Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Plug and Play Service causes 100% cpu load


  • Please log in to reply
35 replies to this topic

#1 ulyv

ulyv

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 PM

Posted 05 September 2013 - 12:56 PM

Hi, 

 

I had started a thread on the windows xp forum which can be viewed at:

 

http://www.bleepingcomputer.com/forums/t/506706/plug-and-play-service-causes-100-cpu-load/#ipboard_body

 

 

We ran a few scans and removed some software but the problem still remains. It appears my PnP services is exhibiting virus like behavior so i've been instructed to begin a topic here.

 

This issue started occurring after I downloaded an update for my mouse software and the installation failed. i am able to run the computer when i disable PnP services from windows, if its enabled the computer's cpu run a 100% and extremely slow. 

 

Any help on this topic would be greatly appreciated.

 

Thanks



BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:47 PM

Posted 05 September 2013 - 02:44 PM

Hello,
 
I will be helping you with your problems. Please be patient while I assist you.
 
Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
  • NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.
     
    NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
    - Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.
     
    NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.
     
    ----------------------------------------------
     
    Please do the following:
     
    :step1:
     
    Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
    • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    • Vista/Windows 7 users right-click and select Run As Administrator.
    • If TDSSKiller does not run, try renaming it.
    • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
    • Click on change parameters
    • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
    • Click the Start Scan button.
    • Do not use the computer during the scan
    • If the scan completes with nothing found, click Close to exit.
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    • Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
    • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
    • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.
    :step2:
     
    Please download AdwCleaner by Xplode onto your desktop.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Search.
    • A logfile will automatically open after the scan has finished.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[R1].txt as well.
    :step3:
     
    Please download Farbar Service Scanner and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center/Action Center
      • Windows Update
      • Windows Defender
      • Other Services
    • Press Scan.
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the full contents of the log in your next reply.
    :step4:
     
    Please download MiniToolBox, save it to your desktop and run it.
     
    Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices (Only Problems)
    • List Users, Partitions and Memory size.
    • List Minidump Files
    • List Restore points
    NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
    Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 ulyv

ulyv
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 PM

Posted 05 September 2013 - 06:57 PM

Should I disable the Plug and Play service in order to run these programs. I am currently trying to run adwCleaner and the system is running very slow. Tdds ran without a problem and I will post log shortly



