981 5084  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
13:37:05.0983 5084  Null - ok
13:37:06.0017 5084  [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x32.sys
13:37:06.0029 5084  NVENETFD - ok
13:37:06.0049 5084  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:37:06.0056 5084  nvraid - ok
13:37:06.0071 5084  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:37:06.0075 5084  nvstor - ok
13:37:06.0098 5084  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:37:06.0105 5084  nv_agp - ok
13:37:06.0113 5084  NwlnkFlt - ok
13:37:06.0125 5084  NwlnkFwd - ok
13:37:06.0217 5084  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:37:06.0228 5084  odserv - ok
13:37:06.0281 5084  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:37:06.0283 5084  ohci1394 - ok
13:37:06.0333 5084  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:37:06.0338 5084  ose - ok
13:37:06.0407 5084  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
13:37:06.0426 5084  p2pimsvc - ok
13:37:06.0446 5084  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:37:06.0457 5084  p2psvc - ok
13:37:06.0490 5084  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
13:37:06.0493 5084  Parport - ok
13:37:06.0589 5084  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:37:06.0593 5084  partmgr - ok
13:37:06.0618 5084  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
13:37:06.0621 5084  Parvdm - ok
13:37:06.0650 5084  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:37:06.0655 5084  PcaSvc - ok
13:37:06.0709 5084  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
13:37:06.0715 5084  pci - ok
13:37:06.0733 5084  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
13:37:06.0736 5084  pciide - ok
13:37:06.0766 5084  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:37:06.0773 5084  pcmcia - ok
13:37:06.0803 5084  [ 3A0262B85B5BB4D4CFC096EA00ED610B ] PCTBD           C:\Windows\system32\Drivers\PCTBD.sys
13:37:06.0805 5084  PCTBD - ok
13:37:06.0871 5084  [ 0EDB74BD0D52D6D94CF862322E48B94E ] PCTCore         C:\Windows\system32\drivers\PCTCore.sys
13:37:06.0881 5084  PCTCore - ok
13:37:06.0913 5084  [ 8734F7346B39A710491E0DDB136DA2A3 ] pctDS           C:\Windows\system32\drivers\pctDS.sys
13:37:06.0923 5084  pctDS - ok
13:37:06.0978 5084  [ 653D8079CC000EC454789740A07B84A8 ] pctEFA          C:\Windows\system32\drivers\pctEFA.sys
13:37:07.0000 5084  pctEFA - ok
13:37:07.0057 5084  [ 3B2CCD49AF2585A9BBA993C39D0A7A9F ] PCTSD           C:\Windows\system32\Drivers\PCTSD.sys
13:37:07.0062 5084  PCTSD - ok
13:37:07.0103 5084  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:37:07.0123 5084  PEAUTH - ok
13:37:07.0221 5084  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
13:37:07.0261 5084  pla - ok
13:37:07.0300 5084  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:37:07.0311 5084  PlugPlay - ok
13:37:07.0332 5084  [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:37:07.0336 5084  Pml Driver HPZ12 - ok
13:37:07.0374 5084  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
13:37:07.0386 5084  PNRPAutoReg - ok
13:37:07.0408 5084  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
13:37:07.0420 5084  PNRPsvc - ok
13:37:07.0464 5084  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:37:07.0475 5084  PolicyAgent - ok
13:37:07.0505 5084  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:37:07.0516 5084  PptpMiniport - ok
13:37:07.0560 5084  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
13:37:07.0563 5084  Processor - ok
13:37:07.0592 5084  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:37:07.0599 5084  ProfSvc - ok
13:37:07.0620 5084  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:37:07.0623 5084  ProtectedStorage - ok
13:37:07.0655 5084  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
13:37:07.0659 5084  PSched - ok
13:37:07.0716 5084  [ B109362819789E5C2A001ACE08E84906 ] PSINAflt        C:\Windows\system32\DRIVERS\PSINAflt.sys
13:37:07.0722 5084  PSINAflt - ok
13:37:07.0781 5084  [ B1A354ED4119245546CF94CF4993DBCD ] PSINFile        C:\Windows\system32\DRIVERS\PSINFile.sys
13:37:07.0784 5084  PSINFile - ok
13:37:07.0808 5084  [ D6DF381D6CD98EE4BD9E6E3D141D2C6C ] PSINKNC         C:\Windows\system32\DRIVERS\psinknc.sys
13:37:07.0814 5084  PSINKNC - ok
13:37:07.0833 5084  [ 294F9D2448A09CBFC6D88A3755852F0C ] PSINProc        C:\Windows\system32\DRIVERS\PSINProc.sys
13:37:07.0837 5084  PSINProc - ok
13:37:07.0859 5084  [ 12B7044A47548FBFD0BA62D2715D21F7 ] PSINProt        C:\Windows\system32\DRIVERS\PSINProt.sys
13:37:07.0863 5084  PSINProt - ok
