kgej_73 Posted March 13, 2013 ID:656509 Share Posted March 13, 2013 Hi!I recently did a factory reset on my computer, which is running Windows XP Media Center Edition. While I was catching up on my windows updates, one of the updates was called Malicious Software Removal Tool. It ran a scan on my computer and found a virus called Trojan:DOS/Alureon.K and partially deleted it, saying that manual deletion was still needed.I have tried running a scan using both Malwarebytes and Vipre Antivirus and neither of them have been able to find any trace of the leftover virus. I also do not have any symptoms of the virus.I disabled both Malwarebytes and Vipre, tried to run the dds script, and got the blue screen of death. I'm not sure what my next step should be from here.Any help would be appreciated, thank you! Link to post Share on other sites More sharing options...
Tomk1 Posted March 18, 2013 ID:658347 Share Posted March 18, 2013 Hi kgej_73,,Welcome to Malwarebytes ForumMy name is Tomk1. I would be glad to take a look at your log and help you with solving any malware problems. HijackThis logs can take a while to research, so please be patient and I'd be grateful if you would note the following: I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.The fixes are specific to your problem and should only be used for the issues on this machine.Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.It's often worth reading through these instructions and printing them for ease of reference.If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.Please reply to this thread. Do not start a new topic.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, feel free to create a new one.Let's give this tool a try:Download the latest version of TDSSKiller from here and save it to your Desktop. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.Click the Start Scan button.If a suspicious object is detected, the default action will be Skip, click on Continue.If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply. Link to post Share on other sites More sharing options...
kgej_73 Posted March 20, 2013 Author ID:659228 Share Posted March 20, 2013 Here is my log. Cure was not an option for me so I chose Skip instead.19:29:00.0109 3148 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:4219:29:00.0984 3148 ============================================================19:29:00.0984 3148 Current date / time: 2013/03/20 19:29:00.098419:29:00.0984 3148 SystemInfo:19:29:00.0984 3148 19:29:00.0984 3148 OS Version: 5.1.2600 ServicePack: 3.019:29:00.0984 3148 Product type: Workstation19:29:00.0984 3148 ComputerName: MAIN_COMPUTER19:29:00.0984 3148 UserName: Glenn19:29:00.0984 3148 Windows directory: C:\WINDOWS19:29:00.0984 3148 System windows directory: C:\WINDOWS19:29:00.0984 3148 Processor architecture: Intel x8619:29:00.0984 3148 Number of processors: 219:29:00.0984 3148 Page size: 0x100019:29:00.0984 3148 Boot type: Normal boot19:29:00.0984 3148 ============================================================19:29:01.0656 3148 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005019:29:01.0656 3148 ============================================================19:29:01.0656 3148 \Device\Harddisk0\DR0:19:29:01.0656 3148 MBR partitions:19:29:01.0656 3148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x120A4B9819:29:01.0656 3148 ============================================================19:29:01.0703 3148 C: <-> \Device\Harddisk0\DR0\Partition119:29:01.0703 3148 ============================================================19:29:01.0703 3148 Initialize success19:29:01.0703 3148 ============================================================19:30:34.0609 4080 ============================================================19:30:34.0609 4080 Scan started19:30:34.0609 4080 Mode: Manual; SigCheck; TDLFS;19:30:34.0609 4080 ============================================================19:30:34.0703 4080 ================ Scan system memory ========================19:30:34.0703 4080 System memory - ok19:30:34.0703 4080 ================ Scan services =============================19:30:34.0781 4080 Abiosdsk - ok19:30:34.0828 4080 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS19:30:36.0468 4080 abp480n5 - ok19:30:36.0515 4080 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys19:30:36.0718 4080 ACPI - ok19:30:36.0750 4080 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys19:30:36.0875 4080 ACPIEC - ok19:30:36.0906 4080 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys19:30:37.0078 4080 adpu160m - ok19:30:37.0093 4080 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys19:30:37.0234 4080 aec - ok19:30:37.0281 4080 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys19:30:37.0328 4080 AFD - ok19:30:37.0343 4080 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys19:30:37.0500 4080 agp440 - ok19:30:37.0500 4080 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys19:30:37.0640 4080 agpCPQ - ok19:30:37.0640 4080 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys19:30:37.0718 4080 Aha154x - ok19:30:37.0718 4080 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys19:30:37.0859 4080 aic78u2 - ok19:30:37.0859 4080 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys19:30:38.0015 4080 aic78xx - ok19:30:38.0046 4080 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll19:30:38.0203 4080 Alerter - ok19:30:38.0218 4080 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe19:30:38.0375 4080 ALG - ok19:30:38.0406 4080 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys19:30:38.0546 4080 AliIde - ok19:30:38.0562 4080 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys19:30:38.0703 4080 alim1541 - ok19:30:38.0718 4080 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys19:30:38.0875 4080 amdagp - ok19:30:38.0875 4080 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys19:30:38.0953 4080 amsint - ok19:30:39.0062 4080 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe19:30:39.0093 4080 Apple Mobile Device - ok19:30:39.0125 4080 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll19:30:39.0312 4080 AppMgmt - ok19:30:39.0343 4080 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys19:30:39.0484 4080 Arp1394 - ok19:30:39.0515 4080 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys19:30:39.0656 4080 asc - ok19:30:39.0656 4080 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys19:30:39.0750 4080 asc3350p - ok19:30:39.0750 4080 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys19:30:39.0890 4080 asc3550 - ok19:30:39.0921 4080 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys19:30:39.0921 4080 ASCTRM ( UnsignedFile.Multi.Generic ) - warning19:30:39.0921 4080 ASCTRM - detected UnsignedFile.Multi.Generic (1)19:30:40.0046 4080 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe19:30:40.0078 4080 aspnet_state - ok19:30:40.0078 4080 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys19:30:40.0265 4080 AsyncMac - ok19:30:40.0281 4080 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys19:30:40.0421 4080 atapi - ok19:30:40.0437 4080 Atdisk - ok19:30:40.0484 4080 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys19:30:40.0640 4080 Atmarpc - ok19:30:40.0671 4080 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll19:30:40.0812 4080 AudioSrv - ok19:30:40.0843 4080 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys19:30:40.0984 4080 audstub - ok19:30:41.0015 4080 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys19:30:41.0156 4080 Beep - ok19:30:41.0203 4080 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll19:30:41.0406 4080 BITS - ok19:30:41.0453 4080 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe19:30:41.0484 4080 Bonjour Service - ok19:30:41.0531 4080 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll19:30:41.0593 4080 Browser - ok19:30:41.0593 4080 bvrp_pci - ok19:30:41.0625 4080 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys19:30:41.0765 4080 cbidf - ok19:30:41.0765 4080 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys19:30:41.0906 4080 cbidf2k - ok19:30:41.0921 4080 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys19:30:42.0000 4080 cd20xrnt - ok19:30:42.0031 4080 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys19:30:42.0171 4080 Cdaudio - ok19:30:42.0187 4080 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys19:30:42.0375 4080 Cdfs - ok19:30:42.0406 4080 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys19:30:42.0546 4080 Cdrom - ok19:30:42.0546 4080 Changer - ok19:30:42.0578 4080 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe19:30:42.0734 4080 CiSvc - ok19:30:42.0765 4080 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe19:30:42.0937 4080 ClipSrv - ok19:30:42.0968 4080 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe19:30:43.0031 4080 clr_optimization_v2.0.50727_32 - ok19:30:43.0062 4080 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys19:30:43.0203 4080 CmdIde - ok19:30:43.0234 4080 [ 1EF05B641E9A67DED74AC8AD40055DBF ] COMMONFX.DLL C:\WINDOWS\system32\COMMONFX.DLL19:30:43.0296 4080 COMMONFX.DLL - ok19:30:43.0296 4080 COMSysApp - ok19:30:43.0343 4080 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys19:30:43.0500 4080 Cpqarray - ok19:30:43.0531 4080 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE19:30:43.0562 4080 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning19:30:43.0562 4080 Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)19:30:43.0593 4080 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll19:30:43.0718 4080 CryptSvc - ok19:30:43.0750 4080 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL19:30:44.0015 4080 CT20XUT.DLL - ok19:30:44.0078 4080 [ 8AC5F77E30E37D2D11BD99EFF0C53D8C ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys19:30:44.0125 4080 ctac32k - ok19:30:44.0171 4080 [ 673241D314E932F4890509AE8EBF26DB ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys19:30:44.0218 4080 ctaud2k - ok19:30:44.0250 4080 [ 472B82D7E549E7FAB428852E4D16F21D ] CTAUDFX.DLL C:\WINDOWS\system32\CTAUDFX.DLL19:30:44.0437 4080 CTAUDFX.DLL - ok19:30:44.0484 4080 [ ED316D4C3D39C5B6C23DE067E275C183 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys19:30:44.0531 4080 ctdvda2k - ok19:30:44.0562 4080 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL19:30:44.0687 4080 CTEAPSFX.DLL - ok19:30:44.0703 4080 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL19:30:44.0859 4080 CTEDSPFX.DLL - ok19:30:44.0890 4080 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL19:30:45.0421 4080 CTEDSPIO.DLL - ok19:30:45.0437 4080 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL19:30:45.0593 4080 CTEDSPSY.DLL - ok19:30:45.0625 4080 [ D3FBD9983325435B06795F29CB57ED3D ] CTERFXFX.DLL C:\WINDOWS\system32\CTERFXFX.DLL19:30:45.0750 4080 CTERFXFX.DLL - ok19:30:45.0828 4080 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL19:30:46.0421 4080 CTEXFIFX.DLL - ok19:30:46.0468 4080 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL19:30:46.0609 4080 CTHWIUT.DLL - ok19:30:46.0625 4080 [ 34E7F8A499FD8361DF14FEDB724C0AD3 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys19:30:46.0640 4080 ctprxy2k - ok19:30:46.0671 4080 [ 679AE21EB7F48A08184813AEBABDEC7C ] CTSBLFX.DLL C:\WINDOWS\system32\CTSBLFX.DLL19:30:47.0203 4080 CTSBLFX.DLL - ok19:30:47.0218 4080 [ 32098497CB4DFE9EA7660FA62DD91060 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys19:30:47.0265 4080 ctsfm2k - ok19:30:47.0296 4080 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys19:30:47.0453 4080 dac2w2k - ok19:30:47.0468 4080 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys19:30:47.0609 4080 dac960nt - ok19:30:47.0656 4080 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll19:30:47.0718 4080 DcomLaunch - ok19:30:47.0765 4080 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll19:30:47.0906 4080 Dhcp - ok19:30:47.0921 4080 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys19:30:48.0046 4080 Disk - ok19:30:48.0093 4080 [ E2D0DE31442390C35E3163C87CB6A9EB ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS19:30:48.0125 4080 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning19:30:48.0125 4080 DLABOIOM - detected UnsignedFile.Multi.Generic (1)19:30:48.0140 4080 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS19:30:48.0171 4080 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning19:30:48.0171 4080 DLACDBHM - detected UnsignedFile.Multi.Generic (1)19:30:48.0187 4080 [ 83545593E297F50A8E2524B4C071A153 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS19:30:48.0203 4080 DLADResN ( UnsignedFile.Multi.Generic ) - warning19:30:48.0203 4080 DLADResN - detected UnsignedFile.Multi.Generic (1)19:30:48.0203 4080 [ 96E01D901CDC98C7817155CC057001BF ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS19:30:48.0234 4080 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning19:30:48.0234 4080 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)19:30:48.0234 4080 [ 0A60A39CC5E767980A31CA5D7238DFA9 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS19:30:48.0234 4080 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning19:30:48.0234 4080 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)19:30:48.0250 4080 [ 9FE2B72558FC808357F427FD83314375 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS19:30:48.0265 4080 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning19:30:48.0265 4080 DLAPoolM - detected UnsignedFile.Multi.Generic (1)19:30:48.0265 4080 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS19:30:48.0265 4080 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning19:30:48.0265 4080 DLARTL_N - detected UnsignedFile.Multi.Generic (1)19:30:48.0281 4080 [ F08E1DAFAC457893399E03430A6A1397 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS19:30:48.0296 4080 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning19:30:48.0296 4080 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)19:30:48.0296 4080 [ E7D105ED1E694449D444A9933DF8E060 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS19:30:48.0312 4080 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning19:30:48.0312 4080 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)19:30:48.0312 4080 dmadmin - ok19:30:48.0406 4080 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys19:30:48.0609 4080 dmboot - ok19:30:48.0609 4080 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys19:30:48.0765 4080 dmio - ok19:30:48.0781 4080 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys19:30:48.0921 4080 dmload - ok19:30:48.0968 4080 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll19:30:49.0125 4080 dmserver - ok19:30:49.0156 4080 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys19:30:49.0296 4080 DMusic - ok19:30:49.0328 4080 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll19:30:49.0406 4080 Dnscache - ok19:30:49.0437 4080 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll19:30:49.0578 4080 Dot3svc - ok19:30:49.0609 4080 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys19:30:49.0750 4080 dpti2o - ok19:30:49.0765 4080 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys19:30:49.0890 4080 drmkaud - ok19:30:50.0000 4080 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS19:30:50.0015 4080 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning19:30:50.0015 4080 DRVMCDB - detected UnsignedFile.Multi.Generic (1)19:30:50.0031 4080 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS19:30:50.0046 4080 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning19:30:50.0046 4080 DRVNDDM - detected UnsignedFile.Multi.Generic (1)19:30:50.0062 4080 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys19:30:50.0234 4080 E100B - ok19:30:50.0265 4080 [ 0849EACDC01487573ADD86F5E470806C ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys19:30:50.0343 4080 e1express - ok19:30:50.0406 4080 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll19:30:50.0546 4080 EapHost - ok19:30:50.0593 4080 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe19:30:50.0656 4080 ehRecvr - ok19:30:50.0703 4080 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe19:30:50.0734 4080 ehSched - ok19:30:50.0781 4080 [ 1976FEDF6D7F87135C9B7F5CB4C8C868 ] ELacpi C:\WINDOWS\system32\DRIVERS\ELacpi.sys19:30:50.0843 4080 ELacpi - ok19:30:50.0875 4080 [ AE65C02444907966378454138B9F99F0 ] ELhid C:\WINDOWS\system32\DRIVERS\ELhid.sys19:30:50.0906 4080 ELhid ( UnsignedFile.Multi.Generic ) - warning19:30:50.0906 4080 ELhid - detected UnsignedFile.Multi.Generic (1)19:30:50.0906 4080 [ E485C3BA1DADDEEF3E14FEA1E8FDA6E1 ] ELkbd C:\WINDOWS\system32\DRIVERS\ELkbd.sys19:30:50.0921 4080 ELkbd ( UnsignedFile.Multi.Generic ) - warning19:30:50.0921 4080 ELkbd - detected UnsignedFile.Multi.Generic (1)19:30:50.0921 4080 [ 0D87CB825ED6CB2EBCC147A10A42F1D6 ] ELmon C:\WINDOWS\system32\DRIVERS\ELmon.sys19:30:50.0937 4080 ELmon ( UnsignedFile.Multi.Generic ) - warning19:30:50.0937 4080 ELmon - detected UnsignedFile.Multi.Generic (1)19:30:50.0937 4080 [ A4ADD3847B67BACAB6FC851A2B60FDB3 ] ELmou C:\WINDOWS\system32\DRIVERS\ELmou.sys19:30:50.0953 4080 ELmou ( UnsignedFile.Multi.Generic ) - warning19:30:50.0953 4080 ELmou - detected UnsignedFile.Multi.Generic (1)19:30:51.0046 4080 [ D1DE16926C682DCD3D99AE5500CA5522 ] ELService C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe19:30:51.0078 4080 ELService ( UnsignedFile.Multi.Generic ) - warning19:30:51.0078 4080 ELService - detected UnsignedFile.Multi.Generic (1)19:30:51.0093 4080 [ 2885F72D2DAFFD0329272F12E16D6579 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys19:30:51.0109 4080 emupia - ok19:30:51.0156 4080 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll19:30:51.0296 4080 ERSvc - ok19:30:51.0328 4080 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe19:30:51.0359 4080 Eventlog - ok19:30:51.0375 4080 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll19:30:51.0421 4080 EventSystem - ok19:30:51.0453 4080 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys19:30:51.0593 4080 Fastfat - ok19:30:51.0625 4080 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll19:30:51.0687 4080 FastUserSwitchingCompatibility - ok19:30:51.0734 4080 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe19:30:51.0875 4080 Fax - ok19:30:51.0890 4080 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys19:30:52.0046 4080 Fdc - ok19:30:52.0062 4080 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys19:30:52.0203 4080 Fips - ok19:30:52.0218 4080 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys19:30:52.0375 4080 Flpydisk - ok19:30:52.0406 4080 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys19:30:52.0546 4080 FltMgr - ok19:30:52.0640 4080 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe19:30:52.0671 4080 FontCache3.0.0.0 - ok19:30:52.0687 4080 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys19:30:52.0843 4080 Fs_Rec - ok19:30:52.0859 4080 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys19:30:53.0015 4080 Ftdisk - ok19:30:53.0046 4080 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys19:30:53.0187 4080 gameenum - ok19:30:53.0218 4080 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys19:30:53.0234 4080 GEARAspiWDM - ok19:30:53.0281 4080 [ 1BFABBB4C99E1FDBC7B756BE39868D03 ] gfiark C:\WINDOWS\system32\drivers\gfiark.sys19:30:53.0296 4080 gfiark - ok19:30:53.0312 4080 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys19:30:53.0484 4080 Gpc - ok19:30:53.0531 4080 [ DA2C735B66D2E7B739F9A46146581A9D ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys19:30:53.0593 4080 ha10kx2k - ok19:30:53.0609 4080 [ 5C7D6D68796E4621B4168C879908DAE0 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys19:30:53.0640 4080 hap16v2k - ok19:30:53.0671 4080 [ A595B88AD16D8B5693DDF08113CAF30E ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys19:30:53.0703 4080 hap17v2k - ok19:30:53.0765 4080 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll19:30:53.0906 4080 helpsvc - ok19:30:53.0906 4080 HidServ - ok19:30:53.0937 4080 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys19:30:54.0078 4080 HidUsb - ok19:30:54.0093 4080 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll19:30:54.0250 4080 hkmsvc - ok19:30:54.0281 4080 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys19:30:54.0406 4080 hpn - ok19:30:54.0437 4080 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys19:30:54.0500 4080 HSFHWBS2 - ok19:30:54.0531 4080 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys19:30:54.0609 4080 HSF_DP - ok19:30:54.0640 4080 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys19:30:54.0703 4080 HTTP - ok19:30:54.0734 4080 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll19:30:54.0890 4080 HTTPFilter - ok19:30:54.0906 4080 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys19:30:55.0031 4080 i2omgmt - ok19:30:55.0062 4080 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys19:30:55.0203 4080 i2omp - ok19:30:55.0203 4080 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys19:30:55.0343 4080 i8042prt - ok19:30:55.0406 4080 [ D43E91E271C041BB86A6223462A41D28 ] IAANTMon C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe19:30:55.0406 4080 IAANTMon ( UnsignedFile.Multi.Generic ) - warning19:30:55.0406 4080 IAANTMon - detected UnsignedFile.Multi.Generic (1)19:30:55.0484 4080 [ 9A65E42664D1534B68512CAAD0EFE963 ] iastor C:\WINDOWS\system32\drivers\iastor.sys19:30:55.0578 4080 iastor - ok19:30:55.0734 4080 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe19:30:55.0781 4080 idsvc - ok19:30:55.0812 4080 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys19:30:55.0953 4080 Imapi - ok19:30:55.0984 4080 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe19:30:56.0125 4080 ImapiService - ok19:30:56.0156 4080 [ 1DA147ACB525A4822228BE06154C7CBB ] InCDfs C:\WINDOWS\system32\drivers\InCDFs.sys19:30:56.0187 4080 InCDfs - ok19:30:56.0203 4080 [ 2EC469A401AE6FE7A67D80EFFD3091B1 ] InCDPass C:\WINDOWS\system32\drivers\InCDPass.sys19:30:56.0234 