#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:47 PM

Posted 05 September 2013 - 07:13 PM

Please disable it while these are run


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 ulyv

ulyv
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 PM

Posted 05 September 2013 - 10:34 PM

23:16:03.0687 0x137c  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
23:16:04.0296 0x137c  ============================================================
23:16:04.0312 0x137c  Current date / time: 2013/09/05 23:16:04.0296
23:16:04.0312 0x137c  SystemInfo:
23:16:04.0312 0x137c  
23:16:04.0312 0x137c  OS Version: 5.1.2600 ServicePack: 3.0
23:16:04.0312 0x137c  Product type: Workstation
23:16:04.0312 0x137c  ComputerName: ULISES-DESKTOP
23:16:04.0312 0x137c  UserName: Ulises
23:16:04.0312 0x137c  Windows directory: C:\WINDOWS
23:16:04.0312 0x137c  System windows directory: C:\WINDOWS
23:16:04.0312 0x137c  Processor architecture: Intel x86
23:16:04.0312 0x137c  Number of processors: 2
23:16:04.0312 0x137c  Page size: 0x1000
23:16:04.0312 0x137c  Boot type: Normal boot
23:16:04.0312 0x137c  ============================================================
23:16:07.0343 0x137c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:16:07.0343 0x137c  Drive \Device\Harddisk1\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:16:07.0906 0x137c  ============================================================
23:16:07.0906 0x137c  \Device\Harddisk0\DR0:
23:16:07.0906 0x137c  MBR partitions:
23:16:07.0906 0x137c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
23:16:07.0906 0x137c  \Device\Harddisk1\DR2:
23:16:07.0906 0x137c  MBR partitions:
23:16:07.0906 0x137c  \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
23:16:07.0906 0x137c  ============================================================
23:16:08.0125 0x137c  C: <-> \Device\Harddisk0\DR0\Partition1
23:16:08.0234 0x137c  J: <-> \Device\Harddisk1\DR2\Partition1
23:16:08.0359 0x137c  ============================================================
23:16:08.0359 0x137c  Initialize success
23:16:08.0359 0x137c  ============================================================
23:16:39.0578 0x0ef4  ============================================================
23:16:39.0578 0x0ef4  Scan started
23:16:39.0578 0x0ef4  Mode: Manual; SigCheck; TDLFS; 
23:16:39.0578 0x0ef4  ============================================================
23:16:41.0734 0x0ef4  ================ Scan system memory ========================
23:16:41.0734 0x0ef4  System memory - ok
23:16:41.0734 0x0ef4  ================ Scan services =============================
23:16:41.0828 0x0ef4  0068261374267990mcinstcleanup - ok
23:16:41.0890 0x0ef4  [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883           C:\WINDOWS\system32\DRIVERS\61883.sys
23:16:42.0140 0x0ef4  61883 - ok
23:16:42.0140 0x0ef4  Abiosdsk - ok
23:16:42.0156 0x0ef4  abp480n5 - ok
23:16:42.0187 0x0ef4  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:16:42.0265 0x0ef4  ACPI - ok
23:16:42.0296 0x0ef4  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
23:16:42.0390 0x0ef4  ACPIEC - ok
23:16:42.0500 0x0ef4  [ BF3818B441955E4D438EC72F06F1FE61 ] AdobeActiveFileMonitor11.0 C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
23:16:42.0515 0x0ef4  AdobeActiveFileMonitor11.0 - ok
23:16:42.0531 0x0ef4  adpu160m - ok
23:16:42.0546 0x0ef4  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
23:16:42.0625 0x0ef4  aec - ok
23:16:42.0640 0x0ef4  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
23:16:42.0703 0x0ef4  AFD - ok
23:16:42.0703 0x0ef4  Aha154x - ok
23:16:42.0718 0x0ef4  aic78u2 - ok
23:16:42.0718 0x0ef4  aic78xx - ok
23:16:42.0718 0x0ef4  AirPrint - ok
23:16:42.0734 0x0ef4  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
23:16:42.0812 0x0ef4  Alerter - ok
23:16:42.0828 0x0ef4  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
23:16:42.0906 0x0ef4  ALG - ok
23:16:42.0921 0x0ef4  AliIde - ok
23:16:42.0921 0x0ef4  amsint - ok
23:16:42.0953 0x0ef4  [ 8D3A55F7B7BE6B374479E5195F477226 ] AnyDVD          C:\WINDOWS\system32\Drivers\AnyDVD.sys
23:16:42.0984 0x0ef4  AnyDVD - ok
23:16:43.0031 0x0ef4  [ EDE236AED2002D20AA81A0F1E0276B63 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
23:16:43.0062 0x0ef4  APC UPS Service ( UnsignedFile.Multi.Generic ) - warning
23:16:43.0062 0x0ef4  APC UPS Service - detected UnsignedFile.Multi.Generic (1)
23:16:43.0156 0x0ef4  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:16:43.0171 0x0ef4  Apple Mobile Device - ok
23:16:43.0203 0x0ef4  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
23:16:43.0281 0x0ef4  AppMgmt - ok
23:16:43.0281 0x0ef4  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:16:43.0359 0x0ef4  Arp1394 - ok
23:16:43.0359 0x0ef4  asc - ok
23:16:43.0359 0x0ef4  asc3350p - ok
23:16:43.0375 0x0ef4  asc3550 - ok
23:16:43.0390 0x0ef4  [ 54AB078660E536DA72B21A27F56B035B ] Aspi32          C:\WINDOWS\system32\drivers\aspi32.sys
23:16:43.0390 0x0ef4  Aspi32 ( UnsignedFile.Multi.Generic ) - warning
23:16:43.0390 0x0ef4  Aspi32 - detected UnsignedFile.Multi.Generic (1)
23:16:43.0453 0x0ef4  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:16:43.0468 0x0ef4  aspnet_state - ok
23:16:43.0484 0x0ef4  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:16:43.0562 0x0ef4  AsyncMac - ok
23:16:43.0562 0x0ef4  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
23:16:43.0640 0x0ef4  atapi - ok
23:16:43.0640 0x0ef4  Atdisk - ok
23:16:43.0656 0x0ef4  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:16:43.0734 0x0ef4  Atmarpc - ok
23:16:43.0765 0x0ef4  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
23:16:43.0843 0x0ef4  AudioSrv - ok
23:16:43.0859 0x0ef4  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
23:16:43.0937 0x0ef4  audstub - ok
23:16:44.0015 0x0ef4  [ B5D974C1FD078A68C7536C561B031D39 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
23:16:44.0031 0x0ef4  Automatic LiveUpdate Scheduler - ok
23:16:44.0062 0x0ef4  [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc             C:\WINDOWS\system32\DRIVERS\avc.sys
23:16:44.0156 0x0ef4  Avc - ok
23:16:44.0187 0x0ef4  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:16:44.0265 0x0ef4  Beep - ok
23:16:44.0312 0x0ef4  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
23:16:44.0500 0x0ef4  BITS - ok
23:16:44.0531 0x0ef4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:16:44.0546 0x0ef4  Bonjour Service - ok
23:16:44.0578 0x0ef4  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
23:16:44.0609 0x0ef4  Browser - ok
23:16:44.0609 0x0ef4  btaudio - ok
23:16:44.0609 0x0ef4  BTDriver - ok
23:16:44.0656 0x0ef4  [ 0627ED35E6C287A924C3B685815DB8D8 ] BTKRNL          C:\WINDOWS\system32\DRIVERS\btkrnl.sys
23:16:44.0734 0x0ef4  BTKRNL ( UnsignedFile.Multi.Generic ) - warning
23:16:44.0734 0x0ef4  BTKRNL - detected UnsignedFile.Multi.Generic (1)
23:16:44.0734 0x0ef4  BTSERIAL - ok
23:16:44.0734 0x0ef4  BTSLBCSP - ok
23:16:44.0734 0x0ef4  BTWDNDIS - ok
23:16:44.0765 0x0ef4  [ 21B393AA3ADE51451178CD79B7995B70 ] btwmodem        C:\WINDOWS\system32\DRIVERS\btwmodem.sys
23:16:44.0781 0x0ef4  btwmodem ( UnsignedFile.Multi.Generic ) - warning
23:16:44.0781 0x0ef4  btwmodem - detected UnsignedFile.Multi.Generic (1)
23:16:44.0796 0x0ef4  [ 540E6832D01E0B35A0E341FC0C3F5A4C ] BTWUSB          C:\WINDOWS\system32\Drivers\btwusb.sys
23:16:44.0796 0x0ef4  BTWUSB ( UnsignedFile.Multi.Generic ) - warning
23:16:44.0796 0x0ef4  BTWUSB - detected UnsignedFile.Multi.Generic (1)
23:16:44.0812 0x0ef4  [ EC7540BDE35E567C32AC68AA70F0946C ] CAILI           C:\WINDOWS\system32\caili.exe
23:16:44.0828 0x0ef4  CAILI ( UnsignedFile.Multi.Generic ) - warning
23:16:44.0828 0x0ef4  CAILI - detected UnsignedFile.Multi.Generic (1)
23:16:44.0859 0x0ef4  [ 1778EBA872274C1226D869CD9486847E ] Capture Device Service C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
23:16:44.0875 0x0ef4  Capture Device Service - ok
23:16:44.0906 0x0ef4  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
23:16:45.0015 0x0ef4  cbidf2k - ok
23:16:45.0031 0x0ef4  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:16:45.0156 0x0ef4  CCDECODE - ok
23:16:45.0156 0x0ef4  cd20xrnt - ok
23:16:45.0187 0x0ef4  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
23:16:45.0265 0x0ef4  Cdaudio - ok
23:16:45.0265 0x0ef4  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
23:16:45.0343 0x0ef4  Cdfs - ok
23:16:45.0343 0x0ef4  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:16:45.0421 0x0ef4  Cdrom - ok
23:16:45.0453 0x0ef4  [ 25C323075C5EA4A2555E35355A01F793 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
23:16:45.0593 0x0ef4  cfwids - ok
23:16:45.0593 0x0ef4  Changer - ok
23:16:45.0625 0x0ef4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
23:16:45.0687 0x0ef4  CiSvc - ok
23:16:45.0703 0x0ef4  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
23:16:45.0781 0x0ef4  ClipSrv - ok
23:16:45.0843 0x0ef4  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:16:46.0031 0x0ef4  clr_optimization_v2.0.50727_32 - ok
23:16:46.0062 0x0ef4  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:16:46.0265 0x0ef4  clr_optimization_v4.0.30319_32 - ok
23:16:46.0265 0x0ef4  CM1023264TB - ok
23:16:46.0265 0x0ef4  CmdIde - ok
23:16:46.0265 0x0ef4  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:16:46.0343 0x0ef4  Compbatt - ok
23:16:46.0343 0x0ef4  COMSysApp - ok
23:16:46.0359 0x0ef4  Cpqarray - ok
23:16:46.0390 0x0ef4  [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv          C:\Program Files\SystemRequirementsLab\cpudrv.sys
23:16:46.0781 0x0ef4  cpudrv - ok
23:16:46.0781 0x0ef4  Crypkey License - ok
23:16:46.0796 0x0ef4  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
23:16:46.0875 0x0ef4  CryptSvc - ok
23:16:46.0875 0x0ef4  dac2w2k - ok
23:16:46.0890 0x0ef4  dac960nt - ok
23:16:46.0921 0x0ef4  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:16:46.0937 0x0ef4  DcomLaunch - ok
23:16:46.0984 0x0ef4  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
23:16:47.0046 0x0ef4  Dhcp - ok
23:16:47.0046 0x0ef4  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
23:16:47.0156 0x0ef4  Disk - ok
23:16:47.0156 0x0ef4  dmadmin - ok
23:16:47.0203 0x0ef4  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
23:16:47.0296 0x0ef4  dmboot - ok
23:16:47.0312 0x0ef4  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
23:16:47.0421 0x0ef4  dmio - ok
23:16:47.0421 0x0ef4  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
23:16:47.0500 0x0ef4  dmload - ok
23:16:47.0531 0x0ef4  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
23:16:47.0609 0x0ef4  dmserver - ok
23:16:47.0625 0x0ef4  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
23:16:47.0687 0x0ef4  DMusic - ok
23:16:47.0718 0x0ef4  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:16:47.0750 0x0ef4  Dnscache - ok
23:16:47.0781 0x0ef4  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:16:47.0843 0x0ef4  Dot3svc - ok
23:16:47.0859 0x0ef4  dpti2o - ok
23:16:47.0859 0x0ef4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:16:47.0937 0x0ef4  drmkaud - ok
23:16:47.0937 0x0ef4  dsNcAdpt - ok
23:16:47.0968 0x0ef4  [ C537B7A32DC4D9B0112ED68BDC8395E2 ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
23:16:48.0187 0x0ef4  e1express - ok
23:16:48.0203 0x0ef4  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
23:16:48.0281 0x0ef4  EapHost - ok
23:16:48.0296 0x0ef4  [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
23:16:48.0453 0x0ef4  ElbyCDIO - ok
23:16:48.0484 0x0ef4  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
23:16:48.0562 0x0ef4  ERSvc - ok
23:16:48.0593 0x0ef4  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
23:16:48.0640 0x0ef4  Eventlog - ok
23:16:48.0687 0x0ef4  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
23:16:48.0765 0x0ef4  EventSystem - ok
23:16:48.0781 0x0ef4  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
23:16:48.0859 0x0ef4  Fastfat - ok
23:16:48.0890 0x0ef4  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:16:48.0953 0x0ef4  FastUserSwitchingCompatibility - ok
23:16:48.0953 0x0ef4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
23:16:49.0046 0x0ef4  Fdc - ok
23:16:49.0062 0x0ef4  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
23:16:49.0140 0x0ef4  Fips - ok
23:16:49.0187 0x0ef4  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:16:49.0234 0x0ef4  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:16:49.0234 0x0ef4  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:16:49.0281 0x0ef4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:16:49.0359 0x0ef4  Flpydisk - ok
23:16:49.0359 0x0ef4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:16:49.0437 0x0ef4  FltMgr - ok
23:16:49.0500 0x0ef4  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:16:49.0515 0x0ef4  FontCache3.0.0.0 - ok
23:16:49.0515 0x0ef4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:16:49.0609 0x0ef4  Fs_Rec - ok
23:16:49.0625 0x0ef4  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:16:49.0703 0x0ef4  Ftdisk - ok
23:16:49.0718 0x0ef4  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:16:49.0828 0x0ef4  GEARAspiWDM - ok
23:16:49.0859 0x0ef4  [ 360FC9E29EBCD7CB75320E2663EBA0F2 ] getPlusHelper   C:\Program Files\NOS\bin\getPlus_Helper.dll
23:16:49.0875 0x0ef4  getPlusHelper - ok
23:16:49.0875 0x0ef4  GMSIPCI - ok
23:16:49.0906 0x0ef4  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:16:50.0046 0x0ef4  Gpc - ok
23:16:50.0109 0x0ef4  [ 626A24ED1228580B9518C01930936DF9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
23:16:50.0125 0x0ef4  gupdate - ok
23:16:50.0125 0x0ef4  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:16:50.0140 0x0ef4  gupdatem - ok
23:16:50.0187 0x0ef4  [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:16:50.0234 0x0ef4  HDAudBus ( UnsignedFile.Multi.Generic ) - warning
23:16:50.0234 0x0ef4  HDAudBus - detected UnsignedFile.Multi.Generic (1)
23:16:50.0328 0x0ef4  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:16:50.0421 0x0ef4  helpsvc - ok
23:16:50.0437 0x0ef4  [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt         C:\WINDOWS\system32\DRIVERS\HidBatt.sys
23:16:50.0515 0x0ef4  HidBatt - ok
23:16:50.0546 0x0ef4  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
23:16:50.0625 0x0ef4  HidServ - ok
23:16:50.0640 0x0ef4  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:16:50.0718 0x0ef4  HidUsb - ok
23:16:50.0781 0x0ef4  [ D61E53E3FEC0C92BC8DD3969FAD63F87 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
23:16:50.0890 0x0ef4  HipShieldK - ok
23:16:50.0937 0x0ef4  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
23:16:51.0000 0x0ef4  hkmsvc - ok
23:16:51.0015 0x0ef4  hpn - ok
23:16:51.0031 0x0ef4  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
23:16:51.0093 0x0ef4  HTTP - ok
23:16:51.0109 0x0ef4  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
23:16:51.0187 0x0ef4  HTTPFilter - ok
23:16:51.0187 0x0ef4  i2omgmt - ok
23:16:51.0187 0x0ef4  i2omp - ok
23:16:51.0203 0x0ef4  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:16:51.0265 0x0ef4  i8042prt - ok
23:16:51.0359 0x0ef4  [ 0B66A9A2137213075F753579E7D573A5 ] IAANTMon        C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