13:37:07.0943 5084  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:37:07.0975 5084  ql2300 - ok
13:37:08.0010 5084  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:37:08.0015 5084  ql40xx - ok
13:37:08.0099 5084  [ BA396D1C71934E22679D3F4DAC17E7AB ] QPCapSvc        C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
13:37:08.0106 5084  QPCapSvc - ok
13:37:08.0124 5084  [ 4B455E8C41CAD3219CCF53024DCAD604 ] QPSched         C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
13:37:08.0129 5084  QPSched - ok
13:37:08.0163 5084  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
13:37:08.0174 5084  QWAVE - ok
13:37:08.0190 5084  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:37:08.0197 5084  QWAVEdrv - ok
13:37:08.0218 5084  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:37:08.0220 5084  RasAcd - ok
13:37:08.0238 5084  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
13:37:08.0247 5084  RasAuto - ok
13:37:08.0272 5084  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:37:08.0277 5084  Rasl2tp - ok
13:37:08.0319 5084  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
13:37:08.0330 5084  RasMan - ok
13:37:08.0377 5084  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:37:08.0379 5084  RasPppoe - ok
13:37:08.0396 5084  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:37:08.0399 5084  RasSstp - ok
13:37:08.0427 5084  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:37:08.0434 5084  rdbss - ok
13:37:08.0471 5084  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:37:08.0473 5084  RDPCDD - ok
13:37:08.0518 5084  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
13:37:08.0525 5084  rdpdr - ok
13:37:08.0536 5084  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:37:08.0538 5084  RDPENCDD - ok
13:37:08.0601 5084  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:37:08.0610 5084  RDPWD - ok
13:37:08.0658 5084  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:37:08.0663 5084  RemoteAccess - ok
13:37:08.0704 5084  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:37:08.0715 5084  RemoteRegistry - ok
13:37:08.0781 5084  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
13:37:08.0789 5084  RichVideo - ok
13:37:08.0833 5084  [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
13:37:08.0835 5084  rimmptsk - ok
13:37:08.0853 5084  [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
13:37:08.0855 5084  rimsptsk - ok
13:37:08.0867 5084  [ D231B577024AA324AF13A42F3A807D10 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
13:37:08.0870 5084  rismxdp - ok
13:37:08.0906 5084  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
13:37:08.0910 5084  RpcLocator - ok
13:37:08.0961 5084  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
13:37:08.0972 5084  RpcSs - ok
13:37:08.0993 5084  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:37:08.0996 5084  rspndr - ok
13:37:09.0043 5084  [ 9A929308A64183D3D9DCCBB6DF4BADAE ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
13:37:09.0047 5084  RTL8169 - ok
13:37:09.0064 5084  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
13:37:09.0070 5084  SamSs - ok
13:37:09.0091 5084  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:37:09.0095 5084  sbp2port - ok
13:37:09.0106 5084  SBRE - ok
13:37:09.0199 5084  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
13:37:09.0228 5084  SBSDWSCService - ok
13:37:09.0278 5084  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:37:09.0285 5084  SCardSvr - ok
13:37:09.0330 5084  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
13:37:09.0348 5084  Schedule - ok
13:37:09.0389 5084  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:37:09.0391 5084  SCPolicySvc - ok
13:37:09.0531 5084  [ 17D6A03103586D7954BA74C2219CE1BB ] sdAuxService    C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
13:37:09.0536 5084  sdAuxService - ok
13:37:09.0625 5084  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
13:37:09.0629 5084  sdbus - ok
13:37:09.0677 5084  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:37:09.0684 5084  SDRSVC - ok
13:37:09.0711 5084  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:37:09.0714 5084  secdrv - ok
13:37:09.0732 5084  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
13:37:09.0737 5084  seclogon - ok
13:37:09.0752 5084  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
13:37:09.0758 5084  SENS - ok
13:37:09.0786 5084  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:37:09.0789 5084  Serenum - ok
13:37:09.0811 5084  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
13:37:09.0816 5084  Serial - ok
13:37:09.0843 5084  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:37:09.0847 5084  sermouse - ok