4080 InCDPass - ok19:30:56.0234 4080 [ 544498D06B8CA187A5960B4F3B4BD63E ] InCDRec C:\WINDOWS\system32\drivers\InCDRec.sys19:30:56.0265 4080 InCDRec - ok19:30:56.0265 4080 [ 2863A00B0F64D937F0CD9561C53B5A37 ] incdrm C:\WINDOWS\system32\drivers\InCDRm.sys19:30:56.0296 4080 incdrm - ok19:30:56.0406 4080 [ CA32EA0F5FC2A36CA44AD7238F18C248 ] InCDsrv C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe19:30:56.0546 4080 InCDsrv - ok19:30:56.0578 4080 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys19:30:56.0718 4080 ini910u - ok19:30:56.0750 4080 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys19:30:56.0890 4080 IntelIde - ok19:30:56.0937 4080 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys19:30:57.0078 4080 intelppm - ok19:30:57.0093 4080 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys19:30:57.0234 4080 Ip6Fw - ok19:30:57.0281 4080 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys19:30:57.0421 4080 IpFilterDriver - ok19:30:57.0468 4080 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys19:30:57.0609 4080 IpInIp - ok19:30:57.0656 4080 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys19:30:57.0781 4080 IpNat - ok19:30:57.0828 4080 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe19:30:57.0859 4080 iPod Service - ok19:30:57.0890 4080 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys19:30:58.0031 4080 IPSec - ok19:30:58.0046 4080 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys19:30:58.0171 4080 IRENUM - ok19:30:58.0218 4080 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys19:30:58.0359 4080 isapnp - ok19:30:58.0468 4080 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe19:30:58.0484 4080 JavaQuickStarterService - ok19:30:58.0500 4080 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys19:30:58.0640 4080 Kbdclass - ok19:30:58.0656 4080 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys19:30:58.0781 4080 kbdhid - ok19:30:58.0796 4080 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys19:30:58.0953 4080 kmixer - ok19:30:59.0000 4080 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys19:30:59.0093 4080 KSecDD - ok19:30:59.0140 4080 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll19:30:59.0203 4080 lanmanserver - ok19:30:59.0234 4080 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll19:30:59.0281 4080 lanmanworkstation - ok19:30:59.0296 4080 lbrtfdc - ok19:30:59.0343 4080 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll19:30:59.0468 4080 LmHosts - ok19:30:59.0500 4080 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys19:30:59.0531 4080 MBAMProtector - ok19:30:59.0578 4080 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe19:30:59.0609 4080 MBAMScheduler - ok19:30:59.0671 4080 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe19:30:59.0750 4080 MBAMService - ok19:30:59.0781 4080 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe19:30:59.0828 4080 McrdSvc - ok19:30:59.0890 4080 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE19:30:59.0921 4080 MDM - ok19:30:59.0937 4080 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys19:30:59.0984 4080 mdmxsdk - ok19:31:00.0015 4080 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll19:31:00.0171 4080 Messenger - ok19:31:00.0203 4080 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll19:31:00.0234 4080 MHN ( UnsignedFile.Multi.Generic ) - warning19:31:00.0234 4080 MHN - detected UnsignedFile.Multi.Generic (1)19:31:00.0250 4080 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys19:31:00.0265 4080 MHNDRV ( UnsignedFile.Multi.Generic ) - warning19:31:00.0265 4080 MHNDRV - detected UnsignedFile.Multi.Generic (1)19:31:00.0281 4080 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys19:31:00.0421 4080 mnmdd - ok19:31:00.0453 4080 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe19:31:00.0609 4080 mnmsrvc - ok19:31:00.0625 4080 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys19:31:00.0750 4080 Modem - ok19:31:00.0781 4080 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys19:31:00.0953 4080 MODEMCSA - ok19:31:00.0984 4080 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys19:31:01.0109 4080 Mouclass - ok19:31:01.0140 4080 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys19:31:01.0296 4080 mouhid - ok19:31:01.0312 4080 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys19:31:01.0453 4080 MountMgr - ok19:31:01.0468 4080 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys19:31:01.0625 4080 mraid35x - ok19:31:01.0640 4080 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys19:31:01.0765 4080 MRxDAV - ok19:31:01.0812 4080 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys19:31:01.0921 4080 MRxSmb - ok19:31:01.0968 4080 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe19:31:02.0093 4080 MSDTC - ok19:31:02.0109 4080 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys19:31:02.0250 4080 Msfs - ok19:31:02.0265 4080 MSIServer - ok19:31:02.0281 4080 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys19:31:02.0453 4080 MSKSSRV - ok19:31:02.0468 4080 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys19:31:02.0609 4080 MSPCLOCK - ok19:31:02.0640 4080 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys19:31:02.0796 4080 MSPQM - ok19:31:02.0812 4080 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys19:31:02.0937 4080 mssmbios - ok19:31:02.0968 4080 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys19:31:03.0015 4080 Mup - ok19:31:03.0078 4080 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll19:31:03.0234 4080 napagent - ok19:31:03.0265 4080 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys19:31:03.0406 4080 NDIS - ok19:31:03.0453 4080 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys19:31:03.0515 4080 NdisTapi - ok19:31:03.0546 4080 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys19:31:03.0687 4080 Ndisuio - ok19:31:03.0687 4080 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys19:31:03.0828 4080 NdisWan - ok19:31:03.0859 4080 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys19:31:03.0906 4080 NDProxy - ok19:31:03.0937 4080 [ A8960FA773CCC3E38515F637E19A76C0 ] NeroRegInCDSrv C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe19:31:03.0968 4080 NeroRegInCDSrv - ok19:31:04.0000 4080 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys19:31:04.0125 4080 NetBIOS - ok19:31:04.0156 4080 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys19:31:04.0312 4080 NetBT - ok19:31:04.0375 4080 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe19:31:04.0515 4080 NetDDE - ok19:31:04.0531 4080 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe19:31:04.0656 4080 NetDDEdsdm - ok19:31:04.0687 4080 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe19:31:04.0812 4080 Netlogon - ok19:31:04.0843 4080 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll19:31:04.0984 4080 Netman - ok19:31:05.0125 4080 [ 9DA26B773BD04B867A8E9F427CD048FC ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe19:31:05.0156 4080 NetSvc ( UnsignedFile.Multi.Generic ) - warning19:31:05.0156 4080 NetSvc - detected UnsignedFile.Multi.Generic (1)19:31:05.0203 4080 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe19:31:05.0234 4080 NetTcpPortSharing - ok19:31:05.0265 4080 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys19:31:05.0390 4080 NIC1394 - ok19:31:05.0421 4080 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll19:31:05.0437 4080 Nla - ok19:31:05.0515 4080 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe19:31:05.0562 4080 NMIndexingService - ok19:31:05.0578 4080 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys19:31:05.0718 4080 Npfs - ok19:31:05.0765 4080 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys19:31:05.0953 4080 Ntfs - ok19:31:06.0078 4080 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe19:31:06.0218 4080 NtLmSsp - ok19:31:06.0281 4080 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll19:31:06.0421 4080 NtmsSvc - ok19:31:06.0437 4080 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys19:31:06.0593 4080 Null - ok19:31:06.0937 4080 [ 7C56F3FD65B2BDB315CA3605A5392D7B ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys19:31:07.0359 4080 nv - ok19:31:07.0390 4080 [ 1982E96B2C5C2EFFEF38EFC37293A42E ] NVSvc C:\WINDOWS\system32\nvsvc32.exe19:31:07.0437 4080 NVSvc - ok19:31:07.0515 4080 [ E6568D2D90028207587CB43CD8E5FD01 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe19:31:07.0625 4080 nvUpdatusService - ok19:31:07.0656 4080 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys19:31:07.0812 4080 NwlnkFlt - ok19:31:07.0812 4080 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys19:31:07.0953 4080 NwlnkFwd - ok19:31:08.0000 4080 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys19:31:08.0140 4080 ohci1394 - ok19:31:08.0171 4080 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE19:31:08.0203 4080 ose - ok19:31:08.0218 4080 [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys19:31:08.0250 4080 ossrv - ok19:31:08.0296 4080 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys19:31:08.0437 4080 Parport - ok19:31:08.0437 4080 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys19:31:08.0562 4080 PartMgr - ok19:31:08.0593 4080 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys19:31:08.0750 4080 ParVdm - ok19:31:08.0750 4080 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys19:31:08.0890 4080 PCI - ok19:31:08.0890 4080 PCIDump - ok19:31:08.0906 4080 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys19:31:09.0046 4080 PCIIde - ok19:31:09.0109 4080 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys19:31:09.0250 4080 Pcmcia - ok19:31:09.0250 4080 PDCOMP - ok19:31:09.0250 4080 PDFRAME - ok19:31:09.0265 4080 PDRELI - ok19:31:09.0265 4080 PDRFRAME - ok19:31:09.0296 4080 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys19:31:09.0453 4080 perc2 - ok19:31:09.0468 4080 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys19:31:09.0609 4080 perc2hib - ok19:31:09.0640 4080 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe19:31:09.0656 4080 PlugPlay - ok19:31:09.0671 4080 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe19:31:09.0796 4080 PolicyAgent - ok19:31:09.0828 4080 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys19:31:09.0953 4080 PptpMiniport - ok19:31:09.0953 4080 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe19:31:10.0078 4080 ProtectedStorage - ok19:31:10.0093 4080 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys19:31:10.0234 4080 PSched - ok19:31:10.0250 4080 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys19:31:10.0390 4080 Ptilink - ok19:31:10.0406 4080 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys19:31:10.0421 4080 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning19:31:10.0421 4080 PxHelp20 - detected UnsignedFile.Multi.Generic (1)19:31:10.0437 4080 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys19:31:10.0562 4080 ql1080 - ok19:31:10.0578 4080 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys19:31:10.0718 4080 Ql10wnt - ok19:31:10.0718 4080 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys19:31:10.0843 4080 ql12160 - ok19:31:10.0859 4080 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys19:31:11.0000 4080 ql1240 - ok19:31:11.0000 4080 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys19:31:11.0140 4080 ql1280 - ok19:31:11.0156 4080 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys19:31:11.0281 4080 RasAcd - ok19:31:11.0343 4080 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll19:31:11.0484 4080 RasAuto - ok19:31:11.0500 4080 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys19:31:11.0640 4080 Rasl2tp - ok19:31:11.0703 4080 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll19:31:11.0843 4080 RasMan - ok19:31:11.0843 4080 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys19:31:12.0000 4080 RasPppoe - ok19:31:12.0000 4080 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys19:31:12.0125 4080 Raspti - ok19:31:12.0140 4080 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys19:31:12.0281 4080 Rdbss - ok19:31:12.0296 4080 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys19:31:12.0437 4080 RDPCDD - ok19:31:12.0484 4080 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys19:31:12.0625 4080 rdpdr - ok19:31:12.0671 4080 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys19:31:12.0734 4080 RDPWD - ok19:31:12.0796 4080 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe19:31:12.0937 4080 RDSessMgr - ok19:31:12.0968 4080 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys19:31:13.0109 4080 redbook - ok19:31:13.0156 4080 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll19:31:13.0281 4080 RemoteAccess - ok19:31:13.0312 4080 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll19:31:13.0468 4080 RemoteRegistry - ok19:31:13.0515 4080 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe19:31:13.0656 4080 RpcLocator - ok19:31:13.0687 4080 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll19:31:13.0718 4080 RpcSs - ok19:31:13.0765 4080 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe19:31:13.0906 4080 RSVP - ok19:31:13.0921 4080 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe19:31:14.0046 4080 SamSs - ok19:31:14.0078 4080 [ D087A031E2E07B21E7A4F92ED657B985 ] SamsungMonitorFirmware C:\WINDOWS\system32\drivers\MFWCtwl.sys19:31:14.0312 4080 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - warning19:31:14.0312 4080 SamsungMonitorFirmware - detected UnsignedFile.Multi.Generic (1)19:31:14.0468 4080 [ 03C67BDB26D79BC71406F52E385926A1 ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe19:31:14.0703 4080 SBAMSvc - ok19:31:14.0734 4080 [ 40AA51F794921683CA143EE27F2F4171 ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys19:31:14.0765 4080 sbaphd - ok19:31:14.0812 4080 [ 701109A92E144182E262BCC8DD898DC5 ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys19:31:14.0843 4080 sbapifs - ok19:31:14.0875 4080 [ E0F866D00F85F55A04E066FEE23065F9 ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe19:31:14.0906 4080 SBPIMSvc - ok19:31:14.0937 4080 [ 0FCFE672B915687F5BFC0FD8944B360C ] sbtis C:\WINDOWS\system32\drivers\sbtis.sys19:31:14.0984 4080 sbtis - ok19:31:15.0015 4080 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe19:31:15.0171 4080 SCardSvr - ok19:31:15.0203 4080 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll19:31:15.0359 4080 Schedule - ok19:31:15.0406 4080 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys19:31:15.0531 4080 Secdrv - ok19:31:15.0578 4080 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll19:31:15.0734 4080 seclogon - ok19:31:15.0750 4080 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll19:31:15.0890 4080 SENS - ok19:31:15.0906 4080 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys19:31:16.0031 4080 serenum - ok19:31:16.0062 4080 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys19:31:16.0203 4080 Serial - ok19:31:16.0234 4080 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys19:31:16.0359 4080 Sfloppy - ok19:31:16.0421 4080 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll19:31:16.0578 4080 SharedAccess - ok19:31:16.0578 4080 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll19:31:16.0609 4080 ShellHWDetection - ok19:31:16.0609 4080 Simbad - ok19:31:16.0656 4080 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys19:31:16.0781 4080 sisagp - ok19:31:16.0828 4080 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys19:31:16.0906 4080 Sparrow - ok19:31:16.0921 4080 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys19:31:17.0062 4080 splitter - ok19:31:17.0093 4080 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe19:31:17.0140 4080 Spooler - ok19:31:17.0171 4080 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys19:31:17.0328 4080 sr - ok19:31:17.0359 4080 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll19:31:17.0500 4080 srservice - ok19:31:17.0515 4080 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys19:31:17.0609 4080 Srv - ok19:31:17.0656 4080 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll19:31:17.0781 4080 SSDPSRV - ok19:31:17.0828 4080 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll19:31:18.0000 4080 stisvc - ok19:31:18.0031 4080 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys19:31:18.0171 4080 swenum - ok19:31:18.0203 4080 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys19:31:18.0343 4080 swmidi - ok19:31:18.0343 4080 SwPrv - ok19:31:18.0359 4080 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys19:31:18.0500 4080 symc810 - ok19:31:18.0515 4080 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys19:31:18.0656 4080 symc8xx - ok19:31:18.0656 4080 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys19:31:18.0781 4080 sym_hi - ok19:31:18.0796 4080 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys19:31:18.0937 4080 sym_u3 - ok19:31:18.0968 4080 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys19:31:19.0109 4080 sysaudio - ok19:31:19.0156 4080 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe19:31:19.0296 4080 SysmonLog - ok19:31:19.0328 4080 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll19:31:19.0484 4080 TapiSrv - ok19:31:19.0546 4080 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys19:31:19.0562 4080 Tcpip - ok19:31:19.0609 4080 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys19:31:19.0750 4080 TDPIPE - ok19:31:19.0765 4080 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys19:31:19.0921 4080 TDTCP - ok19:31:19.0968 4080 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys19:31:20.0109 4080 TermDD - ok19:31:20.0156 4080 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll19:31:20.0312 4080 TermService - ok19:31:20.0328 4080 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll19:31:20.0359 4080 Themes - ok19:31:20.0390 4080 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe19:31:20.0531 4080 TlntSvr - ok19:31:20.0546 4080 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys19:31:20.0671 4080 TosIde - ok19:31:20.0703 4080 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll19:31:20.0843 4080 TrkWks - ok19:31:20.0859 4080 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys19:31:20.0984 4080 Udfs - ok19:31:21.0046 4080 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys19:31:21.0125 4080 ultra - ok19:31:21.0187 4080 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys19:31:21.0343 4080 Update - ok19:31:21.0437 4080 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll19:31:21.0593 4080 upnphost - ok19:31:21.0593 4080 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe19:31:21.0750 4080 UPS - ok19:31:21.0781 4080 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys19:31:21.0828 4080 USBAAPL - ok19:31:21.0859 4080 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys19:31:21.0984 4080 usbehci - ok19:31:22.0046 4080 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys19:31:22.0187 4080 usbhub - ok19:31:22.0203 4080 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys19:31:22.0343 4080 usbprint - ok19:31:22.0375 4080 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys19:31:22.0515 4080 usbscan - ok19:31:22.0531 4080 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys19:31:22.0656 4080 usbser - ok19:31:22.0687 4080 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS19:31:22.0828 4080 USBSTOR - ok19:31:22.0843 4080 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys19:31:22.0984 4080 usbuhci - ok19:31:23.0015 4080 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys19:31:23.0156 4080 VgaSave - ok19:31:23.0218 4080 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys19:31:23.0359 4080 viaagp - ok19:31:23.0406 4080 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys19:31:23.0546 4080 ViaIde - ok19:31:23.0562 4080 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys19:31:23.0703 4080 VolSnap - ok19:31:23.0765 4080 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe19:31:23.0906 4080 VSS - ok19:31:23.0937 4080 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll19:31:24.0078 4080 w32time - ok19:31:24.0093 4080 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys19:31:24.0234 4080 Wanarp - ok19:31:24.0250 4080 wanatw - ok19:31:24.0250 4080 WDICA - ok19:31:24.0281 4080 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys19:31:24.0421 4080 wdmaud - ok19:31:24.0437 4080 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll19:31:24.0593 4080 WebClient - ok19:31:24.0640 4080 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys19:31:24.0703 4080 winachsf - ok19:31:24.0796 4080 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll19:31:24.0921 4080 winmgmt - ok19:31:24.0968 4080 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll19:31:25.0046 4080 WmdmPmSN - ok19:31:25.0093 4080 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll19:31:25.0156 4080 Wmi - ok19:31:25.0187 4080 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe19:31:25.0343 4080 WmiApSrv - ok19:31:25.0437 4080 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe19:31:25.0515 4080 WMPNetworkSvc - ok19:31:25.0546 4080 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll19:31:25.0687 4080 wscsvc - ok19:31:25.0703 4080 WSearch - ok19:31:25.0718 4080 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll19:31:25.0859 4080 wuauserv - ok19:31:25.0890 4080 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys19:31:25.0968 4080 WudfPf - ok19:31:26.0015 4080 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys19:31:26.0046 4080 WudfRd - ok19:31:26.0062 4080 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll19:31:26.0109 4080 WudfSvc - ok19:31:26.0156 4080 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll19:31:26.0296 4080 WZCSVC - ok19:31:26.0343 4080 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll19:31:26.0484 4080 xmlprov - ok Link to post Share on other sites More sharing options...