23:16:51.0375 0x0ef4  IAANTMon ( UnsignedFile.Multi.Generic ) - warning
23:16:51.0375 0x0ef4  IAANTMon - detected UnsignedFile.Multi.Generic (1)
23:16:51.0406 0x0ef4  [ 309C4D86D989FB1FCF64BD30DC81C51B ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
23:16:51.0468 0x0ef4  iaStor - ok
23:16:51.0515 0x0ef4  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
23:16:51.0515 0x0ef4  IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:16:51.0531 0x0ef4  IDriverT - detected UnsignedFile.Multi.Generic (1)
23:16:51.0593 0x0ef4  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:16:51.0625 0x0ef4  idsvc - ok
23:16:51.0703 0x0ef4  [ 13202C37CBBC5DF5B34AE77B80899CD3 ] IduService      C:\Program Files\Intel\Intel Desktop Utilities\iduServ.exe
23:16:51.0718 0x0ef4  IduService ( UnsignedFile.Multi.Generic ) - warning
23:16:51.0718 0x0ef4  IduService - detected UnsignedFile.Multi.Generic (1)
23:16:51.0750 0x0ef4  [ DB3C22745C0DA4666F3BE31F1AF36B2F ] IISADMIN        C:\WINDOWS\system32\inetsrv\inetinfo.exe
23:16:51.0828 0x0ef4  IISADMIN - ok
23:16:51.0828 0x0ef4  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
23:16:51.0906 0x0ef4  Imapi - ok
23:16:51.0953 0x0ef4  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
23:16:52.0031 0x0ef4  ImapiService - ok
23:16:52.0031 0x0ef4  InCDFs - ok
23:16:52.0031 0x0ef4  InCDPass - ok
23:16:52.0046 0x0ef4  InCDRm - ok
23:16:52.0046 0x0ef4  ini910u - ok
23:16:52.0078 0x0ef4  [ D35CDE70CFC50E5400D212626A0C3D92 ] Intel® PROSet Monitoring Service C:\WINDOWS\system32\IProsetMonitor.exe
23:16:52.0093 0x0ef4  Intel® PROSet Monitoring Service - ok
23:16:52.0093 0x0ef4  IntelIde - ok
23:16:52.0125 0x0ef4  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:16:52.0203 0x0ef4  intelppm - ok
23:16:52.0296 0x0ef4  [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
23:16:52.0312 0x0ef4  IntuitUpdateService - ok
23:16:52.0390 0x0ef4  [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
23:16:52.0406 0x0ef4  IntuitUpdateServiceV4 - ok
23:16:52.0437 0x0ef4  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
23:16:52.0500 0x0ef4  Ip6Fw - ok
23:16:52.0531 0x0ef4  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:16:52.0625 0x0ef4  IpFilterDriver - ok
23:16:52.0656 0x0ef4  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:16:52.0750 0x0ef4  IpInIp - ok
23:16:52.0765 0x0ef4  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:16:52.0843 0x0ef4  IpNat - ok
23:16:52.0875 0x0ef4  [ D8B8B5A8FE57CF4F307A540D9A153C23 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:16:52.0906 0x0ef4  iPod Service - ok
23:16:52.0937 0x0ef4  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:16:53.0015 0x0ef4  IPSec - ok
23:16:53.0046 0x0ef4  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
23:16:53.0125 0x0ef4  IRENUM - ok
23:16:53.0140 0x0ef4  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:16:53.0234 0x0ef4  isapnp - ok
23:16:53.0343 0x0ef4  [ 4F4D4AA1E0849FECC0CF5AACD59030B5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
23:16:53.0343 0x0ef4  JavaQuickStarterService - ok
23:16:53.0375 0x0ef4  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:16:53.0453 0x0ef4  Kbdclass - ok
23:16:53.0468 0x0ef4  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:16:53.0531 0x0ef4  kbdhid - ok
23:16:53.0562 0x0ef4  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
23:16:53.0640 0x0ef4  kmixer - ok
23:16:53.0656 0x0ef4  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
23:16:53.0703 0x0ef4  KSecDD - ok
23:16:53.0734 0x0ef4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
23:16:53.0796 0x0ef4  lanmanserver - ok
23:16:53.0828 0x0ef4  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:16:53.0921 0x0ef4  lanmanworkstation - ok
23:16:53.0921 0x0ef4  [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd             C:\WINDOWS\system32\DRIVERS\Lbd.sys
23:16:53.0937 0x0ef4  Lbd - ok
23:16:53.0937 0x0ef4  lbrtfdc - ok
23:16:54.0015 0x0ef4  [ 0EE66BDF485C6828AA65C0EF5D591133 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:16:54.0031 0x0ef4  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
23:16:54.0031 0x0ef4  LightScribeService - detected UnsignedFile.Multi.Generic (1)
23:16:54.0109 0x0ef4  [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
23:16:54.0203 0x0ef4  LiveUpdate - ok
23:16:54.0250 0x0ef4  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
23:16:54.0328 0x0ef4  LmHosts - ok
23:16:54.0375 0x0ef4  [ 2D0AB9D29E6B0C42CCE955B5A8E0D62D ] LVcKap          C:\WINDOWS\system32\DRIVERS\LVcKap.sys
23:16:54.0421 0x0ef4  LVcKap - ok
23:16:54.0484 0x0ef4  [ A3963E3D997C3646E1D3338EB88A48E9 ] LVMVDrv         C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
23:16:54.0562 0x0ef4  LVMVDrv - ok
23:16:54.0593 0x0ef4  [ 39C767BD6D99C23D28E71B6E0CBA3129 ] LVPr2Mon        C:\WINDOWS\system32\drivers\LVPr2Mon.sys
23:16:54.0593 0x0ef4  LVPr2Mon - ok
23:16:54.0640 0x0ef4  [ 44B3B997E25C5D9A81D6C501451A96D7 ] LVPrcSrv        c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
23:16:54.0656 0x0ef4  LVPrcSrv - ok
23:16:54.0671 0x0ef4  [ 7B4607C0C664DA98753508F85BB10694 ] LVSrvLauncher   C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
23:16:54.0687 0x0ef4  LVSrvLauncher - ok
23:16:54.0718 0x0ef4  [ 6AD3F5275F117F08C12EAB2233A9E3FB ] LVUSBSta        C:\WINDOWS\system32\drivers\lvusbsta.sys
23:16:54.0734 0x0ef4  LVUSBSta - ok
23:16:54.0765 0x0ef4  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
23:16:54.0781 0x0ef4  MBAMProtector - ok
23:16:54.0812 0x0ef4  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:16:54.0828 0x0ef4  MBAMScheduler - ok
23:16:54.0859 0x0ef4  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:16:54.0875 0x0ef4  MBAMService - ok
23:16:54.0937 0x0ef4  [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:54.0953 0x0ef4  McAfee SiteAdvisor Service - ok
23:16:55.0046 0x0ef4  [ E6CB119EF2E148EAA1A247343550756E ] McciCMService   C:\Program Files\Common Files\Motive\McciCMService.exe
23:16:55.0046 0x0ef4  McciCMService ( UnsignedFile.Multi.Generic ) - warning
23:16:55.0046 0x0ef4  McciCMService - detected UnsignedFile.Multi.Generic (1)
23:16:55.0046 0x0ef4  [ ECAB006AC6136F1307E140B633CDB8C2 ] McMPFSvc        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:55.0062 0x0ef4  McMPFSvc - ok
23:16:55.0078 0x0ef4  [ ECAB006AC6136F1307E140B633CDB8C2 ] mcmscsvc        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:55.0078 0x0ef4  mcmscsvc - ok
23:16:55.0093 0x0ef4  [ ECAB006AC6136F1307E140B633CDB8C2 ] McNaiAnn        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:55.0093 0x0ef4  McNaiAnn - ok
23:16:55.0109 0x0ef4  [ ECAB006AC6136F1307E140B633CDB8C2 ] McNASvc         C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:55.0109 0x0ef4  McNASvc - ok
23:16:55.0203 0x0ef4  [ E352CC1723B3B69A7BB1E81DBC9D9D78 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
23:16:55.0218 0x0ef4  McODS - ok
23:16:55.0234 0x0ef4  [ ECAB006AC6136F1307E140B633CDB8C2 ] McProxy         C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:55.0234 0x0ef4  McProxy - ok
23:16:55.0312 0x0ef4  [ 6FE0532CB16300C09D098F808EAAEE9D ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
23:16:55.0328 0x0ef4  McShield - ok
23:16:55.0359 0x0ef4  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
23:16:55.0375 0x0ef4  MDM - ok
23:16:55.0421 0x0ef4  [ 6D00231AA6136E7720855618E70453A2 ] MemeoBackgroundService C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
23:16:55.0437 0x0ef4  MemeoBackgroundService - ok
23:16:55.0468 0x0ef4  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
23:16:55.0531 0x0ef4  Messenger - ok
23:16:55.0578 0x0ef4  [ 6708AD7D9ABDD6FDE1EB9B54FFE426B0 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
23:16:55.0593 0x0ef4  mfeapfk - ok
23:16:55.0625 0x0ef4  [ 375DE90B68533D9D0D7766D4CCB4CA32 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
23:16:55.0640 0x0ef4  mfeavfk - ok
23:16:55.0656 0x0ef4  mfeavfk01 - ok
23:16:55.0671 0x0ef4  [ 5ED806D4DF27AC11236BD9AD2CC10B7E ] mfebopk         C:\WINDOWS\system32\drivers\mfebopk.sys
23:16:55.0687 0x0ef4  mfebopk - ok
23:16:55.0718 0x0ef4  [ 1A427BB508ACBEE09A88F08D1CA38E2F ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
23:16:55.0734 0x0ef4  mfefire - ok
23:16:55.0765 0x0ef4  [ 16BF9475BFCFAA420A8CB29E40284457 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
23:16:55.0781 0x0ef4  mfefirek - ok
23:16:55.0828 0x0ef4  [ 875452ECDF4AEBE12B8C2EFD8599A36F ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
23:16:55.0843 0x0ef4  mfehidk - ok
23:16:55.0875 0x0ef4  [ 3004E3FE086E76D7D6DFB9A851ED6F10 ] mfendisk        C:\WINDOWS\system32\DRIVERS\mfendisk.sys
23:16:55.0890 0x0ef4  mfendisk - ok
23:16:55.0890 0x0ef4  [ 3004E3FE086E76D7D6DFB9A851ED6F10 ] mfendiskmp      C:\WINDOWS\system32\DRIVERS\mfendisk.sys
23:16:55.0906 0x0ef4  mfendiskmp - ok
23:16:55.0906 0x0ef4  [ D669ACBE7672819109706C3CFF6BD1DB ] mferkdet        C:\WINDOWS\system32\drivers\mferkdet.sys
23:16:55.0921 0x0ef4  mferkdet - ok
23:16:55.0937 0x0ef4  [ 1328C929A2F801BB93DBDFCDC25E0E7A ] mfetdi2k        C:\WINDOWS\system32\drivers\mfetdi2k.sys
23:16:55.0953 0x0ef4  mfetdi2k - ok
23:16:55.0984 0x0ef4  [ D66A1A16166897A5F7D04961F582F03B ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
23:16:56.0000 0x0ef4  mfevtp - ok
23:16:56.0109 0x0ef4  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:16:56.0125 0x0ef4  Microsoft Office Groove Audit Service - ok
23:16:56.0156 0x0ef4  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
23:16:56.0218 0x0ef4  mnmdd - ok
23:16:56.0265 0x0ef4  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
23:16:56.0343 0x0ef4  mnmsrvc - ok
23:16:56.0375 0x0ef4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
23:16:56.0453 0x0ef4  Modem - ok
23:16:56.0484 0x0ef4  [ E5E1C5FE66694909509B8CE7043194E2 ] motccgp         C:\WINDOWS\system32\DRIVERS\motccgp.sys
23:16:56.0578 0x0ef4  motccgp - ok
23:16:56.0593 0x0ef4  [ AAD6191A4DAA519F04AB12B2AF73E356 ] motccgpfl       C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
23:16:56.0609 0x0ef4  motccgpfl - ok
23:16:56.0625 0x0ef4  [ 5023875A94B0766D98A62A72BC4CB055 ] motmodem        C:\WINDOWS\system32\DRIVERS\motmodem.sys
23:16:56.0656 0x0ef4  motmodem - ok
23:16:56.0687 0x0ef4  [ 38E0B25D4F9C0E66B456F15006FC118E ] MotoSwitchService C:\WINDOWS\system32\DRIVERS\motswch.sys
23:16:56.0703 0x0ef4  MotoSwitchService - ok
23:16:56.0734 0x0ef4  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:16:56.0828 0x0ef4  Mouclass - ok
23:16:56.0859 0x0ef4  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:16:56.0937 0x0ef4  mouhid - ok
23:16:56.0937 0x0ef4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
23:16:57.0015 0x0ef4  MountMgr - ok
23:16:57.0015 0x0ef4  mraid35x - ok
23:16:57.0031 0x0ef4  [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
23:16:57.0046 0x0ef4  MREMP50 ( UnsignedFile.Multi.Generic ) - warning
23:16:57.0046 0x0ef4  MREMP50 - detected UnsignedFile.Multi.Generic (1)
23:16:57.0078 0x0ef4  [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5         C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
23:16:57.0078 0x0ef4  MREMPR5 ( UnsignedFile.Multi.Generic ) - warning
23:16:57.0078 0x0ef4  MREMPR5 - detected UnsignedFile.Multi.Generic (1)
23:16:57.0109 0x0ef4  [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5        C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
23:16:57.0109 0x0ef4  MRENDIS5 ( UnsignedFile.Multi.Generic ) - warning
23:16:57.0109 0x0ef4  MRENDIS5 - detected UnsignedFile.Multi.Generic (1)
23:16:57.0125 0x0ef4  [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
23:16:57.0125 0x0ef4  MRESP50 ( UnsignedFile.Multi.Generic ) - warning
23:16:57.0125 0x0ef4  MRESP50 - detected UnsignedFile.Multi.Generic (1)
23:16:57.0125 0x0ef4  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:16:57.0203 0x0ef4  MRxDAV - ok
23:16:57.0218 0x0ef4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:16:57.0281 0x0ef4  MRxSmb - ok
23:16:57.0296 0x0ef4  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
23:16:57.0375 0x0ef4  MSDTC - ok
23:16:57.0390 0x0ef4  [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV            C:\WINDOWS\system32\DRIVERS\msdv.sys
23:16:57.0468 0x0ef4  MSDV - ok
23:16:57.0468 0x0ef4  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:16:57.0546 0x0ef4  Msfs - ok
23:16:57.0562 0x0ef4  [ DB3C22745C0DA4666F3BE31F1AF36B2F ] MSFtpsvc        C:\WINDOWS\system32\inetsrv\inetinfo.exe
23:16:57.0625 0x0ef4  MSFtpsvc - ok
23:16:57.0625 0x0ef4  MSICPL - ok
23:16:57.0625 0x0ef4  MSIServer - ok
23:16:57.0656 0x0ef4  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:16:57.0718 0x0ef4  MSKSSRV - ok
23:16:57.0734 0x0ef4  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:16:57.0796 0x0ef4  MSPCLOCK - ok
23:16:57.0812 0x0ef4  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:16:57.0906 0x0ef4  MSPQM - ok
23:16:57.0937 0x0ef4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:16:58.0000 0x0ef4  mssmbios - ok
23:16:58.0093 0x0ef4  MSSQL$SQLEXPRESS - ok
23:16:58.0156 0x0ef4  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
23:16:58.0171 0x0ef4  MSSQLServerADHelper - ok
23:16:58.0171 0x0ef4  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
23:16:58.0234 0x0ef4  MSTEE - ok
23:16:58.0250 0x0ef4  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
23:16:58.0281 0x0ef4  Mup - ok
23:16:58.0296 0x0ef4  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:16:58.0375 0x0ef4  NABTSFEC - ok
23:16:58.0406 0x0ef4  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
23:16:58.0500 0x0ef4  napagent - ok
23:16:58.0500 0x0ef4  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
23:16:58.0578 0x0ef4  NDIS - ok
23:16:58.0593 0x0ef4  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:16:58.0671 0x0ef4  NdisIP - ok
23:16:58.0703 0x0ef4  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:16:58.0750 0x0ef4  NdisTapi - ok
23:16:58.0781 0x0ef4  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:16:58.0859 0x0ef4  Ndisuio - ok
23:16:58.0875 0x0ef4  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:16:58.0953 0x0ef4  NdisWan - ok
23:16:58.0968 0x0ef4  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:16:59.0062 0x0ef4  NDProxy - ok
23:16:59.0078 0x0ef4  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:16:59.0156 0x0ef4  NetBIOS - ok
23:16:59.0203 0x0ef4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:16:59.0296 0x0ef4  NetBT - ok
23:16:59.0328 0x0ef4  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
23:16:59.0406 0x0ef4  NetDDE - ok
23:16:59.0406 0x0ef4  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
23:16:59.0484 0x0ef4  NetDDEdsdm - ok
23:16:59.0515 0x0ef4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:16:59.0593 0x0ef4  Netlogon - ok
23:16:59.0609 0x0ef4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
23:16:59.0687 0x0ef4  Netman - ok
23:16:59.0718 0x0ef4  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:16:59.0734 0x0ef4  NetTcpPortSharing - ok
23:16:59.0765 0x0ef4  [ 6CDEB8AFC800CEBA83D9EE6FC51391B8 ] NetworkX        C:\WINDOWS\system32\ckldrv.sys
23:16:59.0765 0x0ef4  NetworkX ( UnsignedFile.Multi.Generic ) - warning