13:37:09.0886 5084  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:37:09.0892 5084  SessionEnv - ok
13:37:09.0923 5084  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:37:09.0926 5084  sffdisk - ok
13:37:09.0946 5084  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:37:09.0949 5084  sffp_mmc - ok
13:37:09.0979 5084  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:37:09.0982 5084  sffp_sd - ok
13:37:10.0003 5084  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:37:10.0006 5084  sfloppy - ok
13:37:10.0039 5084  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:37:10.0048 5084  SharedAccess - ok
13:37:10.0089 5084  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:37:10.0098 5084  ShellHWDetection - ok
13:37:10.0149 5084  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
13:37:10.0153 5084  sisagp - ok
13:37:10.0165 5084  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
13:37:10.0169 5084  SiSRaid2 - ok
13:37:10.0197 5084  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:37:10.0206 5084  SiSRaid4 - ok
13:37:10.0350 5084  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
13:37:10.0461 5084  slsvc - ok
13:37:10.0508 5084  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
13:37:10.0519 5084  SLUINotify - ok
13:37:10.0574 5084  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:37:10.0577 5084  Smb - ok
13:37:10.0635 5084  [ 63B3B77BDB67EE674771C0E6FB96DA9E ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
13:37:10.0658 5084  smserial - ok
13:37:10.0692 5084  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:37:10.0703 5084  SNMPTRAP - ok
13:37:10.0729 5084  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
13:37:10.0734 5084  spldr - ok
13:37:10.0792 5084  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
13:37:10.0800 5084  Spooler - ok
13:37:10.0851 5084  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:37:10.0859 5084  srv - ok
13:37:10.0897 5084  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:37:10.0902 5084  srv2 - ok
13:37:10.0924 5084  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:37:10.0928 5084  srvnet - ok
13:37:10.0959 5084  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:37:10.0970 5084  SSDPSRV - ok
13:37:11.0004 5084  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:37:11.0012 5084  SstpSvc - ok
13:37:11.0081 5084  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
13:37:11.0096 5084  stisvc - ok
13:37:11.0118 5084  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:37:11.0119 5084  swenum - ok
13:37:11.0165 5084  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
13:37:11.0178 5084  swprv - ok
13:37:11.0207 5084  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
13:37:11.0213 5084  Symc8xx - ok
13:37:11.0242 5084  SymIM - ok
13:37:11.0253 5084  SymIMMP - ok
13:37:11.0280 5084  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
13:37:11.0284 5084  Sym_hi - ok
13:37:11.0302 5084  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
13:37:11.0306 5084  Sym_u3 - ok
13:37:11.0367 5084  [ BF7AA84D5AF0FAA0978C840E63B17DBF ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:37:11.0372 5084  SynTP - ok
13:37:11.0418 5084  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
13:37:11.0437 5084  SysMain - ok
13:37:11.0467 5084  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:37:11.0475 5084  TabletInputService - ok
13:37:11.0518 5084  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:37:11.0529 5084  TapiSrv - ok
13:37:11.0556 5084  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
13:37:11.0563 5084  TBS - ok
13:37:11.0642 5084  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:37:11.0665 5084  Tcpip - ok
13:37:11.0692 5084  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
13:37:11.0703 5084  Tcpip6 - ok
13:37:11.0741 5084  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:37:11.0743 5084  tcpipreg - ok
13:37:11.0775 5084  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:37:11.0778 5084  TDPIPE - ok
13:37:11.0795 5084  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:37:11.0799 5084  TDTCP - ok
13:37:11.0850 5084  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:37:11.0853 5084  tdx - ok
13:37:11.0902 5084  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:37:11.0905 5084  TermDD - ok
13:37:11.0947 5084  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
13:37:11.0962 5084  TermService - ok
13:37:12.0012 5084  [ A56EC942ECABFB7849BFA76060F929FB ] TfFsMon         C:\Windows\system32\drivers\TfFsMon.sys