kgej_73 Posted March 20, 2013 Author ID:659229 Share Posted March 20, 2013 Here is the second part of my log. It was too long to fit into one post.19:31:26.0484 4080 ================ Scan global ===============================19:31:26.0515 4080 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll19:31:26.0546 4080 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll19:31:26.0562 4080 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll19:31:26.0578 4080 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe19:31:26.0578 4080 [Global] - ok19:31:26.0578 4080 ================ Scan MBR ==================================19:31:26.0609 4080 [ 91722E6BC3A2B40FF00222DCA4A3DB3E ] \Device\Harddisk0\DR019:31:26.0812 4080 \Device\Harddisk0\DR0 ( TDSS File System ) - warning19:31:26.0812 4080 \Device\Harddisk0\DR0 - detected TDSS File System (1)19:31:26.0812 4080 ================ Scan VBR ==================================19:31:26.0828 4080 [ 9C4EB5919C002C7721F1E0947BA4A8CF ] \Device\Harddisk0\DR0\Partition119:31:26.0828 4080 \Device\Harddisk0\DR0\Partition1 - ok19:31:26.0828 4080 ============================================================19:31:26.0828 4080 Scan finished19:31:26.0828 4080 ============================================================19:31:26.0953 4016 Detected object count: 2519:31:26.0953 4016 Actual detected object count: 2519:31:58.0937 4016 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0937 4016 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0937 4016 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0937 4016 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0937 4016 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0937 4016 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0953 4016 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0953 4016 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0953 4016 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0953 4016 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0953 4016 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0953 4016 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0953 4016 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0953 4016 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0953 4016 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0953 4016 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0953 4016 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0953 4016 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0953 4016 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0953 4016 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0953 4016 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0953 4016 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0968 4016 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0968 4016 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0968 4016 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0968 4016 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0968 4016 ELhid ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0968 4016 ELhid ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0968 4016 ELkbd ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0968 4016 ELkbd ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0968 4016 ELmon ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0968 4016 ELmon ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0968 4016 ELmou ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0968 4016 ELmou ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0968 4016 ELService ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0968 4016 ELService ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0968 4016 IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0968 4016 IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0984 4016 MHN ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0984 4016 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0984 4016 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0984 4016 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0984 4016 NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0984 4016 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0984 4016 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0984 4016 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0984 4016 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - skipped by user19:31:58.0984 4016 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - User select action: Skip19:31:58.0984 4016 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user19:31:58.0984 4016 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip19:32:32.0750 0584 ============================================================19:32:32.0750 0584 Scan started19:32:32.0750 0584 Mode: Manual; SigCheck; TDLFS;19:32:32.0750 0584 ============================================================19:32:32.0968 0584 ================ Scan system memory ========================19:32:32.0984 0584 System memory - ok19:32:32.0984 0584 ================ Scan services =============================19:32:33.0109 0584 Abiosdsk - ok19:32:33.0140 0584 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS19:32:33.0234 0584 abp480n5 - ok19:32:33.0265 0584 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys19:32:33.0406 0584 ACPI - ok19:32:33.0406 0584 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys19:32:33.0578 0584 ACPIEC - ok19:32:33.0593 0584 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys19:32:33.0718 0584 adpu160m - ok19:32:33.0765 0584 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys19:32:33.0906 0584 aec - ok19:32:33.0937 0584 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys19:32:34.0000 0584 AFD - ok19:32:34.0031 0584 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys19:32:34.0156 0584 agp440 - ok19:32:34.0171 0584 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys19:32:34.0296 0584 agpCPQ - ok19:32:34.0312 0584 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys19:32:34.0375 0584 Aha154x - ok19:32:34.0390 0584 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys19:32:34.0515 0584 aic78u2 - ok19:32:34.0531 0584 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys19:32:34.0671 0584 aic78xx - ok19:32:34.0734 0584 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll19:32:34.0859 0584 Alerter - ok19:32:34.0875 0584 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe19:32:35.0015 0584 ALG - ok19:32:35.0015 0584 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys19:32:35.0156 0584 AliIde - ok19:32:35.0156 0584 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys19:32:35.0312 0584 alim1541 - ok19:32:35.0328 0584 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys19:32:35.0453 0584 amdagp - ok19:32:35.0468 0584 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys19:32:35.0531 0584 amsint - ok19:32:35.0640 0584 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe19:32:35.0671 0584 Apple Mobile Device - ok19:32:35.0703 0584 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll19:32:35.0828 0584 AppMgmt - ok19:32:35.0859 0584 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys19:32:35.0984 0584 Arp1394 - ok19:32:36.0015 0584 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys19:32:36.0156 0584 asc - ok19:32:36.0171 0584 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys19:32:36.0234 0584 asc3350p - ok19:32:36.0250 0584 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys19:32:36.0375 0584 asc3550 - ok19:32:36.0406 0584 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys19:32:36.0406 0584 ASCTRM ( UnsignedFile.Multi.Generic ) - warning19:32:36.0406 0584 ASCTRM - detected UnsignedFile.Multi.Generic (1)19:32:36.0546 0584 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe19:32:36.0562 0584 aspnet_state - ok19:32:36.0578 0584 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys19:32:36.0703 0584 AsyncMac - ok19:32:36.0718 0584 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys19:32:36.0859 0584 atapi - ok19:32:36.0859 0584 Atdisk - ok19:32:36.0906 0584 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys19:32:37.0031 0584 Atmarpc - ok19:32:37.0062 0584 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll19:32:37.0203 0584 AudioSrv - ok19:32:37.0234 0584 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys19:32:37.0375 0584 audstub - ok19:32:37.0406 0584 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys19:32:37.0562 0584 Beep - ok19:32:37.0593 0584 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll19:32:37.0781 0584 BITS - ok19:32:37.0828 0584 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe19:32:37.0843 0584 Bonjour Service - ok19:32:37.0890 0584 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll19:32:37.0921 0584 Browser - ok19:32:37.0921 0584 bvrp_pci - ok19:32:37.0968 0584 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys19:32:38.0109 0584 cbidf - ok19:32:38.0109 0584 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys19:32:38.0250 0584 cbidf2k - ok19:32:38.0265 0584 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys19:32:38.0343 0584 cd20xrnt - ok19:32:38.0359 0584 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys19:32:38.0515 0584 Cdaudio - ok19:32:38.0531 0584 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys19:32:38.0671 0584 Cdfs - ok19:32:38.0703 0584 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys19:32:38.0843 0584 Cdrom - ok19:32:38.0843 0584 Changer - ok19:32:38.0890 0584 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe19:32:39.0046 0584 CiSvc - ok19:32:39.0093 0584 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe19:32:39.0234 0584 ClipSrv - ok19:32:39.0265 0584 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe19:32:39.0281 0584 clr_optimization_v2.0.50727_32 - ok19:32:39.0312 0584 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys19:32:39.0453 0584 CmdIde - ok19:32:39.0500 0584 [ 1EF05B641E9A67DED74AC8AD40055DBF ] COMMONFX.DLL C:\WINDOWS\system32\COMMONFX.DLL19:32:39.0515 0584 COMMONFX.DLL - ok19:32:39.0515 0584 COMSysApp - ok19:32:39.0546 0584 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys19:32:39.0671 0584 Cpqarray - ok19:32:39.0718 0584 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE19:32:39.0734 0584 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning19:32:39.0734 0584 Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)19:32:39.0781 0584 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll19:32:39.0906 0584 CryptSvc - ok19:32:39.0953 0584 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL19:32:39.0984 0584 CT20XUT.DLL - ok19:32:40.0015 0584 [ 8AC5F77E30E37D2D11BD99EFF0C53D8C ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys19:32:40.0046 0584 ctac32k - ok19:32:40.0078 0584 [ 673241D314E932F4890509AE8EBF26DB ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys19:32:40.0109 0584 ctaud2k - ok19:32:40.0156 0584 [ 472B82D7E549E7FAB428852E4D16F21D ] CTAUDFX.DLL C:\WINDOWS\system32\CTAUDFX.DLL19:32:40.0234 0584 CTAUDFX.DLL - ok19:32:40.0296 0584 [ ED316D4C3D39C5B6C23DE067E275C183 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys19:32:40.0312 0584 ctdvda2k - ok19:32:40.0343 0584 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL19:32:40.0375 0584 CTEAPSFX.DLL - ok19:32:40.0390 0584 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL19:32:40.0437 0584 CTEDSPFX.DLL - ok19:32:40.0468 0584 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL19:32:40.0515 0584 CTEDSPIO.DLL - ok19:32:40.0531 0584 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL19:32:40.0578 0584 CTEDSPSY.DLL - ok19:32:40.0609 0584 [ D3FBD9983325435B06795F29CB57ED3D ] CTERFXFX.DLL C:\WINDOWS\system32\CTERFXFX.DLL19:32:40.0640 0584 CTERFXFX.DLL - ok19:32:40.0703 0584 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL19:32:40.0765 0584 CTEXFIFX.DLL - ok19:32:40.0781 0584 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL19:32:40.0812 0584 CTHWIUT.DLL - ok19:32:40.0828 0584 [ 34E7F8A499FD8361DF14FEDB724C0AD3 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys19:32:40.0843 0584 ctprxy2k - ok19:32:40.0875 0584 [ 679AE21EB7F48A08184813AEBABDEC7C ] CTSBLFX.DLL C:\WINDOWS\system32\CTSBLFX.DLL19:32:40.0921 0584 CTSBLFX.DLL - ok19:32:40.0937 0584 [ 32098497CB4DFE9EA7660FA62DD91060 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys19:32:40.0968 0584 ctsfm2k - ok19:32:41.0000 0584 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys19:32:41.0140 0584 dac2w2k - ok19:32:41.0140 0584 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys19:32:41.0296 0584 dac960nt - ok19:32:41.0328 0584 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll19:32:41.0359 0584 DcomLaunch - ok19:32:41.0406 0584 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll19:32:41.0546 0584 Dhcp - ok19:32:41.0562 0584 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys19:32:41.0687 0584 Disk - ok19:32:41.0734 0584 [ E2D0DE31442390C35E3163C87CB6A9EB ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS19:32:41.0750 0584 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning19:32:41.0750 0584 DLABOIOM - detected UnsignedFile.Multi.Generic (1)19:32:41.0750 0584 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS19:32:41.0765 0584 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning19:32:41.0765 0584 DLACDBHM - detected UnsignedFile.Multi.Generic (1)19:32:41.0781 0584 [ 83545593E297F50A8E2524B4C071A153 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS19:32:41.0812 0584 DLADResN ( UnsignedFile.Multi.Generic ) - warning19:32:41.0812 0584 DLADResN - detected UnsignedFile.Multi.Generic (1)19:32:41.0812 0584 [ 96E01D901CDC98C7817155CC057001BF ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS19:32:41.0828 0584 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning19:32:41.0828 0584 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)19:32:41.0828 0584 [ 0A60A39CC5E767980A31CA5D7238DFA9 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS19:32:41.0828 0584 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning19:32:41.0828 0584 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)19:32:41.0843 0584 [ 9FE2B72558FC808357F427FD83314375 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS19:32:41.0843 0584 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning19:32:41.0843 0584 DLAPoolM - detected UnsignedFile.Multi.Generic (1)19:32:41.0859 0584 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS19:32:41.0859 0584 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning19:32:41.0859 0584 DLARTL_N - detected UnsignedFile.Multi.Generic (1)19:32:41.0875 0584 [ F08E1DAFAC457893399E03430A6A1397 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS19:32:41.0875 0584 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning19:32:41.0875 0584 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)19:32:41.0890 0584 [ E7D105ED1E694449D444A9933DF8E060 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS19:32:41.0906 0584 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning19:32:41.0906 0584 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)19:32:41.0906 0584 dmadmin - ok19:32:41.0984 0584 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys19:32:42.0125 0584 dmboot - ok19:32:42.0125 0584 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys19:32:42.0265 0584 dmio - ok19:32:42.0281 0584 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys19:32:42.0421 0584 dmload - ok19:32:42.0453 0584 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll19:32:42.0593 0584 dmserver - ok19:32:42.0609 0584 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys19:32:42.0750 0584 DMusic - ok19:32:42.0781 0584 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll19:32:42.0812 0584 Dnscache - ok19:32:42.0859 0584 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll19:32:43.0015 0584 Dot3svc - ok19:32:43.0031 0584 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys19:32:43.0156 0584 dpti2o - ok19:32:43.0187 0584 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys19:32:43.0312 0584 drmkaud - ok19:32:43.0328 0584 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS19:32:43.0328 0584 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning19:32:43.0328 0584 DRVMCDB - detected UnsignedFile.Multi.Generic (1)19:32:43.0343 0584 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS19:32:43.0359 0584 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning19:32:43.0359 0584 DRVNDDM - detected UnsignedFile.Multi.Generic (1)19:32:43.0359 0584 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys19:32:43.0500 0584 E100B - ok19:32:43.0546 0584 [ 0849EACDC01487573ADD86F5E470806C ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys19:32:43.0562 0584 e1express - ok19:32:43.0593 0584 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll19:32:43.0734 0584 EapHost - ok19:32:43.0796 0584 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe19:32:43.0812 0584 ehRecvr - ok19:32:43.0843 0584 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe19:32:43.0921 0584 ehSched - ok19:32:44.0000 0584 [ 1976FEDF6D7F87135C9B7F5CB4C8C868 ] ELacpi C:\WINDOWS\system32\DRIVERS\ELacpi.sys19:32:44.0015 0584 ELacpi - ok19:32:44.0062 0584 [ AE65C02444907966378454138B9F99F0 ] ELhid C:\WINDOWS\system32\DRIVERS\ELhid.sys19:32:44.0078 0584 ELhid ( UnsignedFile.Multi.Generic ) - warning19:32:44.0078 0584 ELhid - detected UnsignedFile.Multi.Generic (1)19:32:44.0078 0584 [ E485C3BA1DADDEEF3E14FEA1E8FDA6E1 ] ELkbd C:\WINDOWS\system32\DRIVERS\ELkbd.sys19:32:44.0078 0584 ELkbd ( UnsignedFile.Multi.Generic ) - warning19:32:44.0078 0584 ELkbd - detected UnsignedFile.Multi.Generic (1)19:32:44.0093 0584 [ 0D87CB825ED6CB2EBCC147A10A42F1D6 ] ELmon C:\WINDOWS\system32\DRIVERS\ELmon.sys19:32:44.0093 0584 ELmon ( UnsignedFile.Multi.Generic ) - warning19:32:44.0093 0584 ELmon - detected UnsignedFile.Multi.Generic (1)19:32:44.0093 0584 [ A4ADD3847B67BACAB6FC851A2B60FDB3 ] ELmou C:\WINDOWS\system32\DRIVERS\ELmou.sys19:32:44.0109 0584 ELmou ( UnsignedFile.Multi.Generic ) - warning19:32:44.0109 0584 ELmou - detected UnsignedFile.Multi.Generic (1)19:32:44.0171 0584 [ D1DE16926C682DCD3D99AE5500CA5522 ] ELService C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe19:32:44.0187 0584 ELService ( UnsignedFile.Multi.Generic ) - warning19:32:44.0187 0584 ELService - detected UnsignedFile.Multi.Generic (1)19:32:44.0203 0584 [ 2885F72D2DAFFD0329272F12E16D6579 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys19:32:44.0234 0584 emupia - ok19:32:44.0250 0584 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll19:32:44.0390 0584 ERSvc - ok19:32:44.0421 0584 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe19:32:44.0453 0584 Eventlog - ok19:32:44.0484 0584 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll19:32:44.0515 0584 EventSystem - ok19:32:44.0531 0584 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys19:32:44.0656 0584 Fastfat - ok19:32:44.0687 0584 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll19:32:44.0718 0584 FastUserSwitchingCompatibility - ok19:32:44.0750 0584 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe19:32:44.0906 0584 Fax - ok19:32:44.0953 0584 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys19:32:45.0093 0584 Fdc - ok19:32:45.0109 0584 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys19:32:45.0250 0584 Fips - ok19:32:45.0265 0584 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys19:32:45.0406 0584 Flpydisk - ok19:32:45.0437 0584 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys19:32:45.0578 0584 FltMgr - ok19:32:45.0671 0584 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe19:32:45.0687 0584 FontCache3.0.0.0 - ok19:32:45.0703 0584 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys19:32:45.0843 0584 Fs_Rec - ok19:32:45.0859 0584 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys19:32:46.0015 0584 Ftdisk - ok19:32:46.0046 0584 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys19:32:46.0171 0584 gameenum - ok19:32:46.0203 0584 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys19:32:46.0218 0584 GEARAspiWDM - ok19:32:46.0250 0584 [ 1BFABBB4C99E1FDBC7B756BE39868D03 ] gfiark C:\WINDOWS\system32\drivers\gfiark.sys19:32:46.0265 0584 gfiark - ok19:32:46.0281 0584 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys19:32:46.0406 0584 Gpc - ok19:32:46.0468 0584 [ DA2C735B66D2E7B739F9A46146581A9D ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys19:32:46.0500 0584 ha10kx2k - ok19:32:46.0515 0584 [ 5C7D6D68796E4621B4168C879908DAE0 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys19:32:46.0546 0584 hap16v2k - ok19:32:46.0562 0584 [ A595B88AD16D8B5693DDF08113CAF30E ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys19:32:46.0578 0584 hap17v2k - ok19:32:46.0640 0584 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll19:32:46.0781 0584 helpsvc - ok19:32:46.0781 0584 HidServ - ok19:32:46.0796 0584 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys19:32:46.0937 0584 HidUsb - ok19:32:46.0968 0584 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll19:32:47.0109 0584 hkmsvc - ok19:32:47.0125 0584 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys19:32:47.0265 0584 hpn - ok19:32:47.0281 0584 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys19:32:47.0312 0584 HSFHWBS2 - ok19:32:47.0359 0584 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys19:32:47.0390 0584 HSF_DP - ok19:32:47.0437 0584 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys19:32:47.0468 0584 HTTP - ok19:32:47.0500 0584 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll19:32:47.0640 0584 HTTPFilter - ok19:32:47.0656 0584 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys19:32:47.0781 0584 i2omgmt - ok19:32:47.0828 0584 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys19:32:47.0953 0584 i2omp - ok19:32:47.0953 0584 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys19:32:48.0109 0584 i8042prt - ok19:32:48.0156 0584 [ D43E91E271C041BB86A6223462A41D28 ] IAANTMon C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe19:32:48.0171 0584 IAANTMon ( UnsignedFile.Multi.Generic ) - warning19:32:48.0171 0584 IAANTMon - detected UnsignedFile.Multi.Generic (1)19:32:48.0218 0584 [ 9A65E42664D1534B68512CAAD0EFE963 ] iastor C:\WINDOWS\system32\drivers\iastor.sys19:32:48.0265 0584 iastor - ok19:32:48.0421 0584 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe19:32:48.0453 0584 idsvc - ok19:32:48.0500 0584 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys19:32:48.0640 0584 Imapi - ok19:32:48.0703 0584 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe19:32:48.0843 0584 ImapiService - ok19:32:48.0859 0584 [ 1DA147ACB525A4822228BE06154C7CBB ] InCDfs C:\WINDOWS\system32\drivers\InCDFs.sys19:32:48.0890 0584 InCDfs - ok19:32:48.0890 0584 [ 2EC469A401AE6FE7A67D80EFFD3091B1 ] InCDPass C:\WINDOWS\system32\drivers\InCDPass.sys19:32:48.0921 0584 InCDPass - ok19:32:48.0937 0584 [ 544498D06B8CA187A5960B4F3B4BD63E ] InCDRec C:\WINDOWS\system32\drivers\InCDRec.sys19:32:48.0953 0584 InCDRec - ok19:32:48.0968 0584 [ 2863A00B0F64D937F0CD9561C53B5A37 ] incdrm C:\WINDOWS\system32\drivers\InCDRm.sys19:32:48.0984 0584 incdrm - ok19:32:49.0078 0584 [ CA32EA0F5FC2A36CA44AD7238F18C248 ] InCDsrv C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe19:32:49.0125 0584 InCDsrv - ok19:32:49.0171 0584 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys19:32:49.0328 0584 ini910u - ok19:32:49.0359 0584 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys19:32:49.0484 0584 IntelIde - ok19:32:49.0531 0584 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys19:32:49.0656 0584 intelppm - ok19:32:49.0687 0584 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys19:32:49.0812 0584 Ip6Fw - ok19:32:49.0843 0584 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys19:32:49.0984 0584 IpFilterDriver - ok19:32:50.0031 0584 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys19:32:50.0156 0584 IpInIp - ok19:32:50.0203 0584 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys19:32:50.0343 0584 IpNat - ok19:32:50.0390 0584 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe19:32:50.0421 0584 iPod Service - ok19:32:50.0437 0584 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys19:32:50.0578 0584 IPSec - ok19:32:50.0593 0584 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys19:32:50.0734 0584 IRENUM - ok19:32:50.0765 0584 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys19:32:50.0906 0584 isapnp - ok19:32:51.0000 0584 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe19:32:51.0015 0584 JavaQuickStarterService - ok19:32:51.0031 0584 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys19:32:51.0156 0584 Kbdclass - ok19:32:51.0171 0584 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys19:32:51.0296 0584 kbdhid - ok19:32:51.0312 0584 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys19:32:51.0453 0584 kmixer - ok19:32:51.0484 0584 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys19:32:51.0500 0584 KSecDD - ok19:32:51.0546 0584 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll19:32:51.0562 0584 lanmanserver - ok19:32:51.0593 0584 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll19:32:51.0625 0584 lanmanworkstation - ok19:32:51.0625 0584 lbrtfdc - ok19:32:51.0656 0584 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll19:32:51.0796 0584 LmHosts - ok19:32:51.0812 0584 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys19:32:51.0828 0584 MBAMProtector - ok19:32:51.0859 0584 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe19:32:51.0875 0584 MBAMScheduler - ok19:32:51.0937 0584 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe19:32:51.0968 0584 MBAMService - ok19:32:52.0031 0584 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe19:32:52.0062 0584 