23:16:59.0765 0x0ef4  NetworkX - detected UnsignedFile.Multi.Generic (1)
23:16:59.0828 0x0ef4  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:16:59.0906 0x0ef4  NIC1394 - ok
23:16:59.0953 0x0ef4  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
23:16:59.0968 0x0ef4  Nla - ok
23:17:00.0171 0x0ef4  [ 1B49B83747509B2B1D707CD4B09AA504 ] NLNdisMP        C:\WINDOWS\system32\DRIVERS\nlndis.sys
23:17:00.0359 0x0ef4  NLNdisMP - ok
23:17:00.0421 0x0ef4  [ 1B49B83747509B2B1D707CD4B09AA504 ] NLNdisPT        C:\WINDOWS\system32\DRIVERS\nlndis.sys
23:17:00.0531 0x0ef4  NLNdisPT - ok
23:17:00.0625 0x0ef4  [ A021DDEDD9912BCE022C4CDA410D3374 ] nlsvc           C:\Program Files\NetLimiter 3\nlsvc.exe
23:17:00.0640 0x0ef4  nlsvc ( UnsignedFile.Multi.Generic ) - warning
23:17:00.0640 0x0ef4  nlsvc - detected UnsignedFile.Multi.Generic (1)
23:17:00.0750 0x0ef4  [ 6FE26694C94F1A63AF066D7A557F69D3 ] nltdi           C:\Program Files\NetLimiter 3\nltdi.sys
23:17:00.0906 0x0ef4  nltdi - ok
23:17:00.0937 0x0ef4  [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm              C:\WINDOWS\system32\DRIVERS\NMnt.sys
23:17:01.0000 0x0ef4  nm - ok
23:17:01.0078 0x0ef4  [ CD569FA91EC6F59D045C19D0D3850F44 ] nmservice       C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
23:17:01.0109 0x0ef4  nmservice - ok
23:17:01.0265 0x0ef4  [ 4365BCC30F28052005157284B916C681 ] Norton Ghost    C:\Program Files\Norton Ghost\Agent\VProSvc.exe
23:17:01.0406 0x0ef4  Norton Ghost - ok
23:17:01.0421 0x0ef4  [ B15E0180C43D8B5219196D76878CC2DD ] NPF             C:\WINDOWS\system32\drivers\npf.sys
23:17:01.0437 0x0ef4  NPF - ok
23:17:01.0453 0x0ef4  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:17:01.0515 0x0ef4  Npfs - ok
23:17:01.0515 0x0ef4  NTACCESS - ok
23:17:01.0531 0x0ef4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:17:01.0609 0x0ef4  Ntfs - ok
23:17:01.0640 0x0ef4  [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr         C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
23:17:01.0640 0x0ef4  NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
23:17:01.0640 0x0ef4  NTIDrvr - detected UnsignedFile.Multi.Generic (1)
23:17:01.0656 0x0ef4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
23:17:01.0718 0x0ef4  NtLmSsp - ok
23:17:01.0765 0x0ef4  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
23:17:01.0843 0x0ef4  NtmsSvc - ok
23:17:01.0859 0x0ef4  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:17:01.0937 0x0ef4  Null - ok
23:17:02.0187 0x0ef4  [ 7C56F3FD65B2BDB315CA3605A5392D7B ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:17:02.0562 0x0ef4  nv - ok
23:17:02.0593 0x0ef4  [ CC4F8220EAD1F6A38D51679708F435B9 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
23:17:02.0609 0x0ef4  NVSvc - ok
23:17:02.0625 0x0ef4  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:17:02.0703 0x0ef4  NwlnkFlt - ok
23:17:02.0718 0x0ef4  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:17:02.0812 0x0ef4  NwlnkFwd - ok
23:17:02.0890 0x0ef4  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:17:02.0906 0x0ef4  odserv - ok
23:17:02.0906 0x0ef4  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:17:02.0984 0x0ef4  ohci1394 - ok
23:17:03.0015 0x0ef4  [ D45FAAD82E3FC349B579789C511F4F06 ] OneTouch 4.0 Monitor C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
23:17:03.0015 0x0ef4  OneTouch 4.0 Monitor ( UnsignedFile.Multi.Generic ) - warning
23:17:03.0015 0x0ef4  OneTouch 4.0 Monitor - detected UnsignedFile.Multi.Generic (1)
23:17:03.0062 0x0ef4  [ 1933B17550D3E64C5D189DF39F2E38E6 ] OsaFsLoc        C:\WINDOWS\system32\drivers\OsaFsLoc.sys
23:17:03.0062 0x0ef4  OsaFsLoc ( UnsignedFile.Multi.Generic ) - warning
23:17:03.0062 0x0ef4  OsaFsLoc - detected UnsignedFile.Multi.Generic (1)
23:17:03.0093 0x0ef4  [ 6EC2C93FE378EED5B3E069C303BD7848 ] osaio           C:\WINDOWS\system32\drivers\osaio.sys
23:17:03.0109 0x0ef4  osaio ( UnsignedFile.Multi.Generic ) - warning
23:17:03.0109 0x0ef4  osaio - detected UnsignedFile.Multi.Generic (1)
23:17:03.0140 0x0ef4  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:17:03.0156 0x0ef4  ose - ok
23:17:03.0187 0x0ef4  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
23:17:03.0250 0x0ef4  Parport - ok
23:17:03.0265 0x0ef4  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
23:17:03.0359 0x0ef4  PartMgr - ok
23:17:03.0390 0x0ef4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
23:17:03.0453 0x0ef4  ParVdm - ok
23:17:03.0468 0x0ef4  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
23:17:03.0562 0x0ef4  PCI - ok
23:17:03.0562 0x0ef4  PCIDump - ok
23:17:03.0578 0x0ef4  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
23:17:03.0656 0x0ef4  PCIIde - ok
23:17:03.0656 0x0ef4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
23:17:03.0734 0x0ef4  Pcmcia - ok
23:17:03.0734 0x0ef4  PDCOMP - ok
23:17:03.0812 0x0ef4  [ 2764181560732528E3A42A4088AF46EF ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
23:17:03.0843 0x0ef4  PDFProFiltSrvPP ( UnsignedFile.Multi.Generic ) - warning
23:17:03.0843 0x0ef4  PDFProFiltSrvPP - detected UnsignedFile.Multi.Generic (1)
23:17:03.0859 0x0ef4  PDFRAME - ok
23:17:03.0859 0x0ef4  PDRELI - ok
23:17:03.0859 0x0ef4  PDRFRAME - ok
23:17:03.0859 0x0ef4  [ 4350CB255AD546F4668C8B8AFD6A00A4 ] pepifilter      C:\WINDOWS\system32\DRIVERS\lv302af.sys
23:17:03.0875 0x0ef4  pepifilter - ok
23:17:03.0875 0x0ef4  perc2 - ok
23:17:03.0875 0x0ef4  perc2hib - ok
23:17:03.0921 0x0ef4  [ 6B310DE726E1A0DEFD66718A7F79B5D2 ] PID_08A0        C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
23:17:03.0953 0x0ef4  PID_08A0 - ok
23:17:03.0984 0x0ef4  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
23:17:04.0000 0x0ef4  PlugPlay - ok
23:17:04.0046 0x0ef4  [ 36FCAC4FA28B462CA867742DEA59B0D0 ] pnarp           C:\WINDOWS\system32\DRIVERS\pnarp.sys
23:17:04.0046 0x0ef4  pnarp - ok
23:17:04.0078 0x0ef4  [ 08B11F5C60EDCA255B18CEDEF8EFBA2A ] Point32         C:\WINDOWS\system32\DRIVERS\point32.sys
23:17:04.0093 0x0ef4  Point32 ( UnsignedFile.Multi.Generic ) - warning
23:17:04.0093 0x0ef4  Point32 - detected UnsignedFile.Multi.Generic (1)
23:17:04.0093 0x0ef4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
23:17:04.0171 0x0ef4  PolicyAgent - ok
23:17:04.0187 0x0ef4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:17:04.0265 0x0ef4  PptpMiniport - ok
23:17:04.0281 0x0ef4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:17:04.0343 0x0ef4  ProtectedStorage - ok
23:17:04.0343 0x0ef4  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
23:17:04.0421 0x0ef4  PSched - ok
23:17:04.0453 0x0ef4  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
23:17:04.0468 0x0ef4  PSI_SVC_2 - ok
23:17:04.0484 0x0ef4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:17:04.0562 0x0ef4  Ptilink - ok
23:17:04.0578 0x0ef4  [ D8AC00388262B1A4878A7EE12F31D376 ] purendis        C:\WINDOWS\system32\DRIVERS\purendis.sys
23:17:04.0593 0x0ef4  purendis - ok
23:17:04.0609 0x0ef4  [ B6A1692FC131F1FE5162513D78A9B6FC ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:17:04.0609 0x0ef4  PxHelp20 - ok
23:17:04.0687 0x0ef4  [ D04E7F0671AC569A38525C6F04D96E18 ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
23:17:04.0703 0x0ef4  QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
23:17:04.0703 0x0ef4  QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
23:17:04.0765 0x0ef4  [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService     C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
23:17:04.0765 0x0ef4  QBFCService ( UnsignedFile.Multi.Generic ) - warning
23:17:04.0765 0x0ef4  QBFCService - detected UnsignedFile.Multi.Generic (1)
23:17:04.0843 0x0ef4  [ A0EC711150D3E41539FE0542F7954341 ] QBVSS           C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
23:17:04.0875 0x0ef4  QBVSS ( UnsignedFile.Multi.Generic ) - warning
23:17:04.0875 0x0ef4  QBVSS - detected UnsignedFile.Multi.Generic (1)
23:17:04.0875 0x0ef4  ql1080 - ok
23:17:04.0875 0x0ef4  Ql10wnt - ok
23:17:04.0875 0x0ef4  ql12160 - ok
23:17:04.0875 0x0ef4  ql1240 - ok
23:17:04.0890 0x0ef4  ql1280 - ok
23:17:04.0906 0x0ef4  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:17:04.0984 0x0ef4  RasAcd - ok
23:17:05.0000 0x0ef4  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:17:05.0078 0x0ef4  RasAuto - ok
23:17:05.0093 0x0ef4  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:17:05.0171 0x0ef4  Rasl2tp - ok
23:17:05.0203 0x0ef4  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:17:05.0265 0x0ef4  RasMan - ok
23:17:05.0281 0x0ef4  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:17:05.0343 0x0ef4  RasPppoe - ok
23:17:05.0343 0x0ef4  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
23:17:05.0421 0x0ef4  Raspti - ok
23:17:05.0437 0x0ef4  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:17:05.0500 0x0ef4  Rdbss - ok
23:17:05.0515 0x0ef4  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:17:05.0593 0x0ef4  RDPCDD - ok
23:17:05.0593 0x0ef4  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:17:05.0671 0x0ef4  rdpdr - ok
23:17:05.0703 0x0ef4  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
23:17:05.0734 0x0ef4  RDPWD - ok
23:17:05.0765 0x0ef4  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
23:17:05.0843 0x0ef4  RDSessMgr - ok
23:17:05.0843 0x0ef4  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
23:17:05.0921 0x0ef4  redbook - ok
23:17:05.0953 0x0ef4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:17:06.0031 0x0ef4  RemoteAccess - ok
23:17:06.0062 0x0ef4  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:17:06.0125 0x0ef4  RemoteRegistry - ok
23:17:06.0156 0x0ef4  [ 8B5B8A11306190C6963D3473F052D3C8 ] Revoflt         C:\WINDOWS\system32\DRIVERS\revoflt.sys
23:17:06.0156 0x0ef4  Revoflt - ok
23:17:06.0171 0x0ef4  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
23:17:06.0250 0x0ef4  ROOTMODEM - ok
23:17:06.0265 0x0ef4  [ 9ED13880478F14900A5840FF048D174C ] rpcapd          C:\Program Files\WinPcap\rpcapd.exe
23:17:06.0281 0x0ef4  rpcapd - ok
23:17:06.0281 0x0ef4  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:17:06.0343 0x0ef4  RpcLocator - ok
23:17:06.0375 0x0ef4  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
23:17:06.0390 0x0ef4  RpcSs - ok
23:17:06.0390 0x0ef4  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
23:17:06.0468 0x0ef4  RSVP - ok
23:17:06.0500 0x0ef4  [ F68BDFAB9DC5E516AE38BB64116E6C52 ] RzSynapse       C:\WINDOWS\system32\DRIVERS\RzSynapse.sys
23:17:06.0500 0x0ef4  RzSynapse ( UnsignedFile.Multi.Generic ) - warning
23:17:06.0500 0x0ef4  RzSynapse - detected UnsignedFile.Multi.Generic (1)
23:17:06.0531 0x0ef4  [ EEA2EA2E2E47ECA84A125EDD602D9848 ] rzudd           C:\WINDOWS\system32\DRIVERS\rzudd.sys
23:17:06.0546 0x0ef4  rzudd - ok
23:17:06.0546 0x0ef4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
23:17:06.0625 0x0ef4  SamSs - ok
23:17:06.0671 0x0ef4  [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23:17:06.0671 0x0ef4  SASDIFSV - ok
23:17:06.0687 0x0ef4  [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
23:17:06.0687 0x0ef4  SASKUTIL - ok
23:17:06.0703 0x0ef4  [ B244960E5A1DB8E9D5D17086DE37C1E4 ] sbp2port        C:\WINDOWS\system32\DRIVERS\sbp2port.sys
23:17:06.0765 0x0ef4  sbp2port - ok
23:17:06.0765 0x0ef4  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
23:17:06.0843 0x0ef4  SCardSvr - ok
23:17:06.0859 0x0ef4  [ 612A3D69E603DBBE5C3C1079186A0393 ] SCDEmu          C:\WINDOWS\system32\drivers\SCDEmu.sys
23:17:06.0859 0x0ef4  SCDEmu ( UnsignedFile.Multi.Generic ) - warning
23:17:06.0859 0x0ef4  SCDEmu - detected UnsignedFile.Multi.Generic (1)
23:17:06.0875 0x0ef4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:17:06.0968 0x0ef4  Schedule - ok
23:17:07.0000 0x0ef4  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:17:07.0078 0x0ef4  Secdrv - ok
23:17:07.0109 0x0ef4  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
23:17:07.0187 0x0ef4  seclogon - ok
23:17:07.0218 0x0ef4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
23:17:07.0296 0x0ef4  SENS - ok
23:17:07.0312 0x0ef4  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
23:17:07.0375 0x0ef4  serenum - ok
23:17:07.0390 0x0ef4  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
23:17:07.0453 0x0ef4  Serial - ok
23:17:07.0468 0x0ef4  SetupNTGLM7X - ok
23:17:07.0468 0x0ef4  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
23:17:07.0531 0x0ef4  Sfloppy - ok
23:17:07.0562 0x0ef4  [ 5FE18FFF6FBCF218290042009EAB023D ] sfng32          C:\WINDOWS\system32\drivers\sfng32.sys
23:17:07.0609 0x0ef4  sfng32 - ok
23:17:07.0640 0x0ef4  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:17:07.0718 0x0ef4  SharedAccess - ok
23:17:07.0750 0x0ef4  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:17:07.0765 0x0ef4  ShellHWDetection - ok
23:17:07.0781 0x0ef4  [ 62B429C87ED5D3655B70D574D31B807B ] Si3114r5        C:\WINDOWS\system32\DRIVERS\Si3114r5.sys
23:17:07.0843 0x0ef4  Si3114r5 - ok
23:17:07.0843 0x0ef4  [ 72CF151FB410E544904DBC7D7F29B796 ] SiFilter        C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
23:17:07.0859 0x0ef4  SiFilter - ok
23:17:07.0859 0x0ef4  Simbad - ok
23:17:07.0875 0x0ef4  [ 6FBBA21E5AD173ECAD3144DDFF3A89BF ] SIODRV          C:\WINDOWS\system32\drivers\SIODRV.SYS
23:17:07.0890 0x0ef4  SIODRV ( UnsignedFile.Multi.Generic ) - warning
23:17:07.0890 0x0ef4  SIODRV - detected UnsignedFile.Multi.Generic (1)
23:17:07.0906 0x0ef4  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:17:07.0968 0x0ef4  SLIP - ok
23:17:07.0984 0x0ef4  [ D72A21424CA66C7A745BD995ECA6A710 ] SMBios          C:\WINDOWS\system32\DRIVERS\SMBios.sys
23:17:07.0984 0x0ef4  SMBios ( UnsignedFile.Multi.Generic ) - warning
23:17:08.0000 0x0ef4  SMBios - detected UnsignedFile.Multi.Generic (1)
23:17:08.0031 0x0ef4  [ D0D462BE71D8BEEC04BAB23AE8973DC4 ] smbusp          C:\WINDOWS\system32\DRIVERS\intelsmb.sys
23:17:08.0078 0x0ef4  smbusp - ok
23:17:08.0093 0x0ef4  [ DB3C22745C0DA4666F3BE31F1AF36B2F ] SMTPSVC         C:\WINDOWS\system32\inetsrv\inetinfo.exe
23:17:08.0171 0x0ef4  SMTPSVC - ok
23:17:08.0218 0x0ef4  [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
23:17:08.0281 0x0ef4  SONYPVU1 - ok
23:17:08.0296 0x0ef4  Sparrow - ok
23:17:08.0312 0x0ef4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
23:17:08.0375 0x0ef4  splitter - ok
23:17:08.0390 0x0ef4  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
23:17:08.0421 0x0ef4  Spooler - ok
23:17:08.0437 0x0ef4  [ C4BB8A12843D9CBB65F5FF617F389BBD ] sptd            C:\WINDOWS\system32\Drivers\sptd.sys
23:17:08.0437 0x0ef4  Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: C4BB8A12843D9CBB65F5FF617F389BBD
23:17:08.0437 0x0ef4  sptd ( LockedFile.Multi.Generic ) - warning
23:17:08.0437 0x0ef4  sptd - detected LockedFile.Multi.Generic (1)
23:17:08.0437 0x0ef4  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:17:08.0453 0x0ef4  SQLBrowser - ok
23:17:08.0484 0x0ef4  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:17:08.0500 0x0ef4  SQLWriter - ok
23:17:08.0500 0x0ef4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
23:17:08.0578 0x0ef4  sr - ok
23:17:08.0625 0x0ef4  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
23:17:08.0703 0x0ef4  srservice - ok