13:37:12.0016 5084  TfFsMon - ok
13:37:12.0043 5084  [ 917EF522563F6047685486EFA486FB3C ] TfNetMon        C:\Windows\system32\drivers\TfNetMon.sys
13:37:12.0045 5084  TfNetMon - ok
13:37:12.0062 5084  [ 57EDBB5FE7FF09BB21121D13BB950BA5 ] TfSysMon        C:\Windows\system32\drivers\TfSysMon.sys
13:37:12.0067 5084  TfSysMon - ok
13:37:12.0089 5084  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
13:37:12.0096 5084  Themes - ok
13:37:12.0110 5084  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
13:37:12.0114 5084  THREADORDER - ok
13:37:12.0133 5084  ThreatFire - ok
13:37:12.0156 5084  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
13:37:12.0163 5084  TrkWks - ok
13:37:12.0213 5084  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:37:12.0215 5084  TrustedInstaller - ok
13:37:12.0244 5084  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:37:12.0248 5084  tssecsrv - ok
13:37:12.0271 5084  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
13:37:12.0274 5084  tunmp - ok
13:37:12.0315 5084  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:37:12.0317 5084  tunnel - ok
13:37:12.0343 5084  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:37:12.0347 5084  uagp35 - ok
13:37:12.0391 5084  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:37:12.0399 5084  udfs - ok
13:37:12.0433 5084  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:37:12.0439 5084  UI0Detect - ok
13:37:12.0483 5084  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:37:12.0487 5084  uliagpkx - ok
13:37:12.0517 5084  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
13:37:12.0530 5084  uliahci - ok
13:37:12.0585 5084  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
13:37:12.0590 5084  UlSata - ok
13:37:12.0612 5084  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
13:37:12.0617 5084  ulsata2 - ok
13:37:12.0645 5084  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:37:12.0648 5084  umbus - ok
13:37:12.0678 5084  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
13:37:12.0690 5084  upnphost - ok
13:37:12.0743 5084  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
13:37:12.0747 5084  USBAAPL - ok
13:37:12.0774 5084  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:37:12.0778 5084  usbccgp - ok
13:37:12.0814 5084  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:37:12.0818 5084  usbcir - ok
13:37:12.0899 5084  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:37:12.0902 5084  usbehci - ok
13:37:12.0950 5084  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:37:12.0956 5084  usbhub - ok
13:37:12.0987 5084  [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:37:12.0990 5084  usbohci - ok
13:37:13.0016 5084  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:37:13.0020 5084  usbprint - ok
13:37:13.0048 5084  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:37:13.0051 5084  usbscan - ok
13:37:13.0103 5084  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:37:13.0105 5084  USBSTOR - ok
13:37:13.0148 5084  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:37:13.0150 5084  usbuhci - ok
13:37:13.0190 5084  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
13:37:13.0194 5084  usbvideo - ok
13:37:13.0220 5084  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
13:37:13.0226 5084  UxSms - ok
13:37:13.0288 5084  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
13:37:13.0303 5084  vds - ok
13:37:13.0332 5084  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:37:13.0335 5084  vga - ok
13:37:13.0357 5084  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:37:13.0360 5084  VgaSave - ok
13:37:13.0392 5084  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
13:37:13.0396 5084  viaagp - ok
13:37:13.0413 5084  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
13:37:13.0417 5084  ViaC7 - ok
13:37:13.0443 5084  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
13:37:13.0446 5084  viaide - ok
13:37:13.0482 5084  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:37:13.0486 5084  volmgr - ok
13:37:13.0569 5084  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:37:13.0579 5084  volmgrx - ok
13:37:13.0637 5084  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:37:13.0641 5084  volsnap - ok
13:37:13.0700 5084  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:37:13.0706 5084  vsmraid - ok
13:37:13.0763 5084  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
13:37:13.0794 5084  VSS - ok
13:37:13.0837 5084  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
13:37:13.0850 5084  W32Time - ok
13:37:13.0894 5084  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:37:13.0897 5084  WacomPen - ok