McrdSvc - ok19:32:52.0125 0584 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE19:32:52.0156 0584 MDM - ok19:32:52.0171 0584 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys19:32:52.0187 0584 mdmxsdk - ok19:32:52.0218 0584 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll19:32:52.0343 0584 Messenger - ok19:32:52.0390 0584 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll19:32:52.0421 0584 MHN ( UnsignedFile.Multi.Generic ) - warning19:32:52.0421 0584 MHN - detected UnsignedFile.Multi.Generic (1)19:32:52.0437 0584 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys19:32:52.0453 0584 MHNDRV ( UnsignedFile.Multi.Generic ) - warning19:32:52.0453 0584 MHNDRV - detected UnsignedFile.Multi.Generic (1)19:32:52.0484 0584 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys19:32:52.0609 0584 mnmdd - ok19:32:52.0640 0584 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe19:32:52.0765 0584 mnmsrvc - ok19:32:52.0812 0584 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys19:32:52.0937 0584 Modem - ok19:32:52.0984 0584 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys19:32:53.0109 0584 MODEMCSA - ok19:32:53.0140 0584 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys19:32:53.0281 0584 Mouclass - ok19:32:53.0312 0584 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys19:32:53.0453 0584 mouhid - ok19:32:53.0468 0584 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys19:32:53.0609 0584 MountMgr - ok19:32:53.0625 0584 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys19:32:53.0765 0584 mraid35x - ok19:32:53.0765 0584 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys19:32:53.0890 0584 MRxDAV - ok19:32:53.0937 0584 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys19:32:54.0000 0584 MRxSmb - ok19:32:54.0046 0584 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe19:32:54.0187 0584 MSDTC - ok19:32:54.0203 0584 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys19:32:54.0328 0584 Msfs - ok19:32:54.0328 0584 MSIServer - ok19:32:54.0343 0584 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys19:32:54.0468 0584 MSKSSRV - ok19:32:54.0484 0584 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys19:32:54.0625 0584 MSPCLOCK - ok19:32:54.0656 0584 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys19:32:54.0812 0584 MSPQM - ok19:32:54.0828 0584 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys19:32:54.0968 0584 mssmbios - ok19:32:55.0000 0584 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys19:32:55.0015 0584 Mup - ok19:32:55.0109 0584 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll19:32:55.0250 0584 napagent - ok19:32:55.0281 0584 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys19:32:55.0421 0584 NDIS - ok19:32:55.0468 0584 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys19:32:55.0500 0584 NdisTapi - ok19:32:55.0546 0584 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys19:32:55.0671 0584 Ndisuio - ok19:32:55.0687 0584 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys19:32:55.0812 0584 NdisWan - ok19:32:55.0843 0584 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys19:32:55.0859 0584 NDProxy - ok19:32:55.0890 0584 [ A8960FA773CCC3E38515F637E19A76C0 ] NeroRegInCDSrv C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe19:32:55.0906 0584 NeroRegInCDSrv - ok19:32:55.0921 0584 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys19:32:56.0078 0584 NetBIOS - ok19:32:56.0109 0584 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys19:32:56.0234 0584 NetBT - ok19:32:56.0296 0584 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe19:32:56.0421 0584 NetDDE - ok19:32:56.0437 0584 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe19:32:56.0562 0584 NetDDEdsdm - ok19:32:56.0609 0584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe19:32:56.0734 0584 Netlogon - ok19:32:56.0781 0584 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll19:32:56.0921 0584 Netman - ok19:32:57.0062 0584 [ 9DA26B773BD04B867A8E9F427CD048FC ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe19:32:57.0093 0584 NetSvc ( UnsignedFile.Multi.Generic ) - warning19:32:57.0093 0584 NetSvc - detected UnsignedFile.Multi.Generic (1)19:32:57.0156 0584 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe19:32:57.0171 0584 NetTcpPortSharing - ok19:32:57.0203 0584 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys19:32:57.0343 0584 NIC1394 - ok19:32:57.0375 0584 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll19:32:57.0390 0584 Nla - ok19:32:57.0468 0584 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe19:32:57.0484 0584 NMIndexingService - ok19:32:57.0531 0584 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys19:32:57.0656 0584 Npfs - ok19:32:57.0703 0584 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys19:32:57.0875 0584 Ntfs - ok19:32:57.0890 0584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe19:32:58.0015 0584 NtLmSsp - ok19:32:58.0093 0584 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll19:32:58.0234 0584 NtmsSvc - ok19:32:58.0250 0584 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys19:32:58.0390 0584 Null - ok19:32:58.0734 0584 [ 7C56F3FD65B2BDB315CA3605A5392D7B ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys19:32:59.0171 0584 nv - ok19:32:59.0203 0584 [ 1982E96B2C5C2EFFEF38EFC37293A42E ] NVSvc C:\WINDOWS\system32\nvsvc32.exe19:32:59.0234 0584 NVSvc - ok19:32:59.0296 0584 [ E6568D2D90028207587CB43CD8E5FD01 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe19:32:59.0343 0584 nvUpdatusService - ok19:32:59.0390 0584 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys19:32:59.0531 0584 NwlnkFlt - ok19:32:59.0531 0584 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys19:32:59.0671 0584 NwlnkFwd - ok19:32:59.0687 0584 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys19:32:59.0828 0584 ohci1394 - ok19:32:59.0859 0584 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE19:32:59.0875 0584 ose - ok19:32:59.0906 0584 [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys19:32:59.0921 0584 ossrv - ok19:32:59.0968 0584 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys19:33:00.0109 0584 Parport - ok19:33:00.0140 0584 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys19:33:00.0265 0584 PartMgr - ok19:33:00.0296 0584 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys19:33:00.0421 0584 ParVdm - ok19:33:00.0421 0584 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys19:33:00.0562 0584 PCI - ok19:33:00.0578 0584 PCIDump - ok19:33:00.0593 0584 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys19:33:00.0734 0584 PCIIde - ok19:33:00.0781 0584 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys19:33:00.0921 0584 Pcmcia - ok19:33:00.0921 0584 PDCOMP - ok19:33:00.0921 0584 PDFRAME - ok19:33:00.0937 0584 PDRELI - ok19:33:00.0937 0584 PDRFRAME - ok19:33:00.0968 0584 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys19:33:01.0140 0584 perc2 - ok19:33:01.0156 0584 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys19:33:01.0296 0584 perc2hib - ok19:33:01.0328 0584 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe19:33:01.0359 0584 PlugPlay - ok19:33:01.0359 0584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe19:33:01.0484 0584 PolicyAgent - ok19:33:01.0515 0584 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys19:33:01.0640 0584 PptpMiniport - ok19:33:01.0656 0584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe19:33:01.0781 0584 ProtectedStorage - ok19:33:01.0781 0584 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys19:33:01.0921 0584 PSched - ok19:33:01.0953 0584 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys19:33:02.0078 0584 Ptilink - ok19:33:02.0093 0584 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys19:33:02.0093 0584 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning19:33:02.0093 0584 PxHelp20 - detected UnsignedFile.Multi.Generic (1)19:33:02.0109 0584 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys19:33:02.0265 0584 ql1080 - ok19:33:02.0281 0584 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys19:33:02.0421 0584 Ql10wnt - ok19:33:02.0421 0584 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys19:33:02.0546 0584 ql12160 - ok19:33:02.0546 0584 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys19:33:02.0687 0584 ql1240 - ok19:33:02.0703 0584 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys19:33:02.0828 0584 ql1280 - ok19:33:02.0843 0584 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys19:33:02.0968 0584 RasAcd - ok19:33:03.0015 0584 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll19:33:03.0171 0584 RasAuto - ok19:33:03.0203 0584 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys19:33:03.0343 0584 Rasl2tp - ok19:33:03.0375 0584 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll19:33:03.0515 0584 RasMan - ok19:33:03.0515 0584 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys19:33:03.0640 0584 RasPppoe - ok19:33:03.0640 0584 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys19:33:03.0781 0584 Raspti - ok19:33:03.0812 0584 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys19:33:03.0937 0584 Rdbss - ok19:33:03.0937 0584 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys19:33:04.0093 0584 RDPCDD - ok19:33:04.0140 0584 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys19:33:04.0296 0584 rdpdr - ok19:33:04.0359 0584 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys19:33:04.0375 0584 RDPWD - ok19:33:04.0421 0584 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe19:33:04.0562 0584 RDSessMgr - ok19:33:04.0578 0584 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys19:33:04.0718 0584 redbook - ok19:33:04.0750 0584 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll19:33:04.0890 0584 RemoteAccess - ok19:33:04.0921 0584 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll19:33:05.0046 0584 RemoteRegistry - ok19:33:05.0093 0584 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe19:33:05.0234 0584 RpcLocator - ok19:33:05.0265 0584 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll19:33:05.0296 0584 RpcSs - ok19:33:05.0343 0584 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe19:33:05.0468 0584 RSVP - ok19:33:05.0484 0584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe19:33:05.0609 0584 SamSs - ok19:33:05.0640 0584 [ D087A031E2E07B21E7A4F92ED657B985 ] SamsungMonitorFirmware C:\WINDOWS\system32\drivers\MFWCtwl.sys19:33:05.0656 0584 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - warning19:33:05.0656 0584 SamsungMonitorFirmware - detected UnsignedFile.Multi.Generic (1)19:33:05.0812 0584 [ 03C67BDB26D79BC71406F52E385926A1 ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe19:33:05.0953 0584 SBAMSvc - ok19:33:05.0984 0584 [ 40AA51F794921683CA143EE27F2F4171 ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys19:33:06.0000 0584 sbaphd - ok19:33:06.0062 0584 [ 701109A92E144182E262BCC8DD898DC5 ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys19:33:06.0078 0584 sbapifs - ok19:33:06.0109 0584 [ E0F866D00F85F55A04E066FEE23065F9 ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe19:33:06.0140 0584 SBPIMSvc - ok19:33:06.0171 0584 [ 0FCFE672B915687F5BFC0FD8944B360C ] sbtis C:\WINDOWS\system32\drivers\sbtis.sys19:33:06.0203 0584 sbtis - ok19:33:06.0234 0584 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe19:33:06.0375 0584 SCardSvr - ok19:33:06.0421 0584 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll19:33:06.0562 0584 Schedule - ok19:33:06.0609 0584 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys19:33:06.0734 0584 Secdrv - ok19:33:06.0765 0584 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll19:33:06.0906 0584 seclogon - ok19:33:06.0937 0584 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll19:33:07.0062 0584 SENS - ok19:33:07.0078 0584 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys19:33:07.0218 0584 serenum - ok19:33:07.0234 0584 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys19:33:07.0375 0584 Serial - ok19:33:07.0390 0584 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys19:33:07.0531 0584 Sfloppy - ok19:33:07.0578 0584 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll19:33:07.0718 0584 SharedAccess - ok19:33:07.0734 0584 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll19:33:07.0750 0584 ShellHWDetection - ok19:33:07.0750 0584 Simbad - ok19:33:07.0781 0584 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys19:33:07.0906 0584 sisagp - ok19:33:07.0937 0584 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys19:33:08.0015 0584 Sparrow - ok19:33:08.0031 0584 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys19:33:08.0171 0584 splitter - ok19:33:08.0218 0584 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe19:33:08.0250 0584 Spooler - ok19:33:08.0281 0584 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys19:33:08.0421 0584 sr - ok19:33:08.0453 0584 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll19:33:08.0578 0584 srservice - ok19:33:08.0625 0584 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys19:33:08.0656 0584 Srv - ok19:33:08.0703 0584 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll19:33:08.0828 0584 SSDPSRV - ok19:33:08.0875 0584 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll19:33:09.0046 0584 stisvc - ok19:33:09.0062 0584 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys19:33:09.0203 0584 swenum - ok19:33:09.0250 0584 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys19:33:09.0390 0584 swmidi - ok19:33:09.0390 0584 SwPrv - ok19:33:09.0406 0584 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys19:33:09.0531 0584 symc810 - ok19:33:09.0531 0584 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys19:33:09.0671 0584 symc8xx - ok19:33:09.0687 0584 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys19:33:09.0812 0584 sym_hi - ok19:33:09.0812 0584 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys19:33:09.0937 0584 sym_u3 - ok19:33:09.0953 0584 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys19:33:10.0093 0584 sysaudio - ok19:33:10.0140 0584 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe19:33:10.0281 0584 SysmonLog - ok19:33:10.0328 0584 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll19:33:10.0453 0584 TapiSrv - ok19:33:10.0515 0584 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys19:33:10.0578 0584 Tcpip - ok19:33:10.0593 0584 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys19:33:10.0750 0584 TDPIPE - ok19:33:10.0765 0584 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys19:33:10.0906 0584 TDTCP - ok19:33:10.0937 0584 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys19:33:11.0078 0584 TermDD - ok19:33:11.0093 0584 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll19:33:11.0281 0584 TermService - ok19:33:11.0296 0584 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll19:33:11.0296 0584 Themes - ok19:33:11.0328 0584 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe19:33:11.0468 0584 TlntSvr - ok19:33:11.0484 0584 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys19:33:11.0625 0584 TosIde - ok19:33:11.0640 0584 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll19:33:11.0781 0584 TrkWks - ok19:33:11.0796 0584 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys19:33:11.0921 0584 Udfs - ok19:33:11.0953 0584 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys19:33:12.0015 0584 ultra - ok19:33:12.0062 0584 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys19:33:12.0203 0584 Update - ok19:33:12.0296 0584 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll19:33:12.0437 0584 upnphost - ok19:33:12.0468 0584 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe19:33:12.0593 0584 UPS - ok19:33:12.0625 0584 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys19:33:12.0656 0584 USBAAPL - ok19:33:12.0671 0584 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys19:33:12.0812 0584 usbehci - ok19:33:12.0828 0584 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys19:33:12.0984 0584 usbhub - ok19:33:13.0015 0584 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys19:33:13.0156 0584 usbprint - ok19:33:13.0187 0584 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys19:33:13.0328 0584 usbscan - ok19:33:13.0359 0584 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys19:33:13.0484 0584 usbser - ok19:33:13.0515 0584 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS19:33:13.0656 0584 USBSTOR - ok19:33:13.0671 0584 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys19:33:13.0812 0584 usbuhci - ok19:33:13.0828 0584 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys19:33:13.0984 0584 VgaSave - ok19:33:14.0015 0584 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys19:33:14.0156 0584 viaagp - ok19:33:14.0203 0584 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys19:33:14.0343 0584 ViaIde - ok19:33:14.0359 0584 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys19:33:14.0500 0584 VolSnap - ok19:33:14.0578 0584 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe19:33:14.0718 0584 VSS - ok19:33:14.0750 0584 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll19:33:14.0890 0584 w32time - ok19:33:14.0906 0584 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys19:33:15.0031 0584 Wanarp - ok19:33:15.0046 0584 wanatw - ok19:33:15.0046 0584 WDICA - ok19:33:15.0078 0584 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys19:33:15.0218 0584 wdmaud - ok19:33:15.0250 0584 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll19:33:15.0390 0584 WebClient - ok19:33:15.0437 0584 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys19:33:15.0468 0584 winachsf - ok19:33:15.0531 0584 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll19:33:15.0671 0584 winmgmt - ok19:33:15.0687 0584 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll19:33:15.0718 0584 WmdmPmSN - ok19:33:15.0765 0584 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll19:33:15.0796 0584 Wmi - ok19:33:15.0828 0584 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe19:33:15.0953 0584 WmiApSrv - ok19:33:16.0031 0584 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe19:33:16.0078 0584 WMPNetworkSvc - ok19:33:16.0140 0584 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll19:33:16.0281 0584 wscsvc - ok19:33:16.0281 0584 WSearch - ok19:33:16.0328 0584 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll19:33:16.0468 0584 wuauserv - ok19:33:16.0515 0584 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys19:33:16.0531 0584 WudfPf - ok19:33:16.0546 0584 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys19:33:16.0562 0584 WudfRd - ok19:33:16.0593 0584 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll19:33:16.0609 0584 WudfSvc - ok19:33:16.0656 0584 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll19:33:16.0796 0584 WZCSVC - ok19:33:16.0859 0584 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll19:33:16.0984 0584 xmlprov - ok19:33:16.0984 0584 ================ Scan global ===============================19:33:17.0046 0584 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll19:33:17.0078 0584 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll19:33:17.0093 0584 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll19:33:17.0140 0584 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe19:33:17.0140 0584 [Global] - ok19:33:17.0140 0584 ================ Scan MBR ==================================19:33:17.0156 0584 [ 91722E6BC3A2B40FF00222DCA4A3DB3E ] \Device\Harddisk0\DR019:33:17.0390 0584 \Device\Harddisk0\DR0 ( TDSS File System ) - warning19:33:17.0390 0584 \Device\Harddisk0\DR0 - detected TDSS File System (1)19:33:17.0390 0584 ================ Scan VBR ==================================19:33:17.0390 0584 [ 9C4EB5919C002C7721F1E0947BA4A8CF ] \Device\Harddisk0\DR0\Partition119:33:17.0390 0584 \Device\Harddisk0\DR0\Partition1 - ok19:33:17.0390 0584 ============================================================19:33:17.0390 0584 Scan finished19:33:17.0390 0584 ============================================================19:33:17.0406 2424 Detected object count: 2519:33:17.0406 2424 Actual detected object count: 2519:34:38.0812 2424 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0812 2424 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0828 2424 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0828 2424 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0828 2424 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0828 2424 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0828 2424 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0828 2424 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0828 2424 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0828 2424 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0828 2424 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0828 2424 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0828 2424 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0828 2424 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0828 2424 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0828 2424 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0843 2424 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0843 2424 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0843 2424 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0843 2424 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0843 2424 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0843 2424 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0843 2424 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0843 2424 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0843 2424 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0843 2424 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0843 2424 ELhid ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0843 2424 ELhid ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0843 2424 ELkbd ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0843 2424 ELkbd ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0843 2424 ELmon ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0843 2424 ELmon ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0859 2424 ELmou ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0859 2424 ELmou ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0859 2424 ELService ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0859 2424 ELService ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0859 2424 IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0859 2424 IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0859 2424 MHN ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0859 2424 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0859 2424 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0859 2424 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0859 2424 NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0859 2424 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0859 2424 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0859 2424 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0859 2424 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - skipped by user19:34:38.0859 2424 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - User select action: Skip19:34:38.0875 2424 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user19:34:38.0875 2424 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip Link to post Share on other sites More sharing options...
Tomk1 Posted March 21, 2013 ID:659237 Share Posted March 21, 2013 You did correctly. You only found orphaned traces of the virus.You could rerun the program and use it to only delete these two entries:19:34:38.0875 2424 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user19:34:38.0875 2424 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: SkipThen:Download ComboFix from here: http://download.blee...Bs/ComboFix.exe* IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatth...ams_t96260.htmlDouble click on ComboFix.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:Click on Yes, to continue scanning for malware.When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.Notes:1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine. Link to post Share on other sites More sharing options...