23:17:08.0734 0x0ef4  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:17:08.0796 0x0ef4  Srv - ok
23:17:08.0812 0x0ef4  [ 2D4027C46B4C6E45875E3C4BA3F67492 ] sscdbus         C:\WINDOWS\system32\DRIVERS\sscdbus.sys
23:17:08.0859 0x0ef4  sscdbus - ok
23:17:08.0875 0x0ef4  [ F548F1EBA107BC19E91189E6A460BD0E ] sscdmdfl        C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
23:17:08.0937 0x0ef4  sscdmdfl - ok
23:17:08.0953 0x0ef4  [ 71D348D53597379DFE1DE255D70AF13C ] sscdmdm         C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
23:17:08.0968 0x0ef4  sscdmdm - ok
23:17:08.0984 0x0ef4  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:17:09.0062 0x0ef4  SSDPSRV - ok
23:17:09.0078 0x0ef4  [ C5003D42CC88C1F5D54ED9AF28D6ED7B ] STacSV          c:\program files\idt\intelxpv_v103\wdm\STacSV.exe
23:17:09.0140 0x0ef4  STacSV - ok
23:17:09.0140 0x0ef4  [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
23:17:09.0406 0x0ef4  StarOpen ( UnsignedFile.Multi.Generic ) - warning
23:17:09.0406 0x0ef4  StarOpen - detected UnsignedFile.Multi.Generic (1)
23:17:09.0484 0x0ef4  [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23:17:09.0500 0x0ef4  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
23:17:09.0500 0x0ef4  StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
23:17:09.0562 0x0ef4  [ 228519217A88C2F6B0CF8C022E6D669C ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
23:17:09.0656 0x0ef4  STHDA - ok
23:17:09.0687 0x0ef4  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
23:17:09.0781 0x0ef4  stisvc - ok
23:17:09.0796 0x0ef4  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:17:09.0875 0x0ef4  streamip - ok
23:17:09.0890 0x0ef4  [ 46500F183B17D6DE562CDA756E124A83 ] SUSTUCAP        C:\WINDOWS\system32\DRIVERS\sustucap.sys
23:17:10.0015 0x0ef4  SUSTUCAP ( UnsignedFile.Multi.Generic ) - warning
23:17:10.0015 0x0ef4  SUSTUCAP - detected UnsignedFile.Multi.Generic (1)
23:17:10.0031 0x0ef4  [ FD8F5A0087B897D2488B0574FC24A8C1 ] SUSTUCAU        C:\WINDOWS\system32\DRIVERS\sustucau.sys
23:17:10.0140 0x0ef4  SUSTUCAU ( UnsignedFile.Multi.Generic ) - warning
23:17:10.0140 0x0ef4  SUSTUCAU - detected UnsignedFile.Multi.Generic (1)
23:17:10.0187 0x0ef4  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
23:17:10.0265 0x0ef4  swenum - ok
23:17:10.0296 0x0ef4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
23:17:10.0375 0x0ef4  swmidi - ok
23:17:10.0375 0x0ef4  SwPrv - ok
23:17:10.0484 0x0ef4  [ FA2F6A8849219B16460BF44F9D1F3AA7 ] Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
23:17:10.0531 0x0ef4  Symantec Core LC - ok
23:17:10.0531 0x0ef4  Symantec SymSnap VSS Provider - ok
23:17:10.0531 0x0ef4  symc810 - ok
23:17:10.0531 0x0ef4  symc8xx - ok
23:17:10.0562 0x0ef4  [ B226F8A4D780ACDF76145B58BB791D5B ] symlcbrd        C:\WINDOWS\system32\drivers\symlcbrd.sys
23:17:10.0687 0x0ef4  symlcbrd - ok
23:17:10.0703 0x0ef4  [ D3218867AFDF74D7AB76A3911B4544A2 ] symsnap         C:\WINDOWS\system32\DRIVERS\symsnap.sys
23:17:10.0890 0x0ef4  symsnap - ok
23:17:10.0984 0x0ef4  [ E79184F51F3474568011818F08B7195C ] SymSnapService  C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
23:17:11.0031 0x0ef4  SymSnapService - ok
23:17:11.0031 0x0ef4  sym_hi - ok
23:17:11.0046 0x0ef4  sym_u3 - ok
23:17:11.0093 0x0ef4  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
23:17:11.0171 0x0ef4  sysaudio - ok
23:17:11.0203 0x0ef4  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
23:17:11.0281 0x0ef4  SysmonLog - ok
23:17:11.0296 0x0ef4  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:17:11.0375 0x0ef4  TapiSrv - ok
23:17:11.0390 0x0ef4  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:17:11.0421 0x0ef4  Tcpip - ok
23:17:11.0453 0x0ef4  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
23:17:11.0515 0x0ef4  TDPIPE - ok
23:17:11.0546 0x0ef4  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
23:17:11.0640 0x0ef4  TDTCP - ok
23:17:11.0640 0x0ef4  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
23:17:11.0718 0x0ef4  TermDD - ok
23:17:11.0734 0x0ef4  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
23:17:11.0812 0x0ef4  TermService - ok
23:17:11.0828 0x0ef4  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
23:17:11.0843 0x0ef4  Themes - ok
23:17:11.0859 0x0ef4  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
23:17:11.0921 0x0ef4  TlntSvr - ok
23:17:11.0937 0x0ef4  TosIde - ok
23:17:11.0953 0x0ef4  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
23:17:12.0015 0x0ef4  TrkWks - ok
23:17:12.0031 0x0ef4  [ C9DC435873509E3C223E395853B771CA ] truecrypt       C:\WINDOWS\system32\Drivers\truecrypt.sys
23:17:12.0234 0x0ef4  truecrypt ( UnsignedFile.Multi.Generic ) - warning
23:17:12.0234 0x0ef4  truecrypt - detected UnsignedFile.Multi.Generic (1)
23:17:12.0234 0x0ef4  TSP - ok
23:17:12.0265 0x0ef4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
23:17:12.0328 0x0ef4  Udfs - ok
23:17:12.0406 0x0ef4  [ 4BD2C322118A2470B450492A0C3302F9 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
23:17:12.0421 0x0ef4  UleadBurningHelper - ok
23:17:12.0421 0x0ef4  ultra - ok
23:17:12.0468 0x0ef4  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
23:17:12.0546 0x0ef4  Update - ok
23:17:12.0562 0x0ef4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:17:12.0640 0x0ef4  upnphost - ok
23:17:12.0640 0x0ef4  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
23:17:12.0703 0x0ef4  UPS - ok
23:17:12.0734 0x0ef4  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
23:17:13.0000 0x0ef4  USBAAPL - ok
23:17:13.0031 0x0ef4  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
23:17:13.0109 0x0ef4  usbaudio - ok
23:17:13.0109 0x0ef4  usbbus - ok
23:17:13.0140 0x0ef4  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:17:13.0218 0x0ef4  usbccgp - ok
23:17:13.0218 0x0ef4  UsbDiag - ok
23:17:13.0250 0x0ef4  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:17:13.0312 0x0ef4  usbehci - ok
23:17:13.0328 0x0ef4  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:17:13.0406 0x0ef4  usbhub - ok
23:17:13.0406 0x0ef4  USBModem - ok
23:17:13.0437 0x0ef4  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:17:13.0515 0x0ef4  usbscan - ok
23:17:13.0531 0x0ef4  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:17:13.0593 0x0ef4  USBSTOR - ok
23:17:13.0640 0x0ef4  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:17:13.0703 0x0ef4  usbuhci - ok
23:17:13.0781 0x0ef4  [ 9D19B042A4FD5C02195071EA2FE0C821 ] usnjsvc         C:\Program Files\Windows Live\Messenger\usnsvc.exe
23:17:13.0796 0x0ef4  usnjsvc - ok
23:17:13.0812 0x0ef4  [ 1747E022B76BC248795B0AEDECCCF96F ] v2imount        C:\WINDOWS\system32\DRIVERS\v2imount.sys
23:17:14.0031 0x0ef4  v2imount - ok
23:17:14.0031 0x0ef4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
23:17:14.0109 0x0ef4  VgaSave - ok
23:17:14.0109 0x0ef4  ViaIde - ok
23:17:14.0125 0x0ef4  [ E31E9CD40677B84B3ADAA7A0D80DC439 ] vidsflt53       C:\WINDOWS\system32\DRIVERS\vsflt53.sys
23:17:14.0218 0x0ef4  vidsflt53 - ok
23:17:14.0234 0x0ef4  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
23:17:14.0312 0x0ef4  VolSnap - ok
23:17:14.0328 0x0ef4  [ E78781B2C86C92A0A738DF566460F716 ] VProEventMonitor C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys
23:17:14.0468 0x0ef4  VProEventMonitor - ok
23:17:14.0500 0x0ef4  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
23:17:14.0578 0x0ef4  VSS - ok
23:17:14.0593 0x0ef4  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
23:17:14.0656 0x0ef4  W32Time - ok
23:17:14.0671 0x0ef4  [ DB3C22745C0DA4666F3BE31F1AF36B2F ] W3SVC           C:\WINDOWS\system32\inetsrv\inetinfo.exe
23:17:14.0734 0x0ef4  W3SVC - ok
23:17:14.0781 0x0ef4  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:17:14.0843 0x0ef4  Wanarp - ok
23:17:14.0890 0x0ef4  [ 78FAC39D52FD2FC169971986079270DA ] WDBtnMgrSvc.exe C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
23:17:14.0890 0x0ef4  WDBtnMgrSvc.exe ( UnsignedFile.Multi.Generic ) - warning
23:17:14.0890 0x0ef4  WDBtnMgrSvc.exe - detected UnsignedFile.Multi.Generic (1)
23:17:14.0921 0x0ef4  [ 011E8A3E13DD7007353EDBEE4B180B50 ] WDC_SAM         C:\WINDOWS\system32\DRIVERS\wdcsam.sys
23:17:15.0156 0x0ef4  WDC_SAM - ok
23:17:15.0187 0x0ef4  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:17:15.0343 0x0ef4  Wdf01000 - ok
23:17:15.0359 0x0ef4  WDICA - ok
23:17:15.0375 0x0ef4  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
23:17:15.0453 0x0ef4  wdmaud - ok
23:17:15.0500 0x0ef4  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:17:15.0578 0x0ef4  WebClient - ok
23:17:15.0609 0x0ef4  [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr         C:\WINDOWS\system32\DRIVERS\wimfltr.sys
23:17:15.0625 0x0ef4  WimFltr - ok
23:17:15.0703 0x0ef4  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:17:15.0765 0x0ef4  winmgmt - ok
23:17:15.0796 0x0ef4  [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
23:17:15.0921 0x0ef4  WinUSB - ok
23:17:15.0968 0x0ef4  [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc      C:\Program Files\Windows Live\installer\WLSetupSvc.exe
23:17:16.0078 0x0ef4  WLSetupSvc - ok
23:17:16.0109 0x0ef4  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
23:17:16.0234 0x0ef4  WmdmPmSN - ok
23:17:16.0265 0x0ef4  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
23:17:16.0312 0x0ef4  Wmi - ok
23:17:16.0359 0x0ef4  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:17:16.0421 0x0ef4  WmiApSrv - ok
23:17:16.0484 0x0ef4  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
23:17:16.0515 0x0ef4  WMPNetworkSvc - ok
23:17:16.0546 0x0ef4  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
23:17:16.0562 0x0ef4  WpdUsb - ok
23:17:16.0734 0x0ef4  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:17:16.0765 0x0ef4  WPFFontCache_v0400 - ok
23:17:16.0812 0x0ef4  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
23:17:16.0875 0x0ef4  wscsvc - ok
23:17:16.0890 0x0ef4  WSearch - ok
23:17:16.0937 0x0ef4  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:17:17.0015 0x0ef4  WSTCODEC - ok
23:17:17.0031 0x0ef4  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
23:17:17.0140 0x0ef4  wuauserv - ok
23:17:17.0171 0x0ef4  [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:17:17.0531 0x0ef4  WudfPf - ok
23:17:17.0546 0x0ef4  [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:17:17.0828 0x0ef4  WudfRd - ok
23:17:17.0828 0x0ef4  [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
23:17:17.0859 0x0ef4  WudfSvc - ok
23:17:17.0906 0x0ef4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
23:17:17.0984 0x0ef4  WZCSVC - ok
23:17:17.0984 0x0ef4  XENFilt - ok
23:17:18.0015 0x0ef4  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
23:17:18.0093 0x0ef4  xmlprov - ok
23:17:18.0093 0x0ef4  ================ Scan global ===============================
23:17:18.0140 0x0ef4  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:17:18.0171 0x0ef4  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
23:17:18.0250 0x0ef4  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
23:17:18.0281 0x0ef4  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:17:18.0281 0x0ef4  [Global] - ok
23:17:18.0281 0x0ef4  ================ Scan MBR ==================================
23:17:18.0296 0x0ef4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:17:18.0500 0x0ef4  \Device\Harddisk0\DR0 - ok
23:17:18.0500 0x0ef4  [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk1\DR2
23:17:19.0140 0x0ef4  \Device\Harddisk1\DR2 - ok
23:17:19.0140 0x0ef4  ================ Scan VBR ==================================
23:17:19.0140 0x0ef4  [ E0739598126A32F75B5BE4F32E1E774E ] \Device\Harddisk0\DR0\Partition1
23:17:19.0140 0x0ef4  \Device\Harddisk0\DR0\Partition1 - ok
23:17:19.0140 0x0ef4  [ 2A65B0B205291F8F73A3A3DA44597FFC ] \Device\Harddisk1\DR2\Partition1
23:17:19.0140 0x0ef4  \Device\Harddisk1\DR2\Partition1 - ok
23:17:19.0140 0x0ef4  ============================================================
23:17:19.0140 0x0ef4  Scan finished
23:17:19.0140 0x0ef4  ============================================================
23:17:19.0156 0x0e00  Detected object count: 39
23:17:19.0156 0x0e00  Actual detected object count: 39
23:18:05.0734 0x0e00  APC UPS Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  APC UPS Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  BTKRNL ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  BTKRNL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  btwmodem ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  btwmodem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  BTWUSB ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  BTWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  CAILI ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  CAILI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  IduService ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  IduService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  MREMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  MREMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  MRENDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  MRENDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  NetworkX ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  NetworkX ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  nlsvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  nlsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  OneTouch 4.0 Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  OneTouch 4.0 Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  OsaFsLoc ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  OsaFsLoc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  osaio ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  osaio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  PDFProFiltSrvPP ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  PDFProFiltSrvPP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0734 0x0e00  Point32 ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0734 0x0e00  Point32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  QBVSS ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  RzSynapse ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  RzSynapse ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  SIODRV ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  SIODRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  SMBios ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  SMBios ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  sptd ( LockedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  SUSTUCAP ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  SUSTUCAP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  SUSTUCAU ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  SUSTUCAU ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  truecrypt ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  truecrypt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:05.0750 0x0e00  WDBtnMgrSvc.exe ( UnsignedFile.Multi.Generic ) - skipped by user
23:18:05.0750 0x0e00  WDBtnMgrSvc.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:18:08.0765 0x098c  Deinitialize success