13:37:13.0933 5084  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
13:37:13.0936 5084  Wanarp - ok
13:37:13.0943 5084  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:37:13.0946 5084  Wanarpv6 - ok
13:37:13.0976 5084  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:37:13.0993 5084  wcncsvc - ok
13:37:14.0030 5084  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:37:14.0037 5084  WcsPlugInService - ok
13:37:14.0070 5084  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
13:37:14.0073 5084  Wd - ok
13:37:14.0143 5084  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:37:14.0157 5084  Wdf01000 - ok
13:37:14.0180 5084  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:37:14.0188 5084  WdiServiceHost - ok
13:37:14.0197 5084  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:37:14.0204 5084  WdiSystemHost - ok
13:37:14.0250 5084  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
13:37:14.0261 5084  WebClient - ok
13:37:14.0300 5084  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:37:14.0307 5084  Wecsvc - ok
13:37:14.0329 5084  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:37:14.0336 5084  wercplsupport - ok
13:37:14.0379 5084  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:37:14.0387 5084  WerSvc - ok
13:37:14.0439 5084  [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
13:37:14.0457 5084  winachsf - ok
13:37:14.0502 5084  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:37:14.0520 5084  WinDefend - ok
13:37:14.0536 5084  WinHttpAutoProxySvc - ok
13:37:14.0612 5084  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:37:14.0618 5084  Winmgmt - ok
13:37:14.0686 5084  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:37:14.0720 5084  WinRM - ok
13:37:14.0803 5084  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:37:14.0820 5084  Wlansvc - ok
13:37:14.0848 5084  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:37:14.0849 5084  WmiAcpi - ok
13:37:14.0889 5084  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:37:14.0894 5084  wmiApSrv - ok
13:37:14.0961 5084  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:37:14.0975 5084  WMPNetworkSvc - ok
13:37:15.0027 5084  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:37:15.0036 5084  WPCSvc - ok
13:37:15.0095 5084  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:37:15.0102 5084  WPDBusEnum - ok
13:37:15.0165 5084  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
13:37:15.0169 5084  WpdUsb - ok
13:37:15.0268 5084  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:37:15.0287 5084  WPFFontCache_v0400 - ok
13:37:15.0304 5084  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:37:15.0308 5084  ws2ifsl - ok
13:37:15.0335 5084  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
13:37:15.0342 5084  wscsvc - ok
13:37:15.0350 5084  WSearch - ok
13:37:15.0475 5084  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
13:37:15.0537 5084  wuauserv - ok
13:37:15.0588 5084  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:37:15.0592 5084  WudfPf - ok
13:37:15.0618 5084  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:37:15.0623 5084  WUDFRd - ok
13:37:15.0688 5084  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:37:15.0696 5084  wudfsvc - ok
13:37:15.0717 5084  ================ Scan global ===============================
13:37:15.0742 5084  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
13:37:15.0807 5084  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
13:37:15.0829 5084  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
13:37:15.0873 5084  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
13:37:15.0885 5084  [Global] - ok
13:37:15.0886 5084  ================ Scan MBR ==================================
13:37:15.0899 5084  [ 1A1A06F62E891045814007163C1C76C3 ] \Device\Harddisk0\DR0
13:37:16.0704 5084  \Device\Harddisk0\DR0 - ok
13:37:16.0705 5084  ================ Scan VBR ==================================
13:37:16.0713 5084  [ 3626E676AC8B89B2334D86CBDB12F7AF ] \Device\Harddisk0\DR0\Partition1
13:37:16.0716 5084  \Device\Harddisk0\DR0\Partition1 - ok
13:37:16.0722 5084  [ 02AE5C66999975532D619493468777F6 ] \Device\Harddisk0\DR0\Partition2
13:37:16.0724 5084  \Device\Harddisk0\DR0\Partition2 - ok
13:37:16.0728 5084  ============================================================
13:37:16.0728 5084  Scan finished
13:37:16.0728 5084  ============================================================
13:37:16.0750 1360  Detected object count: 0
13:37:16.0750 1360  Actual detected object count: 0
13:46:23.0105 4884  Deinitialize success
 