kgej_73 Posted March 21, 2013 Author ID:659281 Share Posted March 21, 2013 I deleted the TDSS Killer entry you specified. Then I followed the instructions for downloading and running ComboFix, however when it got to the "scanning for malware" part, I got the blue screen of death.After that I ran another scan on TDSS Killer, and the threat count went up from 24 to 25 again. Here is the new log for that.22:45:02.0343 2100 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:4222:45:02.0703 2100 ============================================================22:45:02.0703 2100 Current date / time: 2013/03/20 22:45:02.070322:45:02.0703 2100 SystemInfo:22:45:02.0703 2100 22:45:02.0703 2100 OS Version: 5.1.2600 ServicePack: 3.022:45:02.0703 2100 Product type: Workstation22:45:02.0703 2100 ComputerName: MAIN_COMPUTER22:45:02.0703 2100 UserName: Glenn22:45:02.0703 2100 Windows directory: C:\WINDOWS22:45:02.0703 2100 System windows directory: C:\WINDOWS22:45:02.0703 2100 Processor architecture: Intel x8622:45:02.0703 2100 Number of processors: 222:45:02.0703 2100 Page size: 0x100022:45:02.0703 2100 Boot type: Normal boot22:45:02.0703 2100 ============================================================22:45:03.0203 2100 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005022:45:03.0218 2100 ============================================================22:45:03.0218 2100 \Device\Harddisk0\DR0:22:45:03.0218 2100 MBR partitions:22:45:03.0218 2100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x120A4B9822:45:03.0218 2100 ============================================================22:45:03.0234 2100 C: <-> \Device\Harddisk0\DR0\Partition122:45:03.0234 2100 ============================================================22:45:03.0234 2100 Initialize success22:45:03.0234 2100 ============================================================22:45:23.0000 3372 ============================================================22:45:23.0000 3372 Scan started22:45:23.0000 3372 Mode: Manual; SigCheck; TDLFS;22:45:23.0000 3372 ============================================================22:45:23.0078 3372 ================ Scan system memory ========================22:45:23.0078 3372 System memory - ok22:45:23.0078 3372 ================ Scan services =============================22:45:23.0171 3372 Abiosdsk - ok22:45:23.0218 3372 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS22:45:25.0843 3372 abp480n5 - ok22:45:25.0875 3372 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys22:45:26.0093 3372 ACPI - ok22:45:26.0109 3372 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys22:45:26.0250 3372 ACPIEC - ok22:45:26.0281 3372 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys22:45:26.0437 3372 adpu160m - ok22:45:26.0453 3372 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys22:45:26.0593 3372 aec - ok22:45:26.0640 3372 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys22:45:26.0718 3372 AFD - ok22:45:26.0750 3372 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys22:45:26.0906 3372 agp440 - ok22:45:26.0906 3372 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys22:45:27.0046 3372 agpCPQ - ok22:45:27.0046 3372 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys22:45:27.0109 3372 Aha154x - ok22:45:27.0125 3372 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys22:45:27.0265 3372 aic78u2 - ok22:45:27.0281 3372 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys22:45:27.0437 3372 aic78xx - ok22:45:27.0468 3372 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll22:45:27.0609 3372 Alerter - ok22:45:27.0625 3372 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe22:45:27.0781 3372 ALG - ok22:45:27.0796 3372 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys22:45:27.0937 3372 AliIde - ok22:45:27.0968 3372 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys22:45:28.0125 3372 alim1541 - ok22:45:28.0140 3372 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys22:45:28.0281 3372 amdagp - ok22:45:28.0296 3372 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys22:45:28.0406 3372 amsint - ok22:45:28.0484 3372 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe22:45:28.0515 3372 Apple Mobile Device - ok22:45:28.0546 3372 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll22:45:28.0703 3372 AppMgmt - ok22:45:28.0734 3372 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys22:45:28.0875 3372 Arp1394 - ok22:45:28.0906 3372 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys22:45:29.0062 3372 asc - ok22:45:29.0062 3372 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys22:45:29.0125 3372 asc3350p - ok22:45:29.0140 3372 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys22:45:29.0281 3372 asc3550 - ok22:45:29.0296 3372 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys22:45:29.0312 3372 ASCTRM ( UnsignedFile.Multi.Generic ) - warning22:45:29.0312 3372 ASCTRM - detected UnsignedFile.Multi.Generic (1)22:45:29.0421 3372 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe22:45:29.0437 3372 aspnet_state - ok22:45:29.0437 3372 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys22:45:29.0593 3372 AsyncMac - ok22:45:29.0609 3372 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys22:45:29.0750 3372 atapi - ok22:45:29.0765 3372 Atdisk - ok22:45:29.0812 3372 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys22:45:29.0968 3372 Atmarpc - ok22:45:30.0000 3372 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll22:45:30.0140 3372 AudioSrv - ok22:45:30.0171 3372 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys22:45:30.0328 3372 audstub - ok22:45:30.0375 3372 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys22:45:30.0531 3372 Beep - ok22:45:30.0578 3372 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll22:45:30.0765 3372 BITS - ok22:45:30.0812 3372 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe22:45:30.0843 3372 Bonjour Service - ok22:45:30.0890 3372 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll22:45:30.0953 3372 Browser - ok22:45:30.0968 3372 bvrp_pci - ok22:45:30.0984 3372 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys22:45:31.0140 3372 cbidf - ok22:45:31.0156 3372 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys22:45:31.0296 3372 cbidf2k - ok22:45:31.0328 3372 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys22:45:31.0390 3372 cd20xrnt - ok22:45:31.0421 3372 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys22:45:31.0578 3372 Cdaudio - ok22:45:31.0609 3372 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys22:45:31.0734 3372 Cdfs - ok22:45:31.0781 3372 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys22:45:31.0906 3372 Cdrom - ok22:45:31.0921 3372 Changer - ok22:45:31.0937 3372 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe22:45:32.0078 3372 CiSvc - ok22:45:32.0140 3372 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe22:45:32.0281 3372 ClipSrv - ok22:45:32.0312 3372 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe22:45:32.0359 3372 clr_optimization_v2.0.50727_32 - ok22:45:32.0390 3372 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys22:45:32.0578 3372 CmdIde - ok22:45:32.0609 3372 [ 1EF05B641E9A67DED74AC8AD40055DBF ] COMMONFX.DLL C:\WINDOWS\system32\COMMONFX.DLL22:45:32.0671 3372 COMMONFX.DLL - ok22:45:32.0671 3372 COMSysApp - ok22:45:32.0703 3372 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys22:45:32.0859 3372 Cpqarray - ok22:45:32.0906 3372 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE22:45:32.0921 3372 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning22:45:32.0921 3372 Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)22:45:32.0937 3372 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll22:45:33.0078 3372 CryptSvc - ok22:45:33.0093 3372 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL22:45:33.0343 3372 CT20XUT.DLL - ok22:45:33.0390 3372 [ 8AC5F77E30E37D2D11BD99EFF0C53D8C ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys22:45:33.0437 3372 ctac32k - ok22:45:33.0484 3372 [ 673241D314E932F4890509AE8EBF26DB ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys22:45:33.0546 3372 ctaud2k - ok22:45:33.0593 3372 [ 472B82D7E549E7FAB428852E4D16F21D ] CTAUDFX.DLL C:\WINDOWS\system32\CTAUDFX.DLL22:45:33.0796 3372 CTAUDFX.DLL - ok22:45:33.0843 3372 [ ED316D4C3D39C5B6C23DE067E275C183 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys22:45:33.0890 3372 ctdvda2k - ok22:45:33.0937 3372 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL22:45:34.0078 3372 CTEAPSFX.DLL - ok22:45:34.0109 3372 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL22:45:34.0250 3372 CTEDSPFX.DLL - ok22:45:34.0281 3372 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL22:45:34.0828 3372 CTEDSPIO.DLL - ok22:45:34.0859 3372 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL22:45:35.0031 3372 CTEDSPSY.DLL - ok22:45:35.0046 3372 [ D3FBD9983325435B06795F29CB57ED3D ] CTERFXFX.DLL C:\WINDOWS\system32\CTERFXFX.DLL22:45:35.0203 3372 CTERFXFX.DLL - ok22:45:35.0265 3372 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL22:45:35.0937 3372 CTEXFIFX.DLL - ok22:45:35.0953 3372 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL22:45:36.0109 3372 CTHWIUT.DLL - ok22:45:36.0140 3372 [ 34E7F8A499FD8361DF14FEDB724C0AD3 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys22:45:36.0156 3372 ctprxy2k - ok22:45:36.0187 3372 [ 679AE21EB7F48A08184813AEBABDEC7C ] CTSBLFX.DLL C:\WINDOWS\system32\CTSBLFX.DLL22:45:36.0765 3372 CTSBLFX.DLL - ok22:45:36.0796 3372 [ 32098497CB4DFE9EA7660FA62DD91060 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys22:45:36.0828 3372 ctsfm2k - ok22:45:36.0859 3372 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys22:45:37.0000 3372 dac2w2k - ok22:45:37.0015 3372 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys22:45:37.0156 3372 dac960nt - ok22:45:37.0203 3372 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll22:45:37.0265 3372 DcomLaunch - ok22:45:37.0296 3372 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll22:45:37.0453 3372 Dhcp - ok22:45:37.0484 3372 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys22:45:37.0625 3372 Disk - ok22:45:37.0687 3372 [ E2D0DE31442390C35E3163C87CB6A9EB ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS22:45:37.0703 3372 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning22:45:37.0703 3372 DLABOIOM - detected UnsignedFile.Multi.Generic (1)22:45:37.0718 3372 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS22:45:37.0750 3372 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning22:45:37.0750 3372 DLACDBHM - detected UnsignedFile.Multi.Generic (1)22:45:37.0750 3372 [ 83545593E297F50A8E2524B4C071A153 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS22:45:37.0781 3372 DLADResN ( UnsignedFile.Multi.Generic ) - warning22:45:37.0781 3372 DLADResN - detected UnsignedFile.Multi.Generic (1)22:45:37.0781 3372 [ 96E01D901CDC98C7817155CC057001BF ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS22:45:37.0796 3372 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning22:45:37.0796 3372 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)22:45:37.0796 3372 [ 0A60A39CC5E767980A31CA5D7238DFA9 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS22:45:37.0812 3372 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning22:45:37.0812 3372 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)22:45:37.0812 3372 [ 9FE2B72558FC808357F427FD83314375 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS22:45:37.0828 3372 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning22:45:37.0828 3372 DLAPoolM - detected UnsignedFile.Multi.Generic (1)22:45:37.0828 3372 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS22:45:37.0843 3372 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning22:45:37.0843 3372 DLARTL_N - detected UnsignedFile.Multi.Generic (1)22:45:37.0843 3372 [ F08E1DAFAC457893399E03430A6A1397 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS22:45:37.0859 3372 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning22:45:37.0859 3372 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)22:45:37.0875 3372 [ E7D105ED1E694449D444A9933DF8E060 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS22:45:37.0875 3372 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning22:45:37.0875 3372 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)22:45:37.0890 3372 dmadmin - ok22:45:37.0984 3372 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys22:45:38.0140 3372 dmboot - ok22:45:38.0156 3372 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys22:45:38.0296 3372 dmio - ok22:45:38.0328 3372 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys22:45:38.0484 3372 dmload - ok22:45:38.0515 3372 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll22:45:38.0656 3372 dmserver - ok22:45:38.0671 3372 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys22:45:38.0828 3372 DMusic - ok22:45:38.0859 3372 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll22:45:38.0953 3372 Dnscache - ok22:45:39.0000 3372 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll22:45:39.0156 3372 Dot3svc - ok22:45:39.0171 3372 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys22:45:39.0312 3372 dpti2o - ok22:45:39.0328 3372 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys22:45:39.0468 3372 drmkaud - ok22:45:39.0484 3372 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS22:45:39.0484 3372 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning22:45:39.0484 3372 DRVMCDB - detected UnsignedFile.Multi.Generic (1)22:45:39.0500 3372 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS22:45:39.0515 3372 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning22:45:39.0515 3372 DRVNDDM - detected UnsignedFile.Multi.Generic (1)22:45:39.0515 3372 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys22:45:39.0671 3372 E100B - ok22:45:39.0703 3372 [ 0849EACDC01487573ADD86F5E470806C ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys22:45:39.0781 3372 e1express - ok22:45:39.0828 3372 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll22:45:39.0953 3372 EapHost - ok22:45:40.0031 3372 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe22:45:40.0078 3372 ehRecvr - ok22:45:40.0093 3372 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe22:45:40.0140 3372 ehSched - ok22:45:40.0187 3372 [ 1976FEDF6D7F87135C9B7F5CB4C8C868 ] ELacpi C:\WINDOWS\system32\DRIVERS\ELacpi.sys22:45:40.0218 3372 ELacpi - ok22:45:40.0234 3372 [ AE65C02444907966378454138B9F99F0 ] ELhid C:\WINDOWS\system32\DRIVERS\ELhid.sys22:45:40.0250 3372 ELhid ( UnsignedFile.Multi.Generic ) - warning22:45:40.0250 3372 ELhid - detected UnsignedFile.Multi.Generic (1)22:45:40.0265 3372 [ E485C3BA1DADDEEF3E14FEA1E8FDA6E1 ] ELkbd C:\WINDOWS\system32\DRIVERS\ELkbd.sys22:45:40.0281 3372 ELkbd ( UnsignedFile.Multi.Generic ) - warning22:45:40.0281 3372 ELkbd - detected UnsignedFile.Multi.Generic (1)22:45:40.0281 3372 [ 0D87CB825ED6CB2EBCC147A10A42F1D6 ] ELmon C:\WINDOWS\system32\DRIVERS\ELmon.sys22:45:40.0296 3372 ELmon ( UnsignedFile.Multi.Generic ) - warning22:45:40.0296 3372 ELmon - detected UnsignedFile.Multi.Generic (1)22:45:40.0296 3372 [ A4ADD3847B67BACAB6FC851A2B60FDB3 ] ELmou C:\WINDOWS\system32\DRIVERS\ELmou.sys22:45:40.0312 3372 ELmou ( UnsignedFile.Multi.Generic ) - warning22:45:40.0312 3372 ELmou - detected UnsignedFile.Multi.Generic (1)22:45:40.0375 3372 [ D1DE16926C682DCD3D99AE5500CA5522 ] ELService C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe22:45:40.0437 3372 ELService ( UnsignedFile.Multi.Generic ) - warning22:45:40.0437 3372 ELService - detected UnsignedFile.Multi.Generic (1)22:45:40.0453 3372 [ 2885F72D2DAFFD0329272F12E16D6579 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys22:45:40.0468 3372 emupia - ok22:45:40.0515 3372 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll22:45:40.0671 3372 ERSvc - ok22:45:40.0703 3372 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe22:45:40.0734 3372 Eventlog - ok22:45:40.0765 3372 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll22:45:40.0796 3372 EventSystem - ok22:45:40.0812 3372 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys22:45:40.0968 3372 Fastfat - ok22:45:40.0984 3372 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll22:45:41.0046 3372 FastUserSwitchingCompatibility - ok22:45:41.0093 3372 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe22:45:41.0234 3372 Fax - ok22:45:41.0265 3372 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys22:45:41.0406 3372 Fdc - ok22:45:41.0421 3372 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys22:45:41.0578 3372 Fips - ok22:45:41.0593 3372 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys22:45:41.0781 3372 Flpydisk - ok22:45:41.0828 3372 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys22:45:41.0968 3372 FltMgr - ok22:45:42.0031 3372 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe22:45:42.0062 3372 FontCache3.0.0.0 - ok22:45:42.0093 3372 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys22:45:42.0234 3372 Fs_Rec - ok22:45:42.0265 3372 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys22:45:42.0421 3372 Ftdisk - ok22:45:42.0453 3372 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys22:45:42.0593 3372 gameenum - ok22:45:42.0625 3372 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys22:45:42.0656 3372 GEARAspiWDM - ok22:45:42.0671 3372 [ 1BFABBB4C99E1FDBC7B756BE39868D03 ] gfiark C:\WINDOWS\system32\drivers\gfiark.sys22:45:42.0703 3372 gfiark - ok22:45:42.0718 3372 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys22:45:42.0859 3372 Gpc - ok22:45:42.0921 3372 [ DA2C735B66D2E7B739F9A46146581A9D ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys22:45:42.0984 3372 ha10kx2k - ok22:45:43.0000 3372 [ 5C7D6D68796E4621B4168C879908DAE0 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys22:45:43.0046 3372 hap16v2k - ok22:45:43.0078 3372 [ A595B88AD16D8B5693DDF08113CAF30E ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys22:45:43.0109 3372 hap17v2k - ok22:45:43.0156 3372 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll22:45:43.0312 3372 helpsvc - ok22:45:43.0312 3372 HidServ - ok22:45:43.0343 3372 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys22:45:43.0484 3372 HidUsb - ok22:45:43.0515 3372 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll22:45:43.0671 3372 hkmsvc - ok22:45:43.0703 3372 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys22:45:43.0843 3372 hpn - ok22:45:43.0859 3372 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys22:45:43.0921 3372 HSFHWBS2 - ok22:45:43.0953 3372 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys22:45:44.0015 3372 HSF_DP - ok22:45:44.0078 3372 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys22:45:44.0140 3372 HTTP - ok22:45:44.0171 3372 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll22:45:44.0312 3372 HTTPFilter - ok22:45:44.0343 3372 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys22:45:44.0468 3372 i2omgmt - ok22:45:44.0500 3372 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys22:45:44.0640 3372 i2omp - ok22:45:44.0640 3372 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys22:45:44.0781 3372 i8042prt - ok22:45:44.0812 3372 [ D43E91E271C041BB86A6223462A41D28 ] IAANTMon C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe22:45:44.0828 3372 IAANTMon ( UnsignedFile.Multi.Generic ) - warning22:45:44.0828 3372 IAANTMon - detected UnsignedFile.Multi.Generic (1)22:45:44.0875 3372 [ 9A65E42664D1534B68512CAAD0EFE963 ] iastor C:\WINDOWS\system32\drivers\iastor.sys22:45:44.0953 3372 iastor - ok22:45:45.0125 3372 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe22:45:45.0171 3372 idsvc - ok22:45:45.0203 3372 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys22:45:45.0343 3372 Imapi - ok22:45:45.0375 3372 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe22:45:45.0500 3372 ImapiService - ok22:45:45.0531 3372 [ 1DA147ACB525A4822228BE06154C7CBB ] InCDfs C:\WINDOWS\system32\drivers\InCDFs.sys22:45:45.0578 3372 InCDfs - ok22:45:45.0578 3372 [ 2EC469A401AE6FE7A67D80EFFD3091B1 ] InCDPass C:\WINDOWS\system32\drivers\InCDPass.sys22:45:45.0609 3372 InCDPass - ok22:45:45.0625 3372 [ 544498D06B8CA187A5960B4F3B4BD63E ] InCDRec C:\WINDOWS\system32\drivers\InCDRec.sys22:45:45.0640 3372 InCDRec - ok22:45:45.0656 3372 [ 2863A00B0F64D937F0CD9561C53B5A37 ] incdrm C:\WINDOWS\system32\drivers\InCDRm.sys22:45:45.0671 3372 incdrm - ok22:45:45.0765 3372 [ CA32EA0F5FC2A36CA44AD7238F18C248 ] InCDsrv C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe22:45:45.0890 3372 InCDsrv - ok22:45:45.0921 3372 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys22:45:46.0078 3372 ini910u - ok22:45:46.0093 3372 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys22:45:46.0234 3372 IntelIde - ok22:45:46.0265 3372 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys22:45:46.0390 3372 intelppm - ok22:45:46.0421 3372 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys22:45:46.0578 3372 Ip6Fw - ok22:45:46.0609 3372 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys22:45:46.0750 3372 IpFilterDriver - ok22:45:46.0796 3372 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys22:45:46.0921 3372 IpInIp - ok22:45:46.0953 3372 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys22:45:47.0078 3372 IpNat - ok22:45:47.0125 3372 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe22:45:47.0156 3372 iPod Service - ok22:45:47.0171 3372 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys22:45:47.0296 3372 IPSec - ok22:45:47.0328 3372 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys22:45:47.0453 3372 IRENUM - ok22:45:47.0484 3372 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys22:45:47.0656 3372 isapnp - ok22:45:47.0750 3372 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe22:45:47.0765 3372 JavaQuickStarterService - ok22:45:47.0781 3372 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys22:45:47.0921 3372 Kbdclass - ok22:45:47.0921 3372 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys22:45:48.0062 3372 kbdhid - ok22:45:48.0078 3372 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys22:45:48.0218 3372 kmixer - ok22:45:48.0250 3372 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys22:45:48.0296 3372 KSecDD - ok22:45:48.0343 3372 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll22:45:48.0421 3372 lanmanserver - ok22:45:48.0453 3372 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll22:45:48.0500 3372 lanmanworkstation - ok22:45:48.0500 3372 lbrtfdc - ok22:45:48.0546 3372 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll22:45:48.0703 3372 LmHosts - ok22:45:48.0718 3372 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys22:45:48.0750 3372 MBAMProtector - ok22:45:48.0781 3372 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe22:45:48.0812 3372 MBAMScheduler - ok22:45:48.0843 3372 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe22:45:48.0906 3372 MBAMService - ok22:45:48.0937 3372 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe22:45:48.0984 3372 McrdSvc - ok22:45:49.0031 3372 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE22:45:49.0062 3372 MDM - ok22:45:49.0062 3372 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys22:45:49.0093 3372 mdmxsdk - ok22:45:49.0125 3372 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll22:45:49.0281 3372 Messenger - ok22:45:49.0312 3372 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll22:45:49.0343 3372 MHN ( UnsignedFile.Multi.Generic ) - warning22:45:49.0343 3372 MHN - detected UnsignedFile.Multi.Generic (1)22:45:49.0375 3372 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys22:45:49.0375 3372 MHNDRV ( UnsignedFile.Multi.Generic ) - warning22:45:49.0375 3372 MHNDRV - detected UnsignedFile.Multi.Generic (1)22:45:49.0406 3372 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys22:45:49.0546 3372 mnmdd - ok22:45:49.0578 3372 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe22:45:49.0718 3372 mnmsrvc - ok22:45:49.0750 3372 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys22:45:49.0875 3372 Modem - ok22:45:49.0906 3372 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys22:45:50.0062 3372 MODEMCSA - ok22:45:50.0109 3372 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys22:45:50.0234 3372 Mouclass - ok22:45:50.0265 3372 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys22:45:50.0406 3372 mouhid - ok22:45:50.0421 3372 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys22:45:50.0562 3372 MountMgr - ok22:45:50.0593 3372 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys22:45:50.0750 3372 mraid35x - ok22:45:50.0750 3372 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys22:45:50.0890 3372 MRxDAV - ok22:45:50.0937 3372 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys22:45:51.0015 3372 MRxSmb - ok22:45:51.0062 3372 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe22:45:51.0203 3372 MSDTC - ok22:45:51.0218 3372 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys22:45:51.0343 3372 Msfs - ok22:45:51.0343 3372 MSIServer - ok22:45:51.0375 3372 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys22:45:51.0515 3372 MSKSSRV - ok22:45:51.0562 3372 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys22:45:51.0687 3372 MSPCLOCK - ok22:45:51.0718 3372 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys22:45:51.0859 3372 MSPQM - ok22:45:51.0875 3372 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys22:45:52.0015 3372 mssmbios - ok22:45:52.0062 3372 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys22:45:52.0109 3372 Mup - ok22:45:52.0156 3372 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll22:45:52.0296 3372 napagent - ok22:45:52.0328 3372 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys22:45:52.0484 3372 NDIS - ok22:45:52.0515 3372 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys22:45:52.0562 3372 NdisTapi - ok22:45:52.0593 3372 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys22:45:52.0765 3372 Ndisuio - ok22:45:52.0765 3372 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys22:45:52.0890 3372 NdisWan - ok22:45:52.0937 3372 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys22:45:52.0968 3372 NDProxy - ok22:45:53.0000 3372 [ A8960FA773CCC3E38515F637E19A76C0 ] NeroRegInCDSrv C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe22:45:53.0031 3372 NeroRegInCDSrv - ok22:45:53.0046 3372 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys22:45:53.0187 3372 NetBIOS - ok22:45:53.0250 3372 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys22:45:53.0390 3372 NetBT - ok22:45:53.0453 3372 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe22:45:53.0609 3372 NetDDE - ok22:45:53.0609 3372 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe22:45:53.0750 3372 NetDDEdsdm - ok22:45:53.0796 3372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe22:45:53.0921 3372 Netlogon - ok22:45:53.0968 3372 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll22:45:54.0109 3372 Netman - ok22:45:54.0250 3372 [ 9DA26B773BD04B867A8E9F427CD048FC ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe22:45:54.0265 3372 NetSvc ( UnsignedFile.Multi.Generic ) - warning22:45:54.0265 3372 NetSvc - detected UnsignedFile.Multi.Generic (1)22:45:54.0328 3372 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe22:45:54.0343 3372 NetTcpPortSharing - ok22:45:54.0375 3372 