# AdwCleaner v3.002 - Report created 05/09/2013 at 23:26:13
# Updated 01/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Ulises - ULISES-DESKTOP
# Running from : C:\Documents and Settings\Ulises\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found C:\Documents and Settings\Ulises\IECompatCache
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Product Found : Google Update Helper
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Documents and Settings\Ulises\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1285 octets] - [05/09/2013 23:18:50]
AdwCleaner[R1].txt - [1345 octets] - [05/09/2013 23:24:10]
AdwCleaner[R2].txt - [1265 octets] - [05/09/2013 23:26:13]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1325 octets] ##########


Farbar Service Scanner Version: 05-09-2013
Ran by Ulises (administrator) on 05-09-2013 at 23:28:25
Running from "C:\Documents and Settings\Ulises\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice service is OK.
 
sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\system32\DRIVERS\sr.sys".
 
 
System Restore Disabled Policy: 
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
PlugPlay Service is not running. Checking service configuration:
The start type of PlugPlay service is set to Disabled. The default start type is Auto.
The ImagePath of PlugPlay service is OK.
 
 
Other Services:
==============
 
 
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
 
Extra List:
=======
Gpc(3) IPSec(5) mfetdi2k(8) NetBT(6) nltdi(10) PSched(7) Tcpip(4) 
0x0A0000000500000001000000020000000300000004000000080000000A000000070000000900000006000000
IpSec Tag value is correct.
 