Adwcleaner
 
# AdwCleaner v2.200 - Logfile created 04/17/2013 at 13:49:20
# Updated 02/04/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : jose - JOSE-PC
# Boot Mode : Normal
# Running from : C:\Users\jose\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\jose\AppData\Roaming\Mozilla\Firefox\Profiles\3qqd4g8s.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\irma\AppData\Roaming\iWin
Folder Deleted : C:\Users\jose\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\jose\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\jose\AppData\Roaming\Mozilla\Firefox\Profiles\3qqd4g8s.default\extensions\toolbar@ask.com
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16476
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v12.0 (en-US)
 
File : C:\Users\jose\AppData\Roaming\Mozilla\Firefox\Profiles\3qqd4g8s.default\prefs.js
 
Deleted : user_pref("browser.bdtoolbar.orig_keyword_url", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&[...]
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("extensions.asktb.cbid", "FM");
Deleted : user_pref("extensions.asktb.config-updated", false);
Deleted : user_pref("extensions.asktb.crumb", "2011.03.08+20.04.03-toolbar007iad-US-SG91c3RvbixUWCxVbml0ZWQgU3[...]
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.dtid", "TES002YYUS");
Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&s[...]
Deleted : user_pref("extensions.asktb.first-restart-after-config-update", true);
Deleted : user_pref("extensions.asktb.fresh-install", false);
Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1306817050096");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.o", "14193");
Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.r", "3");
Deleted : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=[...]
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.silent-upgrade", true);
Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
 
-\\ Google Chrome v26.0.1410.64
 
File : C:\Users\jose\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [11797 octets] - [17/04/2013 13:49:20]
 
########## EOF - C:\AdwCleaner[S1].txt - [11858 octets] ##########
 
 
And esset scan results
 
C:\Users\jose\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.0.8.windows.exe multiple threats cleaned by deleting - quarantined
C:\Users\jose\Downloads\InstallInternetDefender_599.exe a variant of NSIS/TrojanDownloader.FakeAlert.DY trojan cleaned by deleting - quarantined
C:\Users\jose\Downloads\InstallInternetDefender_775.exe a variant of NSIS/TrojanDownloader.FakeAlert.DY trojan cleaned by deleting - quarantined
 
 
Thanks for your help again and please tell me if I definitely must start a new thread
 
Blessings
martin


#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:38 PM

Posted 17 April 2013 - 08:40 PM

Hello remove this,it's old

Java™ 6 Update 2 (Version: 1.6.0.20)

 

Update to Adobe Reader XI 

 

You should Uninstall, Reboot and then install the latest Firefox

 

There are a lot of system file errors in the log above. Run System File Checker  Use option 2.

 

Let me know how it is and we'll see if you need a new topic.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 duenas77

duenas77
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston TX USA
  • Local time:11:38 AM

Posted 18 April 2013 - 08:01 PM

Everything went well after the Esset scan. After the scan I went on a mission of my own and uninstalled PC Tools Threatfire, Panda AV and Spybot S&D, I also tried to uninstall PC Tools Internet Defender but I couldnt. I disabled the Internet Defender plug in from IE9. (It is already not comaptible with FF, or so it says). Then I used Microsoft autoruns and unchecked all references to PCTools and Internet defender. Then I tried to uninstall it again but it still cannot uninstall. I get this error:

 

"Runtime error (at -1:0):

 

Cannot import dll:C:\Program Files\PC Tools Security\BDT\DRM\SDDRMHelper.dll"

 

Then I saw your reply to my logs and followed it. System File Checker said it fixed a few entries. I cannot seem to find the log though.

 

Now, after the reboot from SFC I get this message

 

"Microsoft Windows

 

CLSched Module Stopped working and was closed

 

A problem caused the application to stop working correctly.

Windows will notify you if a solution is available"

 

My internet has not crashed though. I guess that's a good sign

 

Let me know what you think

 

As always, thanks a lot and God bless

Martin



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:38 PM

Posted 18 April 2013 - 08:45 PM

Hi Martin use this to remove PCTOOLS.... AppRemover

 

 

 

CLSched.exe Command: C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe Description:
Used by Cyberlink PowerCinema to record scheduled shows.

 

 http://www.bleepingcomputer.com/startups/CLSched.exe-17257.html

 

 

So you may need to reinstall that.

 

 

Your welcome!!


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users