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys22:45:54.0515 3372 NIC1394 - ok22:45:54.0531 3372 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll22:45:54.0578 3372 Nla - ok22:45:54.0656 3372 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe22:45:54.0703 3372 NMIndexingService - ok22:45:54.0734 3372 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys22:45:54.0859 3372 Npfs - ok22:45:54.0906 3372 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys22:45:55.0093 3372 Ntfs - ok22:45:55.0109 3372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe22:45:55.0234 3372 NtLmSsp - ok22:45:55.0312 3372 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll22:45:55.0453 3372 NtmsSvc - ok22:45:55.0468 3372 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys22:45:55.0625 3372 Null - ok22:45:55.0984 3372 [ 7C56F3FD65B2BDB315CA3605A5392D7B ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys22:45:56.0406 3372 nv - ok22:45:56.0437 3372 [ 1982E96B2C5C2EFFEF38EFC37293A42E ] NVSvc C:\WINDOWS\system32\nvsvc32.exe22:45:56.0484 3372 NVSvc - ok22:45:56.0546 3372 [ E6568D2D90028207587CB43CD8E5FD01 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe22:45:56.0656 3372 nvUpdatusService - ok22:45:56.0687 3372 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys22:45:56.0843 3372 NwlnkFlt - ok22:45:56.0859 3372 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys22:45:57.0000 3372 NwlnkFwd - ok22:45:57.0015 3372 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys22:45:57.0156 3372 ohci1394 - ok22:45:57.0203 3372 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE22:45:57.0234 3372 ose - ok22:45:57.0250 3372 [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys22:45:57.0281 3372 ossrv - ok22:45:57.0328 3372 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys22:45:57.0468 3372 Parport - ok22:45:57.0500 3372 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys22:45:57.0625 3372 PartMgr - ok22:45:57.0656 3372 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys22:45:57.0812 3372 ParVdm - ok22:45:57.0812 3372 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys22:45:57.0953 3372 PCI - ok22:45:57.0968 3372 PCIDump - ok22:45:57.0984 3372 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys22:45:58.0140 3372 PCIIde - ok22:45:58.0187 3372 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys22:45:58.0328 3372 Pcmcia - ok22:45:58.0328 3372 PDCOMP - ok22:45:58.0343 3372 PDFRAME - ok22:45:58.0343 3372 PDRELI - ok22:45:58.0343 3372 PDRFRAME - ok22:45:58.0359 3372 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys22:45:58.0515 3372 perc2 - ok22:45:58.0531 3372 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys22:45:58.0734 3372 perc2hib - ok22:45:58.0890 3372 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE22:45:58.0937 3372 PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning22:45:58.0937 3372 PEVSystemStart - detected UnsignedFile.Multi.Generic (1)22:45:58.0968 3372 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe22:45:58.0984 3372 PlugPlay - ok22:45:59.0000 3372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe22:45:59.0125 3372 PolicyAgent - ok22:45:59.0156 3372 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys22:45:59.0296 3372 PptpMiniport - ok22:45:59.0296 3372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe22:45:59.0437 3372 ProtectedStorage - ok22:45:59.0437 3372 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys22:45:59.0578 3372 PSched - ok22:45:59.0593 3372 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys22:45:59.0734 3372 Ptilink - ok22:45:59.0750 3372 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys22:45:59.0765 3372 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning22:45:59.0765 3372 PxHelp20 - detected UnsignedFile.Multi.Generic (1)22:45:59.0796 3372 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys22:45:59.0937 3372 ql1080 - ok22:45:59.0968 3372 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys22:46:00.0109 3372 Ql10wnt - ok22:46:00.0125 3372 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys22:46:00.0250 3372 ql12160 - ok22:46:00.0265 3372 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys22:46:00.0406 3372 ql1240 - ok22:46:00.0406 3372 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys22:46:00.0546 3372 ql1280 - ok22:46:00.0562 3372 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys22:46:00.0703 3372 RasAcd - ok22:46:00.0750 3372 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll22:46:00.0906 3372 RasAuto - ok22:46:00.0921 3372 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys22:46:01.0062 3372 Rasl2tp - ok22:46:01.0109 3372 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll22:46:01.0234 3372 RasMan - ok22:46:01.0265 3372 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys22:46:01.0406 3372 RasPppoe - ok22:46:01.0406 3372 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys22:46:01.0546 3372 Raspti - ok22:46:01.0578 3372 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys22:46:01.0718 3372 Rdbss - ok22:46:01.0718 3372 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys22:46:01.0875 3372 RDPCDD - ok22:46:01.0890 3372 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys22:46:02.0046 3372 rdpdr - ok22:46:02.0093 3372 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys22:46:02.0140 3372 RDPWD - ok22:46:02.0187 3372 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe22:46:02.0328 3372 RDSessMgr - ok22:46:02.0375 3372 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys22:46:02.0515 3372 redbook - ok22:46:02.0546 3372 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll22:46:02.0703 3372 RemoteAccess - ok22:46:02.0734 3372 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll22:46:02.0875 3372 RemoteRegistry - ok22:46:02.0921 3372 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe22:46:03.0062 3372 RpcLocator - ok22:46:03.0078 3372 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll22:46:03.0109 3372 RpcSs - ok22:46:03.0140 3372 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe22:46:03.0281 3372 RSVP - ok22:46:03.0296 3372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe22:46:03.0437 3372 SamSs - ok22:46:03.0453 3372 [ D087A031E2E07B21E7A4F92ED657B985 ] SamsungMonitorFirmware C:\WINDOWS\system32\drivers\MFWCtwl.sys22:46:03.0734 3372 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - warning22:46:03.0734 3372 SamsungMonitorFirmware - detected UnsignedFile.Multi.Generic (1)22:46:03.0921 3372 [ 03C67BDB26D79BC71406F52E385926A1 ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe22:46:04.0046 3372 SBAMSvc - ok22:46:04.0093 3372 [ 40AA51F794921683CA143EE27F2F4171 ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys22:46:04.0125 3372 sbaphd - ok22:46:04.0125 3372 [ 701109A92E144182E262BCC8DD898DC5 ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys22:46:04.0171 3372 sbapifs - ok22:46:04.0203 3372 [ E0F866D00F85F55A04E066FEE23065F9 ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe22:46:04.0234 3372 SBPIMSvc - ok22:46:04.0250 3372 [ 0FCFE672B915687F5BFC0FD8944B360C ] sbtis C:\WINDOWS\system32\drivers\sbtis.sys22:46:04.0296 3372 sbtis - ok22:46:04.0328 3372 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe22:46:04.0468 3372 SCardSvr - ok22:46:04.0500 3372 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll22:46:04.0656 3372 Schedule - ok22:46:04.0703 3372 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys22:46:04.0875 3372 Secdrv - ok22:46:04.0890 3372 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll22:46:05.0046 3372 seclogon - ok22:46:05.0046 3372 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll22:46:05.0187 3372 SENS - ok22:46:05.0187 3372 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys22:46:05.0328 3372 serenum - ok22:46:05.0375 3372 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys22:46:05.0515 3372 Serial - ok22:46:05.0546 3372 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys22:46:05.0687 3372 Sfloppy - ok22:46:05.0718 3372 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll22:46:05.0890 3372 SharedAccess - ok22:46:05.0890 3372 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll22:46:05.0937 3372 ShellHWDetection - ok22:46:05.0937 3372 Simbad - ok22:46:05.0968 3372 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys22:46:06.0093 3372 sisagp - ok22:46:06.0140 3372 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys22:46:06.0218 3372 Sparrow - ok22:46:06.0234 3372 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys22:46:06.0359 3372 splitter - ok22:46:06.0390 3372 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe22:46:06.0453 3372 Spooler - ok22:46:06.0484 3372 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys22:46:06.0640 3372 sr - ok22:46:06.0671 3372 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll22:46:06.0812 3372 srservice - ok22:46:06.0843 3372 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys22:46:06.0921 3372 Srv - ok22:46:06.0953 3372 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll22:46:07.0093 3372 SSDPSRV - ok22:46:07.0109 3372 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll22:46:07.0281 3372 stisvc - ok22:46:07.0296 3372 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys22:46:07.0437 3372 swenum - ok22:46:07.0453 3372 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys22:46:07.0609 3372 swmidi - ok22:46:07.0609 3372 SwPrv - ok22:46:07.0625 3372 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys22:46:07.0765 3372 symc810 - ok22:46:07.0781 3372 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys22:46:07.0921 3372 symc8xx - ok22:46:07.0937 3372 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys22:46:08.0062 3372 sym_hi - ok22:46:08.0078 3372 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys22:46:08.0218 3372 sym_u3 - ok22:46:08.0234 3372 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys22:46:08.0375 3372 sysaudio - ok22:46:08.0421 3372 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe22:46:08.0562 3372 SysmonLog - ok22:46:08.0609 3372 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll22:46:08.0765 3372 TapiSrv - ok22:46:08.0812 3372 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys22:46:08.0843 3372 Tcpip - ok22:46:08.0875 3372 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys22:46:09.0015 3372 TDPIPE - ok22:46:09.0031 3372 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys22:46:09.0187 3372 TDTCP - ok22:46:09.0218 3372 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys22:46:09.0359 3372 TermDD - ok22:46:09.0421 3372 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll22:46:09.0578 3372 TermService - ok22:46:09.0593 3372 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll22:46:09.0625 3372 Themes - ok22:46:09.0640 3372 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe22:46:09.0796 3372 TlntSvr - ok22:46:09.0812 3372 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys22:46:09.0953 3372 TosIde - ok22:46:09.0984 3372 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll22:46:10.0140 3372 TrkWks - ok22:46:10.0156 3372 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys22:46:10.0296 3372 Udfs - ok22:46:10.0312 3372 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys22:46:10.0406 3372 ultra - ok22:46:10.0437 3372 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys22:46:10.0578 3372 Update - ok22:46:10.0671 3372 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll22:46:10.0828 3372 upnphost - ok22:46:10.0843 3372 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe22:46:10.0968 3372 UPS - ok22:46:11.0000 3372 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys22:46:11.0046 3372 USBAAPL - ok22:46:11.0062 3372 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys22:46:11.0218 3372 usbehci - ok22:46:11.0250 3372 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys22:46:11.0390 3372 usbhub - ok22:46:11.0406 3372 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys22:46:11.0546 3372 usbprint - ok22:46:11.0593 3372 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys22:46:11.0734 3372 usbscan - ok22:46:11.0765 3372 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys22:46:11.0890 3372 usbser - ok22:46:11.0937 3372 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS22:46:12.0078 3372 USBSTOR - ok22:46:12.0078 3372 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys22:46:12.0218 3372 usbuhci - ok22:46:12.0234 3372 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys22:46:12.0375 3372 VgaSave - ok22:46:12.0421 3372 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys22:46:12.0578 3372 viaagp - ok22:46:12.0609 3372 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys22:46:12.0765 3372 ViaIde - ok22:46:12.0781 3372 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys22:46:12.0921 3372 VolSnap - ok22:46:12.0984 3372 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe22:46:13.0125 3372 VSS - ok22:46:13.0156 3372 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll22:46:13.0296 3372 w32time - ok22:46:13.0312 3372 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys22:46:13.0468 3372 Wanarp - ok22:46:13.0468 3372 wanatw - ok22:46:13.0468 3372 WDICA - ok22:46:13.0500 3372 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys22:46:13.0640 3372 wdmaud - ok22:46:13.0671 3372 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll22:46:13.0828 3372 WebClient - ok22:46:13.0875 3372 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys22:46:13.0906 3372 winachsf - ok22:46:13.0968 3372 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll22:46:14.0109 3372 winmgmt - ok22:46:14.0140 3372 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll22:46:14.0234 3372 WmdmPmSN - ok22:46:14.0281 3372 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll22:46:14.0312 3372 Wmi - ok22:46:14.0343 3372 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe22:46:14.0484 3372 WmiApSrv - ok22:46:14.0578 3372 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe22:46:14.0671 3372 WMPNetworkSvc - ok22:46:14.0687 3372 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys22:46:14.0859 3372 WS2IFSL - ok22:46:14.0890 3372 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll22:46:15.0015 3372 wscsvc - ok22:46:15.0031 3372 WSearch - ok22:46:15.0062 3372 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll22:46:15.0203 3372 wuauserv - ok22:46:15.0234 3372 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys22:46:15.0312 3372 WudfPf - ok22:46:15.0390 3372 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys22:46:15.0421 3372 WudfRd - ok22:46:15.0437 3372 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll22:46:15.0484 3372 WudfSvc - ok22:46:15.0531 3372 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll22:46:15.0671 3372 WZCSVC - ok22:46:15.0703 3372 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll22:46:15.0843 3372 xmlprov - ok Link to post Share on other sites More sharing options...
kgej_73 Posted March 21, 2013 Author ID:659282 Share Posted March 21, 2013 Second part of my updated TDSS Killer log.22:46:15.0843 3372 ================ Scan global ===============================22:46:15.0890 3372 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll22:46:15.0937 3372 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll22:46:15.0968 3372 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll22:46:15.0984 3372 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe22:46:15.0984 3372 [Global] - ok22:46:15.0984 3372 ================ Scan MBR ==================================22:46:16.0015 3372 [ 91722E6BC3A2B40FF00222DCA4A3DB3E ] \Device\Harddisk0\DR022:46:16.0265 3372 \Device\Harddisk0\DR0 - ok22:46:16.0265 3372 ================ Scan VBR ==================================22:46:16.0265 3372 [ 9C4EB5919C002C7721F1E0947BA4A8CF ] \Device\Harddisk0\DR0\Partition122:46:16.0265 3372 \Device\Harddisk0\DR0\Partition1 - ok22:46:16.0265 3372 ============================================================22:46:16.0265 3372 Scan finished22:46:16.0265 3372 ============================================================22:46:16.0390 3096 Detected object count: 2522:46:16.0390 3096 Actual detected object count: 2522:46:28.0859 3096 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0859 3096 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0859 3096 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0859 3096 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0859 3096 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0859 3096 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0875 3096 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0875 3096 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0875 3096 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0875 3096 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0875 3096 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0875 3096 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0875 3096 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0875 3096 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0875 3096 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0875 3096 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0875 3096 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0875 3096 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0875 3096 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0875 3096 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0875 3096 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0875 3096 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0890 3096 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0890 3096 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0890 3096 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0890 3096 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0890 3096 ELhid ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0890 3096 ELhid ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0890 3096 ELkbd ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0890 3096 ELkbd ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0890 3096 ELmon ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0890 3096 ELmon ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0890 3096 ELmou ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0890 3096 ELmou ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0890 3096 ELService ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0890 3096 ELService ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0906 3096 IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0906 3096 IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0906 3096 MHN ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0906 3096 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0906 3096 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0906 3096 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0906 3096 NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0906 3096 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0906 3096 PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0906 3096 PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0921 3096 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0921 3096 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip22:46:28.0921 3096 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - skipped by user22:46:28.0921 3096 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - User select action: Skip Link to post Share on other sites More sharing options...
Tomk1 Posted March 21, 2013 ID:659288 Share Posted March 21, 2013 Let's take a different tack... Download RogueKiller and save it to your desktop.Quit all other programsStart RogueKiller.exeWait until the Prescan has finished ...Click on ScanWait for the end of the scanA report will be created on your desktop.Click on the Delete buttonNext click on the ShortcutsFix another report will be created on your desktop.Please post: All RKreport.txt text files located on your desktop. Link to post Share on other sites More sharing options...
kgej_73 Posted March 22, 2013 Author ID:659779 Share Posted March 22, 2013 RogueKiller V8.5.4 [Mar 18 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser : Glenn [Admin rights]Mode : Scan -- Date : 03/22/2013 12:13:30| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 2 ¤¤¤[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\WINDOWS\system32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: ST3160828AS +++++--- User ---[MBR] 0a43a49b7fd0fb19c54e267e738d8151[bSP] eb56c44a5e637616a189ce643b9b2203 : MBR Code unknownPartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 147785 Mo2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 302760990 | Size: 4753 Mo3 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 312496380 | Size: 1 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1]_S_03222013_02d1213.txt >>RKreport[1]_S_03222013_02d1213.txtRogueKiller V8.5.4 [Mar 18 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser : Glenn [Admin rights]Mode : Remove -- Date : 03/22/2013 12:15:49| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 2 ¤¤¤[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\WINDOWS\system32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: ST3160828AS +++++--- User ---[MBR] 0a43a49b7fd0fb19c54e267e738d8151[bSP] eb56c44a5e637616a189ce643b9b2203 : MBR Code unknownPartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 147785 Mo2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 302760990 | Size: 4753 Mo3 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 312496380 | Size: 1 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[2]_D_03222013_02d1215.txt >>RKreport[1]_S_03222013_02d1213.txt ; RKreport[2]_D_03222013_02d1215.txtRogueKiller V8.5.4 [Mar 18 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser : Glenn [Admin rights]Mode : Shortcuts HJfix -- Date : 03/22/2013 12:17:28| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Driver : [LOADED] ¤¤¤¤¤¤ File attributes restored: ¤¤¤Desktop: Success 0 / Fail 0Quick launch: Success 0 / Fail 0Programs: Success 4 / Fail 0Start menu: Success 0 / Fail 0User folder: Success 55 / Fail 0My documents: Success 4 / Fail 4My favorites: Success 0 / Fail 0My pictures: Success 0 / Fail 0My music: Success 0 / Fail 0My videos: Success 0 / Fail 0Local drives: Success 185 / Fail 0Backup: [NOT FOUND]Drives:[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored[D:] \Device\CdRom0 -- 0x5 --> Skipped[E:] \Device\CdRom1 -- 0x5 --> SkippedFinished : << RKreport[3]_SC_03222013_02d1217.txt >>RKreport[1]_S_03222013_02d1213.txt ; RKreport[2]_D_03222013_02d1215.txt ; RKreport[3]_SC_03222013_02d1217.txt Link to post Share on other sites More sharing options...
Tomk1 Posted March 22, 2013 ID:659817 Share Posted March 22, 2013 Some permissions were corrected.Now please try ComboFix again. If it asks to update... please let it. Link to post Share on other sites More sharing options...
kgej_73 Posted March 23, 2013 Author ID:660000 Share Posted March 23, 2013 I was able to run ComboFix this time, however, my machine locked up while writing the log file. I let it run for about five hours to see if it would unlock and finish writing the file, but I ended up having to power off the machine. This was all that was in my ComboFix.txt file:ComboFix 13-03-21.02 - Glenn 03/22/2013 15:36:50.1.2 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2612 [GMT -4:00]Running from: C:\Documents and Settings\Glenn\Desktop\ComboFix.exeAV: GFI Software VIPRE *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C} Link to post Share on other sites More sharing options...
Tomk1 Posted March 23, 2013 ID:660007 Share Posted March 23, 2013 OK... please try it again. Don't wait 5 hours. Give it 2 hours and restart and let me know. I'm hoping it did enough of a job to run to completion this time. Link to post Share on other sites More sharing options...
kgej_73 Posted March 23, 2013 Author ID:660026 Share Posted March 23, 2013 I tried to run it again and I got the blue screen of death. Link to post Share on other sites More sharing options...
Tomk1 Posted March 23, 2013 ID:660036 Share Posted March 23, 2013 OK... Let's try to get a different log. Download OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.Check the boxes beside LOP Check and Purity Check.Under Custom Scan paste this innetsvcsdrivers32%SYSTEMDRIVE%\*.*%systemroot%\Fonts\*.com%systemroot%\Fonts\*.dll%systemroot%\Fonts\*.ini%systemroot%\Fonts\*.ini2%systemroot%\Fonts\*.exe%systemroot%\system32\spool\prtprocs\w32x86\*.*%systemroot%\REPAIR\*.bak1%systemroot%\REPAIR\*.ini%systemroot%\system32\*.jpg%systemroot%\*.jpg%systemroot%\*.png%systemroot%\*.scr%systemroot%\*._sy%APPDATA%\Adobe\Update\*.*%ALLUSERSPROFILE%\Favorites\*.*%APPDATA%\Microsoft\*.*%PROGRAMFILES%\*.*%APPDATA%\Update\*.*%systemroot%\*. /mp /sCREATERESTOREPOINT%systemroot%\System32\config\*.sav%PROGRAMFILES%\bak. /s%systemroot%\system32\bak. /s%ALLUSERSPROFILE%\Start Menu\*.lnk /x%systemroot%\system32\config\systemprofile\*.dat /x%systemroot%\*.config%systemroot%\system32\*.db%PROGRAMFILES%\Internet Explorer\*.dat%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x%USERPROFILE%\Desktop\*.exe%PROGRAMFILES%\Common Files\*.*%systemroot%\*.src%systemroot%\install\*.*%systemroot%\system32\DLL\*.*%systemroot%\system32\HelpFiles\*.*%systemroot%\system32\rundll\*.*%systemroot%\winn32\*.*%systemroot%\Java\*.*%systemroot%\system32\test\*.*%systemroot%\system32\Rundll32\*.*%systemroot%\AppPatch\Custom\*.*HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AUHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rsClick the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in. Link to post Share on other sites More sharing options...