**** End of log ****


MiniToolBox by Farbar  Version: 13-07-2013
Ran by Ulises (administrator) on 05-09-2013 at 23:29:07
Running from "C:\Documents and Settings\Ulises\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
Error obtaining configuration for interface Local Area Connection 4.
 
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : ulises-desktop
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Broadcast
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : gateway.2wire.net
 
 
 
Ethernet adapter Local Area Connection 4:
 
 
 
        Connection-specific DNS Suffix  . : gateway.2wire.net
 
        Description . . . . . . . . . . . : Intel® PRO/1000 PL Network Connection - McAfee Core NDIS Intermediate Filter Miniport
 
        Physical Address. . . . . . . . . : 00-16-76-88-0B-29
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.2.10
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.2.1
 
        DHCP Server . . . . . . . . . . . : 192.168.2.1
 
        DNS Servers . . . . . . . . . . . : 192.168.2.1
 
                                            192.168.1.254
 
        Lease Obtained. . . . . . . . . . : September 05, 2013 8:21:29 PM
 
        Lease Expires . . . . . . . . . . : September 06, 2013 8:21:29 PM
 
Server:  homeportal
Address:  192.168.1.254
 
Name:    google.com
Addresses:  74.125.227.68, 74.125.227.71, 74.125.227.65, 74.125.227.64
 74.125.227.70, 74.125.227.66, 74.125.227.69, 74.125.227.73, 74.125.227.72
 74.125.227.67, 74.125.227.78
 
 
 
Pinging google.com [74.125.227.72] with 32 bytes of data:
 
 
 
Reply from 74.125.227.72: bytes=32 time=58ms TTL=47
 
Reply from 74.125.227.72: bytes=32 time=55ms TTL=47
 
 
 
Ping statistics for 74.125.227.72:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 55ms, Maximum = 58ms, Average = 56ms
 
Server:  homeportal
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
 
 
Reply from 206.190.36.45: bytes=32 time=171ms TTL=39
 
Reply from 206.190.36.45: bytes=32 time=148ms TTL=39
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 148ms, Maximum = 171ms, Average = 159ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 76 88 0b 29 ...... Intel® PRO/1000 PL Network Connection - McAfee Core NDIS Intermediate Filter Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.10  10
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      169.254.0.0      255.255.0.0     192.168.2.10    192.168.2.10  20
      192.168.2.0    255.255.255.0     192.168.2.10    192.168.2.10  10
     192.168.2.10  255.255.255.255        127.0.0.1       127.0.0.1  10
    192.168.2.255  255.255.255.255     192.168.2.10    192.168.2.10  10
        224.0.0.0        240.0.0.0     192.168.2.10    192.168.2.10  10
  255.255.255.255  255.255.255.255     192.168.2.10    192.168.2.10  1
Default Gateway:       192.168.2.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/05/2013 08:49:36 PM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x80070002).
 
Error: (09/05/2013 08:49:36 PM) (Source: Outlook) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x80070002.
 
Error: (09/05/2013 08:49:25 PM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x80070002).
 
Error: (09/05/2013 08:49:25 PM) (Source: Outlook) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x80070002.
 
Error: (09/05/2013 08:25:56 PM) (Source: COM+) (User: )
Description: The run-time environment was unable to initialize for transactions required to support transactional components. Make sure that MS-DTC is running. (DtcGetTransactionManagerEx(): hr = 0x8004d01b)
 
Error: (09/05/2013 08:25:56 PM) (Source: MSDTC) (User: )
Description: Could not start the MS DTC Transaction Manager.
 
Error: (09/05/2013 08:25:56 PM) (Source: MSDTC) (User: )
Description: MS DTC Transaction Manager start failed. LogInit returned error 0x5.
 
Error: (09/05/2013 08:25:56 PM) (Source: MSDTC) (User: )
Description: MS DTC log file not found. After ensuring that all Resource Managers coordinated by MS DTC have no indoubt transactions, please run msdtc -resetlog to create the log file.
 
Error: (09/05/2013 08:24:57 PM) (Source: Pure Networks Platform Service) (User: )
Description: Service failed to start with error 0x8007042a.
 
Error: (09/05/2013 08:23:55 PM) (Source: MSSQL$SQLEXPRESS) (User: )
Description: FCB::Open failed: Could not open file c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\mastlog.ldf for file number 2.  OS error: 5(Access is denied.).
 
 
System errors:
=============
Error: (09/04/2013 01:54:50 PM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error: 
%%1058
 
Error: (09/04/2013 01:54:46 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: 
%%1068
 
Error: (09/04/2013 01:54:46 PM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error: 
%%1058
 
Error: (09/04/2013 01:54:46 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: 
%%1068
 
Error: (09/04/2013 01:54:46 PM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error: 
%%1058
 
Error: (09/04/2013 01:54:34 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: 
%%1068
 
Error: (09/04/2013 01:54:34 PM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error: 
%%1058
 
Error: (09/04/2013 01:54:08 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: 
%%1068
 
Error: (09/04/2013 01:54:08 PM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error: 
%%1058
 
Error: (09/04/2013 01:54:06 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
Administrative Templates for Windows XP (Version: 1.0.0)
Adobe Acrobat 8 Professional - English, Français, Deutsch (Version: 8.1.6)
Adobe Acrobat 8.1.6 - CPSID_49167
Adobe Acrobat 8.1.6 Professional (Version: 8.1.6)
Adobe Download Manager (Version: 1.6.2.63)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Photoshop Elements 11 (Version: 11.0)
AnswerWorks 4.0 Runtime - English (Version: 4.0.101)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
AnyDVD (Version: 7.0.9.0)
APC PowerChute Personal Edition (Version: 1.4)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AT&T U-verse Setup
Avanquest update (Version: 1.10)
BitComet 1.17 (Version: 1.17)
Bonjour (Version: 3.0.0.10)
Broderbund Business Lawyer 2002
CalyxLoanBridge11 (Version: 1.1)
CCleaner (Version: 4.00)
CDBurnerXP (Version: 4.5.2.4214)
Cisco Network Magic (Version: 5.5.9118.2)
CloneDVD2
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Contents (Version: 1.6.0.272)
Corel VideoStudio Pro X3 (Version: 1.6.2.69)
Creative System Information (Version: 1.10)
Critical Update for Windows Media Player 11 (KB959772)
Curse Client (Version: 5.1.1.792)
CyberSky
Data Lifeguard Diagnostic for Windows 1.24
Debugging Tools for Windows (Version: 6.7.5.1)
Desktop Sidebar (Version: 1.05.116)
DeviceIO (Version: 1.6.0.272)
DVD Ripper Platinum 4 (Version: 4.0.47.0414)
DVD Shrink 3.2
Elements 11 Organizer (Version: 11.0)
Family Tree Maker 2010 (Version: 19.0.180)
Glary Utilities 2.9.0.518
Google Chrome (Version: 29.0.1547.66)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
GSview 5.0 (Version: 5.0)
Guitar Pro 5.2
HHD Software Free Hex Editor Neo 4.41 (Version: 4.41.1.1551)
HiJackThis (Version: 1.0.0)
ICA (Version: 1.6.0.272)
IDT Audio (Version: 1.0.20001.0)
Image Web Server 8.1 IE Plugins (Build:3,4,0,242)
ImTOO DVD Ripper Ultimate (Version: 5.0.50.0403)
ImTOO Video Converter Ultimate (Version: 5.1.37.0120)
Intel Audio Studio 2.0 (Version: 2.00.00083)
Intel Matrix Storage Manager
Intel® Desktop Utilities (Version: 3.0.15)
Intel® Network Connections 16.6.126.0 (Version: 16.6.126.0)
Intel® SMBus
InterVideo DeviceService (Version: 1.0.0)
iPhone Configuration Utility (Version: 2.1.0.163)
IPM_VS_Pro (Version: 13.0)
iTunes (Version: 11.0.5.5)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Lernout & Hauspie TruVoice American English TTS Engine
LightScribe System Software (Version: 1.18.9.1)
LimeWire 5.5.8 (Version: 5.5.8)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
Logitech Audio Echo Cancellation Component (Version: 10.00.1439)
Logitech Video Enumerator (Version: 10.00.1439)
Logitech® Camera Driver
Magic ISO Maker v5.3 (build 0221)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee SecurityCenter (Version: 11.6.511)
Memeo Backup
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft MSDN 2005 Express Edition - ENU
Microsoft MSDN 2005 Express Edition - ENU (Version: 1.16.50727.42)
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SOAP Toolkit 3.0 (Version: 3.0.1325.4)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual FoxPro 9.0 Professional - English
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308)
Microsoft WinUsb 1.0
Microsoft WSE 2.0 SP3 Runtime (Version: 2.0.5050.0)
Microsoft WSE 3.0 (Version: 3.0.5305.0)
Microsoft XML Parser (Version: 8.20.8730.4)
MLE (Version: 1.0.0.23)
Motorola Driver Installation (Version: 2.7.2)
Motorola Phone Tools (Version: 4.0.4b 12-01-2005)
MPEG Encoder 3 (Version: 3.1.6.0519b)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
Mumble 1.2.3 (Version: 1.2.3)
Nero 7 Ultra Edition (Version: 7.00.0177)
NETGEAR HDX111 Configuration Utility
NetLimiter 3 (Version: 3.0.0.11)
Network Magic (Version: 5.5.9195.0)
NOOK for PC (Version: 2.5.2.458)
Norton Ghost (Version: 14.0.5.34587)
Nuance PaperPort 12 (Version: 12.0.0001)
NVIDIA Control Panel 260.99 (Version: 260.99)
NVIDIA Install Application (Version: 2.0.14.0)
NVIDIA nView 135.36 (Version: 135.36)
NVIDIA nView Desktop Manager (Version: 6.14.10.13065)
OJOsoft Total Video Converter (Version: 2.6.8.0616)
Passware Kit 5.5
Password Unmask 2.0
PCDJ Red VRM
PDF2TXT v3.0
PFPortChecker 1.0.39 (Version: 1.0.39)
PKZIP Command Line (Version: 5.00.01)
PKZIP Explorer (Version: 5.01.0096)
PKZIP for Windows (Version: 5.00.01)
PKZIP Plug-In (Version: 1.03.0024)
PKZIP Shared Components (Version: 1.00.0001)
Point (Version: 5.2)
PowerISO
PSE11 STI Installer (Version: 11.0)
Pure Networks Platform (Version: 11.2.09195.1)
PureHD (Version: 1.6.0.272)
QuickBooks (Version: 23.0.4001.2305)
QuickBooks Premier Edition 2009 (Version: 19.0.4005.703)
QuickBooks Premier: Accountant Edition 2003
QuickBooks Pro 2013 (Version: 23.0.4001.2305)
Quicken 2009 (Version: 18.1.1.29)
QuickTime (Version: 7.73.80.64)
Rawr
Razer Anansi Firmware Updater
RealData® Real Estate Calculator, 3.0.01 (Version: 3.0.01)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.88 (Version: 1.88)
Revo Uninstaller Pro 3.0.2 (Version: 3.0.2)
RoboForm 7-9-1-1 (All Users) (Version: 7-9-1-1)
SAMSUNG CDMA Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio (Version: 3.0.0.61013)
Samsung PC Studio (Version: 3.0.0.61106)
Setup (Version: 1.6.0.272)
Setup (Version: 3.06.134)
Share (Version: 1.6.0.272)
Shared C Run-time for x86 (Version: 10.0.0)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.6)
SmartSound Quicktracks Plugin (Version: 3.0.2.7)
Software Update for Web Folders (Version: 9.60.6715.0)
Speccy (Version: 1.22)
SpywareBlaster 4.3 (Version: 4.3.0)
Startup Delayer v2.5 (build 138)
SUPERAntiSpyware (Version: 4.54.1000)
SupportSoft Assisted Service (Version: 15)
SureThing CD Labeler 4 SE
Symantec KB-DocID:2003093015493306 (Version: 1.0.0.1)
System Requirements Lab
System Requirements Lab for Intel (Version: 4.3.16.0)
Task Killer (remove only)
TeamSpeak 3 Client (Version: 3.0.11.1)
The Plain-Language Law Dictionary
Time Zone Data Update Tool for Microsoft Office Outlook (Version: 12.0.4518.1029)
Translation Services Provided by WorldLingo for Microsoft Word
TrueCrypt
Tukui Update Utility (Version: 1.0.0)
TurboTax 2008
TurboTax 2008 WinBizFedFormset (Version: 008.000.0632)
TurboTax 2008 WinBizProgramHelp (Version: 008.000.0164)
TurboTax 2008 WinBizReleaseEngine (Version: 008.000.0175)
TurboTax 2008 WinBizTaxSupport (Version: 008.000.1016)
TurboTax 2008 WinBizUserEducation (Version: 008.000.0426)
TurboTax 2008 WinPerFedFormset (Version: 008.000.0341)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0219)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0197)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.1007)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0433)
TurboTax 2008 wrapper (Version: 008.000.0065)
TurboTax 2009
TurboTax 2009 WinBizFedFormset (Version: 009.000.0777)
TurboTax 2009 WinBizReleaseEngine (Version: 009.000.0225)
TurboTax 2009 WinBizTaxSupport (Version: 009.000.0167)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2881)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0245)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 WinBizFedFormset (Version: 010.000.1695)
TurboTax 2010 WinBizReleaseEngine (Version: 010.000.0287)
TurboTax 2010 WinBizTaxSupport (Version: 010.000.1122)
TurboTax 2010 WinPerFedFormset (Version: 010.000.5821)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0501)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0222)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 warsbpm (Version: 011.000.0333)
TurboTax 2011 wflcbpm (Version: 011.000.0424)
TurboTax 2011 WinBizFedFormset (Version: 011.000.1842)
TurboTax 2011 WinBizReleaseEngine (Version: 011.000.0488)
TurboTax 2011 WinBizTaxSupport (Version: 011.000.1391)
TurboTax 2011 WinPerFedFormset (Version: 011.000.3351)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222)
TurboTax 2011 wokiper (Version: 011.000.1728)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2012 wflcbpm (Version: 012.000.0396)
TurboTax 2012 WinBizFedFormset (Version: 012.000.1394)
TurboTax 2012 WinBizReleaseEngine (Version: 012.000.0473)
TurboTax 2012 WinBizTaxSupport (Version: 012.000.1339)
TurboTax Business 2005
TurboTax Business 2006
TurboTax Business 2007
TurboTax Business 2008
TurboTax Business 2009
TurboTax Business 2011
TurboTax Deluxe 2005
TurboTax Home & Business 2007
TurboTax ItsDeductible 2006 (Version: 10.00.0000)
TurboTax Premier Investments 2006
Tweak-XP Pro 4
UISDMC64W Device Driver
Ulead DVD MovieFactory 5 (Version: 5.0)
Ulead MediaStudio Pro 8.0 (Version: 8.0)
UMVPLStandalone (Version: 10.00.1439)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
USB-IrDA Adapter
VC 9.0 Runtime (Version: 1.0.0)
VC90_CRT_x86 (Version: 1.00.0000)
Ventrilo Client (Version: 3.0.5)
Ventrilo Server (Version: 3.0.3)
VIO (Version: 1.6.0.272)
Visioneer Strobe XP 300 Driver (Version: 4.5.9.1006)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual FoxPro 9.0 Baseline - English (Version: 9.00.2412)
Visual FoxPro 9.0 Professional - English (Version: 9.00.2412)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
VLC media player 1.0.0 (Version: 1.0.0)
VonageTalk 0.9.3 (Version: 0.9.3)
VSClassic (Version: 1.6.0.272)
VSPro (Version: 1.6.0.272)
WD Diagnostics (Version: 1.09.0002)
WD Drive Manager (x86) (Version: 2.62)
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebFldrs XP (Version: 9.50.7523)
WexTech AnswerWorks (Version: 1.00.000)
WinDirStat 1.1.2
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Nokia Modem  (02/15/2007 3.1) (Version: 02/15/2007 3.1)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.5.0540.0)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.5.0530.0)
Windows Internet Explorer 7 (Version: 20061017.133151)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live installer (Version: 12.0.1471.1025)
Windows Live Messenger (Version: 8.5.1302.1018)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows Password Unlocker Enterprise 5.0.0.0
Windows PowerShell™ 1.0 (Version: 2)
Windows Resource Kit Tools - SubInAcl.exe (Version: 5.2.3790.1164)
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol (Version: 28.0.2013.0)
WinPcap 4.0 (Version: 4.0.0.755)
WinRAR archiver
World of Logs Client (4.2)
World of Warcraft (Version: 5.3.0.17128)
WorldUnlock Codes Calculator
XML Paper Specification Shared Components Pack 1.0
YTD Toolbar v7.0 (Version: 7.0)
YTD Video Downloader 3.9.6 (Version: 3.9.6)
Zip Express v 2
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 22%
Total physical RAM: 3324.87 MB
Available physical RAM: 2583.14 MB
Total Pagefile: 5206.78 MB
Available Pagefile: 4183.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.45 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:931.51 GB) (Free:783.81 GB) NTFS
5 Drive j: (My Book) (Fixed) (Total:931.51 GB) (Free:311.14 GB) NTFS
6 Drive v: (Volume_1) (Network) (Total:914.43 GB) (Free:589.03 GB) NTFS
7 Drive w: (Software) (Network) (Total:914.43 GB) (Free:589.03 GB) NTFS
8 Drive x: (Docz) (Network) (Total:914.43 GB) (Free:589.03 GB) NTFS
9 Drive y: (Pictures) (Network) (Total:914.43 GB) (Free:589.03 GB) NTFS
10 Drive z: (Music) (Network) (Total:914.43 GB) (Free:589.03 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ULISES-DESKTOP
 
Administrator            AirPrint                 ASPNET                   
Guest                    HelpAssistant            IUSR_ULISES-DESKTOP      
IWAM_ULISES-DESKTOP      SUPPORT_388945a0         Ulises                   
 
========================= Minidump Files ==================================
 
C:\WINDOWS\Minidump\Mini041813-01.dmp
C:\WINDOWS\Minidump\Mini090313-01.dmp
C:\WINDOWS\Minidump\Mini090313-02.dmp
C:\WINDOWS\Minidump\Mini090313-03.dmp
C:\WINDOWS\Minidump\Mini090313-04.dmp
========================= Restore Points ==================================
 
 
**** End of log ****


#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:47 PM

Posted 06 September 2013 - 05:03 AM

H. I'm away until tuesday GMT. I will not have access to a computer in this time, but will occasionally use mobile where I can.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 ulyv

ulyv
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 PM

Posted 06 September 2013 - 05:19 PM

Ok no problem. just please get back with me when you can or If there is someone else that can help me out in the meantime that will also work.

 

Thanks



#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:47 PM

Posted 09 September 2013 - 02:11 PM

Hi

 

Please do the following next:

 

:step1:

 

Going over your logs I noticed that you have BitComet installed.

 

  • Avoid peer-to-peer (P2P) file sharing programs.

  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.

  • P2p programs share a directory or set of directories on your computer to the world. Anyone can type in a search, and potentially download something from your computer. This makes the machine an open web server -- massively increasing the attack surface of the machine.

  • To reduce the risk of infection avoid using any P2P applications.

     


It is pretty much certain that if you continue to use P2P programs, you will get infected again.

I would recommend that you uninstall BitComet, however that choice is up to you.

 

If you choose to remove these programs, you can do so via:

 

  • Click the StartBtn.gif button.

  • Click Control Panel then Add/Remove Programs.

     

     


If you wish to keep it, please do not use it until your computer is cleaned.

 

 

:step2:

 

  • Launch Malwarebytes' Anti-Malware (MBAM)

  • Click on the tab update, then click Check for Updates

  • If an update is found, it will download and install the latest version.

  • Then on the Scanner tab select Perform full scan, then click Scan.

  • When the scan is complete, click OK, then Show Results to view the results.

  • Be sure that everything is checked, and click Remove Selected.

  • When completed, a log will open in Notepad.

  • Post the full contents of the log in your next reply.

     


Note: Be sure to restart the computer.

 

The log can also be found here:

C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt

 

 

:step3:

 

I'd like us to scan your machine with ESET Online Scanner:

 

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

 

Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.

     


  • Click the esetonlinebtn.png button.

     


  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

     

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.

       


    • Double click on the esetsmartinstaller_enu.png

      icon on your desktop.

       



  • Check "YES, I accept the Terms of Use."

  • Click the Start button.

  • Accept any security warnings from your browser.

  • Under scan settings, check "Scan Archives" and "Remove found threats"

  • Click Advanced settings and select the following:

     

    • Scan potentially unwanted applications

    • Scan for potentially unsafe applications

    • Enable Anti-Stealth technology


  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

  • When the scan completes, click List Threats

  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

  • On ESET: Click the Back button, then the Finish button.

     


Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

 

 

:step4:

  • Please close all open programs and internet browsers.

  • Double click on adwcleaner.exe to run the tool.

  • Click on Clean.

  • Confirm each time with Ok.

  • You will be prompted to restart your computer. A text file will open after the restart.

  • Please post the contents of that logfile with your next reply.

  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 ulyv

ulyv
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 PM

Posted 10 September 2013 - 12:48 AM

Here are the 3 logs.

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.09.10
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Ulises :: ULISES-DESKTOP [administrator]
 
Protection: Enabled
 
09/09/13 8:04:27 PM
mbam-log-2013-09-09 (20-04-27).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 515665
Time elapsed: 2 hour(s), 2 minute(s), 44 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


C:\Documents and Settings\All Users\Application Data\YTD YouTube Downloader & Converter\ytd_installer.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Program Files\LimeWire\.NetworkShare\LimeWireWin5.5.8.exe multiple threats cleaned by deleting - quarantined
C:\WINDOWS\Installer\d4174.msi probably a variant of Win32/Toolbar.Widgi application deleted - quarantined


# AdwCleaner v3.003 - Report created 10/09/2013 at 01:35:03
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Ulises - ULISES-DESKTOP
# Running from : C:\My Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Documents and Settings\Ulises\IECompatCache
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKCU\Software\YahooPartnerToolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Documents and Settings\Ulises\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1285 octets] - [05/09/2013 23:18:50]
AdwCleaner[R1].txt - [1345 octets] - [05/09/2013 23:24:10]
AdwCleaner[R2].txt - [1405 octets] - [05/09/2013 23:26:13]
AdwCleaner[R3].txt - [1318 octets] - [10/09/2013 01:33:25]
AdwCleaner[S0].txt - [1249 octets] - [10/09/2013 01:35:04]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1309 octets] ##########


#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:47 PM

Posted 10 September 2013 - 07:04 PM

Hi. How is the computer running now?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 ulyv

ulyv
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 PM

Posted 10 September 2013 - 10:37 PM

I restarted the Plug and Play service and I am getting the same results. The CPU is running at 100% which is causing the system to run very slow.



#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:47 PM

Posted 11 September 2013 - 09:35 AM

Please read and try the below:

 

How To Use Event Viewer - http://www.bleepingcomputer.com/forums/topic40108.html

www.eventid.net is a good site for specific info reported by computer users on EV errors.

Start/Run...type services.msc and hit Enter. Disable the PnP service there. Leave it disabled until you finish reading up on how to use Event Viewer to get some clues.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#13 ulyv

ulyv
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 PM

Posted 11 September 2013 - 09:58 AM

So the system is not infected ? 



#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:47 PM

Posted 11 September 2013 - 10:06 AM

Hi the system had some malware on it which was removed. There may be more malware that the tools haven't seen. Please follow my instructions in my previous post - this will help us troubleshoot the issue.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 ulyv

ulyv
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 PM

Posted 11 September 2013 - 12:19 PM

Well, when I re-enabled plug and play services the system hung up at the log in screen and deactivated my keyboard. I had to boot into safe mode in order to use the system. When I disable it, the system works fine. Some of the errors I am getting the the event Viewer are because the PnP service is not running. I do not see anything specifically related to PnP service.

 

Please Advise 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users