kgej_73 Posted March 23, 2013 Author ID:660048 Share Posted March 23, 2013 OTL logfile created on: 3/23/2013 12:00:36 AM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Glenn\DesktopWindows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy3.00 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 84.04% Memory free4.84 Gb Paging File | 4.51 Gb Available in Paging File | 93.10% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 144.32 Gb Total Space | 97.96 Gb Free Space | 67.88% Space Free | Partition Type: NTFSComputer Name: MAIN_COMPUTER | User Name: Glenn | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2013/03/22 23:57:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Glenn\Desktop\OTL.exePRC - [2013/03/10 22:57:25 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exePRC - [2013/02/20 22:30:14 | 000,175,936 | ---- | M] (GFI Software) -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exePRC - [2013/01/31 07:22:47 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exePRC - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exePRC - [2008/07/10 08:23:26 | 000,053,032 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exePRC - [2008/07/10 08:23:16 | 001,442,088 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exePRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2007/04/09 13:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CtHelper.exePRC - [2005/09/08 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXEPRC - [2005/06/17 08:56:14 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exePRC - [2005/06/17 08:55:58 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exePRC - [2003/09/17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exePRC - [2003/06/18 02:00:00 | 000,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe========== Modules (No Company Name) ==========MOD - [2013/01/28 13:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [2013/01/28 13:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dllMOD - [2013/01/02 02:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dllMOD - [2012/02/20 22:26:28 | 000,160,768 | ---- | M] () -- C:\Program Files\GFI Software\VIPRE\unrar.dllMOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dllMOD - [2008/04/14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dllMOD - [2008/04/14 06:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll========== Services (SafeList) ==========SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)SRV - [2013/03/10 22:57:25 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)SRV - [2013/02/20 22:30:18 | 003,680,512 | ---- | M] (GFI Software) [Auto | Stopped] -- C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe -- (SBAMSvc)SRV - [2013/02/20 22:30:14 | 000,175,936 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe -- (SBPIMSvc)SRV - [2013/01/31 07:22:47 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)SRV - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)SRV - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)SRV - [2011/06/26 02:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)SRV - [2008/07/10 08:23:26 | 000,053,032 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe -- (NeroRegInCDSrv)SRV - [2008/07/10 08:23:16 | 001,442,088 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe -- (InCDsrv)SRV - [2005/12/12 17:52:32 | 000,180,224 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe -- (ELService)SRV - [2005/06/17 08:55:58 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon)========== Driver Services (SafeList) ==========DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)DRV - File not found [Kernel | System | Stopped] -- -- (Changer)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Glenn\LOCALS~1\Temp\catchme.sys -- (catchme)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)DRV - [2013/02/11 13:28:31 | 000,035,896 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gfiark.sys -- (gfiark)DRV - [2012/12/26 22:02:44 | 000,222,960 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbtis.sys -- (sbtis)DRV - [2012/12/14 17:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)DRV - [2012/12/04 22:01:14 | 000,068,904 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\sbapifs.sys -- (sbapifs)DRV - [2012/12/04 22:01:14 | 000,023,088 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbaphd.sys -- (sbaphd)DRV - [2011/12/23 11:42:20 | 000,014,848 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MFWCtwl.sys -- (SamsungMonitorFirmware)DRV - [2008/07/10 08:23:14 | 000,040,488 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)DRV - [2008/07/10 08:23:14 | 000,038,952 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)DRV - [2008/07/10 08:23:14 | 000,018,088 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\system32\drivers\InCDrec.sys -- (InCDRec)DRV - [2008/07/10 08:23:04 | 000,128,424 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)DRV - [2008/04/14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)DRV - [2007/04/18 09:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\COMMONFX.DLL -- (COMMONFX.DLL)DRV - [2007/04/12 09:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)DRV - [2007/04/12 09:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)DRV - [2007/04/12 09:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)DRV - [2007/04/12 09:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)DRV - [2007/04/12 09:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)DRV - [2007/04/12 09:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)DRV - [2007/04/12 09:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTERFXFX.DLL -- (CTERFXFX.DLL)DRV - [2007/04/12 09:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)DRV - [2007/04/12 09:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CTSBLFX.DLL -- (CTSBLFX.DLL)DRV - [2007/04/12 09:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CTAUDFX.DLL -- (CTAUDFX.DLL)DRV - [2007/04/10 07:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)DRV - [2007/04/10 06:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)DRV - [2007/04/10 05:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)DRV - [2007/04/10 05:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)DRV - [2007/04/10 05:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)DRV - [2007/04/10 05:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)DRV - [2007/04/10 05:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)DRV - [2007/04/10 05:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)DRV - [2007/04/10 05:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)DRV - [2007/04/10 05:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)DRV - [2006/04/11 11:54:08 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)DRV - [2005/12/12 17:52:34 | 000,010,112 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELhid.sys -- (ELhid)DRV - [2005/12/12 17:52:34 | 000,007,040 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELmon.sys -- (ELmon)DRV - [2005/12/12 17:52:34 | 000,006,912 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELkbd.sys -- (ELkbd)DRV - [2005/12/12 17:52:34 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELmou.sys -- (ELmou)DRV - [2005/12/12 17:52:32 | 000,007,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)DRV - [2005/09/08 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)DRV - [2005/09/08 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)DRV - [2005/09/08 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)DRV - [2005/09/08 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)DRV - [2005/09/08 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)DRV - [2005/09/08 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)DRV - [2005/09/08 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)DRV - [2005/08/25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)DRV - [2005/08/25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=usIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/hws/sb/dell-inc/en/side.html?channel=usIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=usIE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=usIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/hws/sb/dell-inc/en/side.html?channel=usIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-inc/en/side.html?channel=usIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=usIE - HKCU\..\SearchScopes,DefaultScope = {C8CF2CFD-C20E-498A-BE61-144BA786F71C}IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRCIE - HKCU\..\SearchScopes\{C8CF2CFD-C20E-498A-BE61-144BA786F71C}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local========== FireFox ==========FF - prefs.js..browser.startup.homepage: "about:home"FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:3.1.4FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2FF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/10 22:12:19 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins[2013/03/10 22:12:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Glenn\Application Data\Mozilla\Extensions[2013/03/11 23:08:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\4939n7d9.default\extensions[2013/03/11 23:08:04 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\4939n7d9.default\extensions\https-everywhere@eff.org[2013/03/10 22:12:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions[2013/03/11 22:21:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION[2013/03/07 10:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll[2013/03/07 10:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml[2013/03/07 10:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xmlO1 HOSTS File: ([2013/03/22 15:42:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll (Dell Inc.)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()O4 - HKLM..\Run: [sBAMTray] C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)O4 - HKLM..\Run: [updReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not foundO10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1362977933062 (WUWebControl Class)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Value error.)O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39B48252-B3B4-4E20-8ED5-6C7F78E9F74A}: DhcpNameServer = 192.168.1.1O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)O24 - Desktop WallPaper: C:\Documents and Settings\Glenn\Local Settings\Application Data\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\Glenn\Local Settings\Application Data\Microsoft\Wallpaper1.bmpO28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)NetSvcs: 6to4 - File not foundNetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not foundNetSvcs: Ias - File not foundNetSvcs: Iprip - File not foundNetSvcs: Irmon - File not foundNetSvcs: NWCWorkstation - File not foundNetSvcs: Nwsapagent - File not foundNetSvcs: WmdmPmSp - File not foundDrivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)CREATERESTOREPOINTRestore point Set: OTL Restore Point========== Files/Folders - Created Within 30 Days ==========[2013/03/22 23:57:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Glenn\Desktop\OTL.exe[2013/03/22 23:04:21 | 000,000,000 | --SD | C] -- C:\ComboFix[2013/03/22 12:12:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Desktop\RK_Quarantine[2013/03/20 22:36:26 | 000,000,000 | R-SD | C] -- C:\cmdcons[2013/03/20 22:34:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2013/03/20 22:34:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2013/03/20 22:34:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2013/03/20 22:34:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe[2013/03/20 22:34:21 | 000,000,000 | ---D | C] -- C:\Qoobox[2013/03/20 22:34:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt[2013/03/20 22:30:06 | 005,042,224 | R--- | C] (Swearware) -- C:\Documents and Settings\Glenn\Desktop\ComboFix.exe[2013/03/20 22:17:25 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine[2013/03/20 19:28:46 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Glenn\Desktop\tdsskiller.exe[2013/03/15 20:35:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\AdobeUM[2013/03/15 20:35:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\Adobe[2013/03/15 20:35:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\My Documents\My eBooks[2013/03/15 20:34:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe[2013/03/15 20:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\TaxCut[2013/03/15 20:09:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\H&R Block 2012[2013/03/15 20:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\PDF995[2013/03/15 20:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\HRBlock2012[2013/03/15 20:07:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\My Documents\HRBlock[2013/03/15 20:04:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TaxCut[2013/03/14 22:19:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\My Documents\Word Documents[2013/03/14 21:34:15 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys[2013/03/14 21:34:15 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys[2013/03/13 01:40:31 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Glenn\Desktop\dds.com[2013/03/13 01:19:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump[2013/03/13 01:17:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\Start Menu\Programs\Administrative Tools[2013/03/13 01:12:08 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Glenn\Desktop\dds.scr[2013/03/11 22:59:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Macromedia[2013/03/11 22:59:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Adobe[2013/03/11 22:57:47 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe[2013/03/11 22:57:47 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl[2013/03/11 22:24:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi[2013/03/11 22:23:36 | 000,000,000 | ---D | C] -- C:\b3d49f0659b2ad7319dd55e7[2013/03/11 21:42:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer[2013/03/11 21:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild[2013/03/11 21:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies[2013/03/11 21:42:11 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll[2013/03/11 21:42:11 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll[2013/03/11 21:42:11 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe[2013/03/11 21:42:11 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll[2013/03/11 21:42:11 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll[2013/03/11 21:42:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll[2013/03/11 21:42:10 | 000,000,000 | ---D | C] -- C:\33a8fe1b90b5bacca4b907e7[2013/03/11 21:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\Identities[2013/03/11 21:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Windows Desktop Search[2013/03/11 21:39:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search[2013/03/11 21:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy[2013/03/11 21:38:32 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll[2013/03/11 21:38:31 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll[2013/03/11 21:38:31 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll[2013/03/11 21:38:23 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll[2013/03/11 21:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2[2013/03/11 21:36:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF[2013/03/11 19:50:19 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys[2013/03/11 19:27:14 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll[2013/03/11 19:27:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll[2013/03/11 19:27:13 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys[2013/03/11 19:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\Apple Computer[2013/03/11 19:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Apple Computer[2013/03/11 19:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes[2013/03/11 19:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod[2013/03/11 19:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes[2013/03/11 19:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer[2013/03/11 19:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1[2013/03/11 19:23:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\Apple[2013/03/11 19:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update[2013/03/11 19:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer[2013/03/11 19:23:03 | 006,112,864 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll[2013/03/11 19:23:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE[2013/03/11 19:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour[2013/03/11 19:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple[2013/03/11 19:22:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple[2013/03/11 19:20:10 | 088,323,920 | ---- | C] (Apple Inc.) -- C:\Documents and Settings\Glenn\Desktop\iTunesSetup.exe[2013/03/11 19:12:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\My Documents\Arduino[2013/03/11 19:12:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Arduino[2013/03/11 19:11:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys[2013/03/11 18:57:55 | 000,000,000 | ---D | C] -- C:\Arduino_1_0_4[2013/03/11 17:43:28 | 018,456,096 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Glenn\Desktop\Windows-KB890830-V4.17.exe[2013/03/11 03:27:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\Ahead[2013/03/11 03:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero 8[2013/03/11 03:26:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Nero[2013/03/11 03:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Nero[2013/03/11 03:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero[2013/03/11 03:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero[2013/03/11 03:22:12 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll[2013/03/11 03:22:10 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll[2013/03/11 03:00:03 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC[2013/03/11 02:28:06 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll[2013/03/11 02:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0[2013/03/11 02:04:09 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll[2013/03/11 02:03:35 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll[2013/03/11 02:03:11 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys[2013/03/11 02:01:06 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys[2013/03/11 02:01:05 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys[2013/03/11 02:00:49 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys[2013/03/11 01:59:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys[2013/03/11 01:59:26 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe[2013/03/11 01:59:24 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll[2013/03/11 01:59:17 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll[2013/03/11 01:59:16 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll[2013/03/11 01:59:16 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll[2013/03/11 01:59:06 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll[2013/03/11 01:58:46 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe[2013/03/11 01:58:31 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe[2013/03/11 01:57:15 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll[2013/03/11 01:57:15 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll[2013/03/11 01:55:15 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe[2013/03/11 01:55:15 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll[2013/03/11 01:55:14 | 002,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe[2013/03/11 01:55:13 | 002,027,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe[2013/03/11 01:54:44 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll[2013/03/11 01:53:51 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys[2013/03/11 01:53:48 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys[2013/03/11 01:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage[2013/03/11 01:52:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall[2013/03/11 01:49:55 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll[2013/03/11 01:49:55 | 000,022,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui[2013/03/11 01:49:54 | 000,015,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui[2013/03/11 01:49:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution[2013/03/11 01:40:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates[2013/03/11 01:40:30 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll[2013/03/11 01:40:30 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll[2013/03/11 01:40:30 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll[2013/03/11 01:40:29 | 002,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll[2013/03/11 01:40:27 | 011,111,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll[2013/03/11 01:34:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Glenn\IECompatCache[2013/03/11 01:33:50 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Glenn\PrivacIE[2013/03/11 01:29:57 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Glenn\IETldCache[2013/03/11 01:28:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM[2013/03/11 01:27:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8[2013/03/11 01:23:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch[2013/03/11 01:15:05 | 001,371,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll[2013/03/11 01:15:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll[2013/03/11 01:15:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll[2013/03/11 01:15:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll[2013/03/11 01:15:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll[2013/03/11 01:15:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe[2013/03/11 01:15:01 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll[2013/03/11 01:15:01 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll[2013/03/11 01:15:01 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll[2013/03/11 01:15:01 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll[2013/03/11 01:15:01 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll[2013/03/11 01:15:01 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll[2013/03/11 01:15:00 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll[2013/03/11 01:15:00 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll[2013/03/11 01:15:00 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll[2013/03/11 01:15:00 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll[2013/03/11 01:15:00 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll[2013/03/11 01:15:00 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll[2013/03/11 01:15:00 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll[2013/03/11 01:15:00 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll[2013/03/11 01:15:00 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll[2013/03/11 01:15:00 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll[2013/03/11 01:15:00 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll[2013/03/11 01:15:00 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll[2013/03/11 01:15:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll[2013/03/11 01:15:00 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll[2013/03/11 01:15:00 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll[2013/03/11 01:15:00 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll[2013/03/11 01:15:00 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll[2013/03/11 01:15:00 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll[2013/03/11 01:15:00 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax[2013/03/11 01:15:00 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax[2013/03/11 01:15:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll[2013/03/11 01:15:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll[2013/03/11 01:15:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll[2013/03/11 01:15:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll[2013/03/11 01:15:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll[2013/03/11 01:14:59 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll[2013/03/11 01:14:59 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll[2013/03/11 01:14:59 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll[2013/03/11 01:14:59 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll[2013/03/11 01:14:59 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll[2013/03/11 01:14:59 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll[2013/03/11 01:14:59 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll[2013/03/11 01:14:59 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll[2013/03/11 01:14:59 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll[2013/03/11 01:14:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe[2013/03/11 01:14:59 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll[2013/03/11 01:14:59 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll[2013/03/11 01:14:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll[2013/03/11 01:14:59 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll[2013/03/11 01:14:59 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe[2013/03/11 01:14:59 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll[2013/03/11 01:14:59 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll[2013/03/11 01:14:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll[2013/03/11 01:14:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe[2013/03/11 01:14:59 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe[2013/03/11 01:14:59 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe[2013/03/11 01:14:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll[2013/03/11 01:14:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax[2013/03/11 01:14:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe[2013/03/11 01:14:58 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe[2013/03/11 01:14:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting[2013/03/11 01:14:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas[2013/03/11 01:14:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us[2013/03/11 01:14:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en[2013/03/11 01:14:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits[2013/03/11 01:14:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles[2013/03/11 01:13:45 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys[2013/03/11 01:13:45 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys[2013/03/11 01:13:45 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys[2013/03/11 01:13:45 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys[2013/03/11 01:13:45 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys[2013/03/11 01:13:45 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys[2013/03/11 01:13:45 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys[2013/03/11 01:13:45 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys[2013/03/11 01:13:45 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys[2013/03/11 01:13:45 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys[2013/03/11 01:13:45 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys[2013/03/11 01:13:45 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys[2013/03/11 01:13:45 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys[2013/03/11 01:13:45 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys[2013/03/11 01:13:45 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys[2013/03/11 01:13:45 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys[2013/03/11 01:13:45 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys[2013/03/11 01:13:45 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll[2013/03/11 01:13:45 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys[2013/03/11 01:13:45 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll[2013/03/11 01:13:45 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll[2013/03/11 01:13:45 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll[2013/03/11 01:13:45 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys[2013/03/11 01:13:45 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll[2013/03/11 01:13:45 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys[2013/03/11 01:13:45 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys[2013/03/11 01:13:45 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys[2013/03/11 01:13:45 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys[2013/03/11 01:13:45 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll[2013/03/11 01:13:45 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll[2013/03/11 01:13:45 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll[2013/03/11 01:13:45 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll[2013/03/11 01:13:45 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll[2013/03/11 01:13:45 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll[2013/03/11 01:13:45 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll[2013/03/11 01:13:45 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll[2013/03/11 01:13:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic[2013/03/11 01:13:44 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys[2013/03/11 01:13:44 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys[2013/03/11 01:13:44 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys[2013/03/11 01:13:44 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys[2013/03/11 01:13:44 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys[2013/03/11 01:13:44 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys[2013/03/11 01:13:44 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys[2013/03/11 01:13:44 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys[2013/03/11 01:13:44 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys[2013/03/11 01:13:44 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys[2013/03/11 01:13:44 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys[2013/03/11 01:13:44 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys[2013/03/11 01:13:44 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys[2013/03/11 01:13:44 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys[2013/03/11 01:13:44 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys[2013/03/11 01:13:44 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys[2013/03/11 01:13:44 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys[2013/03/11 01:13:44 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll[2013/03/11 01:13:44 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys[2013/03/11 01:13:44 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys[2013/03/11 01:13:44 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll[2013/03/11 01:11:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$[2013/03/11 01:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache[2013/03/11 00:58:08 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Glenn\UserData[2013/03/11 00:52:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\My Documents\My Videos[2013/03/11 00:47:50 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll[2013/03/11 00:47:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office[2013/03/11 00:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\L&H[2013/03/11 00:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync[2013/03/11 00:47:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER[2013/03/11 00:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works[2013/03/11 00:47:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio[2013/03/11 00:47:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW[2013/03/11 00:46:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET[2013/03/11 00:46:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office[2013/03/11 00:44:39 | 000,000,000 | R--D | C] -- C:\MSOCache[2013/03/10 23:23:26 | 000,014,848 | ---- | C] (Samsung Electronics, Inc. ) -- C:\WINDOWS\System32\drivers\MFWCtwl.sys[2013/03/10 23:23:21 | 000,000,000 | ---D | C] -- C:\Program Files\SamsungFirmwareUpdater[2013/03/10 23:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung[2013/03/10 23:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\MonitorDriver[2013/03/10 23:16:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\InstallShield[2013/03/10 23:04:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation[2013/03/10 23:03:55 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll[2013/03/10 23:03:55 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll[2013/03/10 23:03:55 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll[2013/03/10 23:03:55 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll[2013/03/10 23:03:55 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll[2013/03/10 23:03:55 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll[2013/03/10 23:03:55 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll[2013/03/10 23:03:54 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll[2013/03/10 23:03:54 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll[2013/03/10 23:03:54 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll[2013/03/10 23:03:54 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll[2013/03/10 23:03:54 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll[2013/03/10 23:03:54 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll[2013/03/10 23:03:54 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll[2013/03/10 23:03:54 | 000,144,160 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe[2013/03/10 23:03:27 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll[2013/03/10 23:03:12 | 005,967,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll[2013/03/10 23:03:11 | 007,536,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll[2013/03/10 23:03:11 | 002,581,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll[2013/03/10 23:03:11 | 001,869,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll[2013/03/10 23:03:11 | 001,010,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll[2013/03/10 23:03:11 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco32.dll[2013/03/10 23:03:09 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll[2013/03/10 23:03:09 | 002,389,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll[2013/03/10 23:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation[2013/03/10 23:01:24 | 000,000,000 | ---D | C] -- C:\NVIDIA[2013/03/10 22:58:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA[2013/03/10 22:58:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun[2013/03/10 22:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\Sun[2013/03/10 22:57:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun[2013/03/10 22:57:41 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll[2013/03/10 22:57:41 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl[2013/03/10 22:57:40 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll[2013/03/10 22:57:40 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe[2013/03/10 22:57:31 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll[2013/03/10 22:57:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee[2013/03/10 22:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Malwarebytes[2013/03/10 22:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware[2013/03/10 22:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes[2013/03/10 22:45:00 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2013/03/10 22:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2013/03/10 22:20:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss[2013/03/10 22:18:32 | 000,035,896 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfiark.sys[2013/03/10 22:16:57 | 000,068,904 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\sbapifs.sys[2013/03/10 22:16:57 | 000,023,088 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\sbaphd.sys[2013/03/10 22:16:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GFI Software[2013/03/10 22:16:48 | 000,222,960 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\sbtis.sys[2013/03/10 22:16:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GFI Software[2013/03/10 22:16:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\VDD[2013/03/10 22:16:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations[2013/03/10 22:16:12 | 000,000,000 | ---D | C] -- C:\Program Files\GFI Software[2013/03/10 22:15:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\GFI Software[2013/03/10 22:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\My Documents\Downloads[2013/03/10 22:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\Mozilla[2013/03/10 22:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Mozilla[2013/03/10 22:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox[2013/03/10 21:41:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles[2013/03/10 21:40:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt[2013/03/10 21:35:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Glenn\Application Data\Microsoft[2013/03/10 21:35:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\Start Menu\Programs\Startup[2013/03/10 21:35:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\Start Menu[2013/03/10 21:35:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\SendTo[2013/03/10 21:35:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\Recent[2013/03/10 21:35:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\My Documents\My Pictures[2013/03/10 21:35:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\My Documents\My Music[2013/03/10 21:35:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\My Documents[2013/03/10 21:35:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\Favorites[2013/03/10 21:35:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\Application Data[2013/03/10 21:35:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Glenn\Start Menu\Programs\Accessories[2013/03/10 21:35:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Glenn\Cookies[2013/03/10 21:35:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Glenn\Local Settings[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Templates[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Sun[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\PrintHood[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\NetHood[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\Musicmatch[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\Microsoft[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Identities[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Gtek[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\Google[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Google[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Desktop[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Start Menu\Programs\Dell Accessories[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Start Menu\Programs\Dell[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\Creative[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\My Documents\CCWin[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\BVRP Software[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\ApplicationHistory[2013/03/10 21:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ][1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]========== Files - Modified Within 30 Days ==========[2013/03/22 23:57:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Glenn\Desktop\OTL.exe[2013/03/22 23:06:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2013/03/22 23:06:23 | 3219,296,256 | -HS- | M] () -- C:\hiberfil.sys[2013/03/22 22:50:07 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000004-00001102-00000004-20061102}.rfx[2013/03/22 22:50:07 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000004-00001102-00000004-20061102}.rfx[2013/03/22 22:50:07 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000005-00000000-00000004-00001102-00000004-20061102}.rfx[2013/03/22 22:50:07 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000005-00000000-00000004-00001102-00000004-20061102}.rfx[2013/03/22 22:50:07 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000004-00001102-00000004-20061102}.rfx[2013/03/22 22:49:52 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.CDF[2013/03/22 22:49:52 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.BAK[2013/03/22 15:42:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts[2013/03/22 14:26:02 | 005,042,224 | R--- | M] (Swearware) -- C:\Documents and Settings\Glenn\Desktop\ComboFix.exe[2013/03/22 12:07:11 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2013/03/22 12:04:04 | 000,816,128 | ---- | M] () -- C:\Documents and Settings\Glenn\Desktop\RogueKiller.exe[2013/03/21 20:19:19 | 000,000,146 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\default.pls[2013/03/20 22:36:30 | 000,000,325 | RHS- | M] () -- C:\boot.ini[2013/03/20 19:28:50 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Glenn\Desktop\tdsskiller.exe[2013/03/20 19:21:00 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Glenn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2013/03/20 19:17:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2013/03/19 19:21:29 | 000,466,724 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2013/03/19 19:21:26 | 000,079,940 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2013/03/17 21:10:50 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk[2013/03/17 21:10:49 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Glenn\Desktop\Windows Media Player.lnk[2013/03/16 10:56:16 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2013/03/15 21:59:36 | 000,021,009 | ---- | M] () -- C:\Documents and Settings\Glenn\Desktop\Motor Speed Control.pdf[2013/03/15 20:16:58 | 000,001,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\H&R Block 2012.lnk[2013/03/13 01:40:32 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Glenn\Desktop\dds.com[2013/03/13 01:12:09 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Glenn\Desktop\dds.scr[2013/03/12 21:10:04 | 000,001,190 | ---- | M] () -- C:\WINDOWS\System32\ServiceConfig.xml[2013/03/12 21:08:07 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2013/03/11 22:57:47 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe[2013/03/11 22:57:47 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl[2013/03/11 21:39:20 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk[2013/03/11 21:38:13 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb[2013/03/11 21:38:13 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb[2013/03/11 21:37:20 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk[2013/03/11 21:36:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf[2013/03/11 21:34:38 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000005-00000000-00000004-00001102-00000004-20061102}.dat[2013/03/11 21:34:38 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000004-00001102-00000004-20061102}.dat[2013/03/11 20:50:12 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm[2013/03/11 20:50:12 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm[2013/03/11 19:23:59 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk[2013/03/11 19:21:08 | 088,323,920 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Glenn\Desktop\iTunesSetup.exe[2013/03/11 19:16:34 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Glenn\Desktop\Shortcut to arduino.lnk[2013/03/11 18:55:26 | 095,890,468 | ---- | M] () -- C:\Documents and Settings\Glenn\Desktop\arduino-1.0.4-windows.zip[2013/03/11 17:43:32 | 018,456,096 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Glenn\Desktop\Windows-KB890830-V4.17.exe[2013/03/11 03:42:08 | 000,000,209 | ---- | M] () -- C:\Boot.bak[2013/03/11 03:27:30 | 000,002,370 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk[2013/03/11 03:27:30 | 000,002,352 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart Essentials.lnk[2013/03/11 03:27:30 | 000,002,272 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk[2013/03/11 03:27:30 | 000,002,254 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero Home Essentials SE.lnk[2013/03/11 03:26:19 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\Glenn\.rnd[2013/03/11 02:24:28 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI[2013/03/11 01:30:22 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[2013/03/11 01:26:30 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx[2013/03/11 01:13:39 | 000,250,048 | RHS- | M] () -- C:\ntldr[2013/03/11 00:53:43 | 000,003,072 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\dvd.bmk[2013/03/11 00:52:17 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Glenn\Local Settings\Application Data\fusioncache.dat[2013/03/11 00:47:53 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI[2013/03/10 23:16:39 | 000,001,353 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Launch Monitor Driver Installer.lnk[2013/03/10 23:10:29 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin[2013/03/10 23:10:29 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin[2013/03/10 23:09:16 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin[2013/03/10 23:03:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk[2013/03/10 22:57:25 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll[2013/03/10 22:57:25 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll[2013/03/10 22:57:25 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe[2013/03/10 22:57:25 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe[2013/03/10 22:57:25 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe[2013/03/10 22:57:25 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl[2013/03/10 22:57:25 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll[2013/03/10 22:53:16 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1[2013/03/10 22:45:02 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk[2013/03/10 22:40:16 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml[2013/03/10 22:16:48 | 000,001,752 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VIPRE.lnk[2013/03/10 22:12:19 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk[2013/03/10 22:12:19 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk[2013/03/10 21:59:46 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf[2013/03/10 21:38:52 | 000,000,002 | ---- | M] () -- C:\WINDOWS\msoffice.ini[2013/03/10 21:35:13 | 000,001,478 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk[2013/03/10 21:33:58 | 000,000,448 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf[2013/03/10 21:27:18 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD[2013/02/28 22:33:07 | 006,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ][1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]========== Files Created - No Company Name ==========[2013/03/22 15:20:13 | 3219,296,256 | -HS- | C] () -- C:\hiberfil.sys[2013/03/22 12:04:04 | 000,816,128 | ---- | C] () -- C:\Documents and Settings\Glenn\Desktop\RogueKiller.exe[2013/03/20 22:36:30 | 000,000,209 | ---- | C] () -- C:\Boot.bak[2013/03/20 22:36:29 | 000,260,272 | R-S- | C] () -- C:\cmldr[2013/03/20 22:34:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe[2013/03/20 22:34:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe[2013/03/20 22:34:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2013/03/20 22:34:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2013/03/20 22:34:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2013/03/20 19:20:56 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Glenn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2013/03/17 21:10:50 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk[2013/03/15 21:59:36 | 000,021,009 | ---- | C] () -- C:\Documents and Settings\Glenn\Desktop\Motor Speed Control.pdf[2013/03/15 20:16:58 | 000,001,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\H&R Block 2012.lnk[2013/03/12 21:10:04 | 000,001,190 | ---- | C] () -- C:\WINDOWS\System32\ServiceConfig.xml[2013/03/11 23:15:57 | 004,958,588 | ---- | C] () -- C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.BAK[2013/03/11 22:00:36 | 000,011,564 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000004-00001102-00000004-20061102}.rfx[2013/03/11 21:39:20 | 000,001,803 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk[2013/03/11 21:39:20 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk[2013/03/11 21:37:20 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk[2013/03/11 21:36:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf[2013/03/11 21:33:09 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb[2013/03/11 19:23:59 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk[2013/03/11 19:23:09 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk[2013/03/11 19:16:34 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Glenn\Desktop\Shortcut to arduino.lnk[2013/03/11 18:54:22 | 095,890,468 | ---- | C] () -- C:\Documents and Settings\Glenn\Desktop\arduino-1.0.4-windows.zip[2013/03/11 03:33:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2013/03/11 03:32:35 | 000,000,146 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\default.pls[2013/03/11 03:27:30 | 000,002,370 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk[2013/03/11 03:27:30 | 000,002,352 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart Essentials.lnk[2013/03/11 03:27:30 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk[2013/03/11 03:27:30 | 000,002,254 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero Home Essentials SE.lnk[2013/03/11 03:26:18 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Glenn\.rnd[2013/03/11 02:24:28 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI[2013/03/11 02:02:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll[2013/03/11 02:02:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll[2013/03/11 01:13:45 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty[2013/03/11 01:13:45 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod[2013/03/11 01:13:44 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img[2013/03/11 00:53:43 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\dvd.bmk[2013/03/11 00:47:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI[2013/03/10 23:23:26 | 000,003,294 | ---- | C] () -- C:\WINDOWS\System32\drivers\TMM[2013/03/10 23:16:39 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Launch Monitor Driver Installer.lnk[2013/03/10 23:03:24 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin[2013/03/10 23:03:24 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin[2013/03/10 23:03:24 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin[2013/03/10 23:03:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk[2013/03/10 23:03:12 | 000,015,449 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb[2013/03/10 23:03:11 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data[2013/03/10 22:53:16 | 000,004,128 | ---- | C] () -- C:\INFCACHE.1[2013/03/10 22:45:02 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk[2013/03/10 22:16:48 | 000,001,752 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VIPRE.lnk[2013/03/10 22:12:19 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk[2013/03/10 22:12:19 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk[2013/03/10 22:12:19 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk[2013/03/10 21:38:52 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini[2013/03/10 21:35:15 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\Glenn\Desktop\Windows Media Player.lnk[2013/03/10 21:35:08 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Musicmatch Jukebox.lnk[2013/03/10 21:35:08 | 000,001,478 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk[2013/03/10 21:35:08 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[2013/03/10 21:35:08 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk[2013/03/10 21:35:08 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Glenn\Local Settings\Application Data\fusioncache.dat[2013/03/10 21:35:08 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf[2013/03/10 21:35:07 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Glenn\Start Menu\Programs\Remote Assistance.lnk[2013/03/10 21:35:07 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Glenn\Start Menu\Programs\Internet Explorer.lnk[2013/03/10 21:35:07 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Glenn\Start Menu\Programs\Windows Media Player.lnk[2013/03/10 21:35:07 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Glenn\Start Menu\Programs\Outlook Express.lnk[2013/03/10 21:27:18 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD========== ZeroAccess Check ==========[2005/08/16 05:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 06:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both========== LOP Check ==========[2013/03/11 19:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1[2013/03/10 22:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations[2013/03/10 22:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GFI Software[2013/03/15 20:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut[2013/03/11 19:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\Arduino[2013/03/10 22:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\GFI Software[2013/03/15 20:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\TaxCut[2013/03/11 21:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\Windows Desktop Search========== Purity Check ==================== Custom Scans ==========< %SYSTEMDRIVE%\*.* >[2005/08/16 05:43:04 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT[2013/03/11 03:42:08 | 000,000,209 | ---- | M] () -- C:\Boot.bak[2013/03/20 22:36:30 | 000,000,325 | RHS- | M] () -- C:\boot.ini[2004/08/03 23:00:00 | 000,260,272 | R-S- | M] () -- C:\cmldr[2005/08/16 05:43:04 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS[2006/04/11 11:33:32 | 000,006,968 | R--- | M] () -- C:\dell.sdr[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt[2007/11/07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt[2007/11/07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt[2007/11/07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini[2013/03/22 23:06:23 | 3219,296,256 | -HS- | M] () -- C:\hiberfil.sys[2013/03/10 22:53:16 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1[2007/11/07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini[2007/11/07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll[2007/11/07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll[2007/11/07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll[2007/11/07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll[2007/11/07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll[2007/11/07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll[2007/11/07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll[2005/08/16 05:43:04 | 000,000,000 | ---- | M] () -- C:\IO.SYS[2006/04/11 11:54:23 | 000,000,840 | ---- | M] () -- C:\IPH.PH[2005/08/16 05:43:04 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS[2004/08/10 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM[2013/03/11 01:13:39 | 000,250,048 | RHS- | M] () -- C:\ntldr[2013/03/22 23:06:22 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys[2006/04/11 11:54:30 | 000,000,087 | ---- | M] () -- C:\SystemInfo.ini[2013/03/20 19:53:02 | 000,236,546 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_20.03.2013_19.29.00_log.txt[2013/03/20 22:24:17 | 000,355,888 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_20.03.2013_22.10.09_log.txt[2013/03/20 22:29:55 | 000,119,430 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_20.03.2013_22.25.54_log.txt[2013/03/20 22:56:25 | 000,120,584 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_20.03.2013_22.45.02_log.txt[2007/11/07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp[2007/11/07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab[2007/11/07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI< %systemroot%\Fonts\*.com >[2006/04/18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont[2006/06/29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont[2006/04/18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont[2006/06/29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont< %systemroot%\Fonts\*.dll >< %systemroot%\Fonts\*.ini >[2005/08/16 05:42:12 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini< %systemroot%\Fonts\*.ini2 >< %systemroot%\Fonts\*.exe >< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll[2003/06/18 18:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe< %systemroot%\REPAIR\*.bak1 >< %systemroot%\REPAIR\*.ini >< %systemroot%\system32\*.jpg >< %systemroot%\*.jpg >< %systemroot%\*.png >< %systemroot%\*.scr >< %systemroot%\*._sy >< %APPDATA%\Adobe\Update\*.* >< %ALLUSERSPROFILE%\Favorites\*.* >< %APPDATA%\Microsoft\*.* >< %PROGRAMFILES%\*.* >< %APPDATA%\Update\*.* >< %systemroot%\*. /mp /s >< %systemroot%\System32\config\*.sav >[2005/08/16 05:27:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav[2005/08/16 05:27:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav[2005/08/16 05:27:08 | 000,876,544 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav< %PROGRAMFILES%\bak. /s >< %systemroot%\system32\bak. /s >< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[2013/03/11 01:15:27 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini< %systemroot%\system32\config\systemprofile\*.dat /x >< %systemroot%\*.config >< %systemroot%\system32\*.db >< %PROGRAMFILES%\Internet Explorer\*.dat >< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[2013/03/11 01:25:46 | 000,000,170 | -HS- | M] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini[2005/08/16 05:50:28 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf< %USERPROFILE%\Desktop\*.exe >[2013/03/22 14:26:02 | 005,042,224 | R--- | M] (Swearware) -- C:\Documents and Settings\Glenn\Desktop\ComboFix.exe[2013/03/11 19:21:08 | 088,323,920 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Glenn\Desktop\iTunesSetup.exe[2013/03/22 23:57:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Glenn\Desktop\OTL.exe[2013/03/22 12:04:04 | 000,816,128 | ---- | M] () -- C:\Documents and Settings\Glenn\Desktop\RogueKiller.exe[2013/03/20 19:28:50 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Glenn\Desktop\tdsskiller.exe[2013/03/11 17:43:32 | 018,456,096 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Glenn\Desktop\Windows-KB890830-V4.17.exe< %PROGRAMFILES%\Common Files\*.* >< %systemroot%\*.src >< %systemroot%\install\*.* >< %systemroot%\system32\DLL\*.* >< %systemroot%\system32\HelpFiles\*.* >< %systemroot%\system32\rundll\*.* >< %systemroot%\winn32\*.* >< %systemroot%\Java\*.* >< %systemroot%\system32\test\*.* >< %systemroot%\system32\Rundll32\*.* >< %systemroot%\AppPatch\Custom\*.* >< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-03-15 02:25:36< End of report > Link to post Share on other sites More sharing options...
kgej_73 Posted March 23, 2013 Author ID:660049 Share Posted March 23, 2013 OTL Extras logfile created on: 3/23/2013 12:00:36 AM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Glenn\DesktopWindows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy3.00 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 84.04% Memory free4.84 Gb Paging File | 4.51 Gb Available in Paging File | 93.10% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 144.32 Gb Total Space | 97.96 Gb Free Space | 67.88% Space Free | Partition Type: NTFSComputer Name: MAIN_COMPUTER | User Name: Glenn | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>].html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)========== Shell Spawning ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*exefile [open] -- "%1" %*piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)========== Security Center Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"FirstRunDisabled" = 1"AntiVirusDisableNotify" = 0"FirewallDisableNotify" = 0"UpdatesDisableNotify" = 0"AntiVirusOverride" = 0"FirewallOverride" = 0[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]========== System Restore Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]"DisableSR" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]"Start" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]"Start" = 2========== Firewall Settings ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1"DoNotAllowExceptions" = 0"DisableNotifications" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009========== Authorized Applications List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)========== HKEY_LOCAL_MACHINE Uninstall List ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP"{360AC456-30DD-40AF-B206-01424888587B}" = SamsungFirmwareUpdater"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater"{4CEA6811-DFAD-4892-828D-49941FE3B779}" = Intel® PROSet for Wired Connections"{548EEA8E-8299-497F-8057-811D2D7097DC}" = Dell Support 3.1"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module"{5D1F5C2B-47C6-4297-B6C8-03E89A563CC1}" = VIPRE Antivirus"{607C1EF4-8C8D-41C4-8541-307E65D81033}" = Nero 8 Essentials"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper"{89D20029-0578-4D8D-979A-695C8D868868}" = H&R Block Deluxe + Efile 2012"{8C22F265-DE76-44D1-8A79-A71D819137DA}" = Intel® Quick Resume Technology Drivers"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system"{903CE8F7-6C7B-41E6-A1CF-3BF1176264EC}" = Intel® Viiv™"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17"{9E2514D9-DC24-4634-B348-61F3EF0F1628}" = Sound Blaster Audigy 2 ZS"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 307.83"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 307.83"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2"{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}" = VIPRE Antivirus"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem"EmeraldQFE2" = Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]"ie8" = Windows Internet Explorer 8"Intel® Quick Resume Technology" = Intel® Quick Resume Technology Drivers"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP"PROSet" = Intel® PRO Network Connections Drivers"QuickTime" = QuickTime"RealPlayer 6.0" = RealPlayer Basic"Windows Media Format Runtime" = Windows Media Format 11 runtime"Windows Media Player" = Windows Media Player 11"Windows XP Service Pack" = Windows XP Service Pack 3"WMFDist11" = Windows Media Format 11 runtime"wmp11" = Windows Media Player 11"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0========== Last 20 Event Log Errors ==========[ Application Events ]Error - 3/18/2013 11:33:01 PM | Computer Name = MAIN_COMPUTER | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: Continuously busy for more than a secondError - 3/18/2013 11:33:01 PM | Computer Name = MAIN_COMPUTER | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledEvent 18412547Error - 3/18/2013 11:33:01 PM | Computer Name = MAIN_COMPUTER | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledSPRetry 18412547Error - 3/18/2013 11:33:17 PM | Computer Name = MAIN_COMPUTER | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: Continuously busy for more than a secondError - 3/18/2013 11:33:17 PM | Computer Name = MAIN_COMPUTER | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledEvent 18428172Error - 3/18/2013 11:33:17 PM | Computer Name = MAIN_COMPUTER | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledSPRetry 18428172Error - 3/18/2013 11:33:33 PM | Computer Name = MAIN_COMPUTER | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: Continuously busy for more than a secondError - 3/18/2013 11:33:33 PM | Computer Name = MAIN_COMPUTER | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledEvent 18443828Error - 3/18/2013 11:33:33 PM | Computer Name = MAIN_COMPUTER | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledSPRetry 18443828Error - 3/22/2013 9:04:55 PM | Computer Name = MAIN_COMPUTER | Source = Application Hang | ID = 1002Description = Hanging application iTunes.exe, version 11.0.2.26, hang module hungapp, version 0.0.0.0, hang address 0x00000000.[ IntelDH Events ]Error - 3/21/2013 6:54:02 PM | Computer Name = MAIN_COMPUTER | Source = IntelQRTD | ID = 7Description = Could not attach to EL Acpi driver.Error - 3/22/2013 11:57:39 AM | Computer Name = MAIN_COMPUTER | Source = IntelQRTD | ID = 7Description = Could not attach to EL Acpi driver.Error - 3/22/2013 3:20:40 PM | Computer Name = MAIN_COMPUTER | Source = IntelQRTD | ID = 7Description = Could not attach to EL Acpi driver.Error - 3/22/2013 3:33:41 PM | Computer Name = MAIN_COMPUTER | Source = IntelQRTD | ID = 7Description = Could not attach to EL Acpi driver.Error - 3/22/2013 8:44:38 PM | Computer Name = MAIN_COMPUTER | Source = IntelQRTD | ID = 7Description = Could not attach to EL Acpi driver.Error - 3/22/2013 9:11:56 PM | Computer Name = MAIN_COMPUTER | Source = IntelQRTD | ID = 7Description = Could not attach to EL Acpi driver.Error - 3/22/2013 9:35:23 PM | Computer Name = MAIN_COMPUTER | Source = IntelQRTD | ID = 7Description = Could not attach to EL Acpi driver.Error - 3/22/2013 10:48:19 PM | Computer Name = MAIN_COMPUTER | Source = IntelQRTD | ID = 7Description = Could not attach to EL Acpi driver.Error - 3/22/2013 10:53:26 PM | Computer Name = MAIN_COMPUTER | Source = IntelQRTD | ID = 7Description = Could not attach to EL Acpi driver.Error - 3/22/2013 10:59:12 PM | Computer Name = MAIN_COMPUTER | Source = IntelQRTD | ID = 7Description = Could not attach to EL Acpi driver.[ System Events ]Error - 3/22/2013 3:36:36 PM | Computer Name = MAIN_COMPUTER | Source = Ntfs | ID = 262199Description = The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.Error - 3/22/2013 3:36:47 PM | Computer Name = MAIN_COMPUTER | Source = iastor | ID = 262153Description = The device, \Device\Ide\iaStor0, did not respond within the timeout period.Error - 3/22/2013 8:44:38 PM | Computer Name = MAIN_COMPUTER | Source = Service Control Manager | ID = 7023Description = The Intel® Quick Resume Technology Drivers service terminated with the following error: %%203Error - 3/22/2013 9:11:56 PM | Computer Name = MAIN_COMPUTER | Source = Service Control Manager | ID = 7023Description = The Intel® Quick Resume Technology Drivers service terminated with the following error: %%203Error - 3/22/2013 9:35:23 PM | Computer Name = MAIN_COMPUTER | Source = Service Control Manager | ID = 7023Description = The Intel® Quick Resume Technology Drivers service terminated with the following error: %%203Error - 3/22/2013 10:48:19 PM | Computer Name = MAIN_COMPUTER | Source = Service Control Manager | ID = 7023Description = The Intel® Quick Resume Technology Drivers service terminated with the following error: %%203Error - 3/22/2013 10:53:26 PM | Computer Name = MAIN_COMPUTER | Source = Service Control Manager | ID = 7023Description = The Intel® Quick Resume Technology Drivers service terminated with the following error: %%203Error - 3/22/2013 10:59:12 PM | Computer Name = MAIN_COMPUTER | Source = Service Control Manager | ID = 7023Description = The Intel® Quick Resume Technology Drivers service terminated with the following error: %%203Error - 3/22/2013 11:06:44 PM | Computer Name = MAIN_COMPUTER | Source = Service Control Manager | ID = 7023Description = The Intel® Quick Resume Technology Drivers service terminated with the following error: %%203Error - 3/22/2013 11:08:52 PM | Computer Name = MAIN_COMPUTER | Source = DCOM | ID = 10010Description = The server {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} did not register with DCOM within the required timeout.< End of report > Link to post Share on other sites More sharing options...
Tomk1 Posted March 23, 2013 ID:660215 Share Posted March 23, 2013 You seem to have an ACPI error. Let's see if we can remove it.Right click on your My Computer icon on your desktop and choose properties.Click on the Hardware tab and then the Device Manager button.Click on the plus sign in front of Computer and the tree should open . An entry referring to ACPI should show. Right click on it and select update driver.When the wizard opens select No. not this time and click nextSelect install from a list... and click nextSelect Don't search... and click nextYou should be presented with options. Select Standard PC and click next.The driver should update. Now reboot your system.I see you have DDS installed. Please run it and post both logs. Link to post Share on other sites More sharing options...
kgej_73 Posted March 24, 2013 Author ID:660306 Share Posted March 24, 2013 I followed your instructions to remove the ACPI error, but after I updated to the Standard PC driver I lost my home network's Internet connection and could not recover it. I did the DDS scan again and still got blue screen of death. After trying the DDS scan I ended up doing a system restore (to my PC's state on March 22, 2013) because I couldn't restore my Internet connection. Link to post Share on other sites More sharing options...
Tomk1 Posted March 24, 2013 ID:660308 Share Posted March 24, 2013 Sorry about that. So how do things stand now? Link to post Share on other sites More sharing options...
kgej_73 Posted March 24, 2013 Author ID:660322 Share Posted March 24, 2013 My Internet is back up again. The system restore point seemed to fix everything that got messed up from the driver update.Why do you think that ComboFix and DDS keep getting the blue screen of death when I try to run them? Link to post Share on other sites More sharing options...
Tomk1 Posted March 24, 2013 ID:660328 Share Posted March 24, 2013 Your error log shows that you are throwing alot of errors all related to ACPI.Let's get a new error log... but we will use a different tool to do it.download VEW by Vino Rosso http://images.malwar...om/vino/VEW.exeand save it to your desktopDouble click it to start itClick the check boxes next to Application and System located under Select log to query on the upper leftUnder Select type to list on the right click the boxes next to Error and WarningUnder Number or date of events select Number of events and type 10 in the box next to 1 to 20 and click RunOnce it finishes it will display a log file in notepadPlease copy and paste its entire contents into your next reply Link to post Share on other sites More sharing options...
kgej_73 Posted March 24, 2013 Author ID:660477 Share Posted March 24, 2013 Vino's Event Viewer v01c run on Windows XP in EnglishReport run at 24/03/2013 2:09:35 PMNote: All dates below are in the format dd/mm/yyyy~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'Application' Log - error Type~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Log: 'Application' Date/Time: 24/03/2013 1:53:39 PMType: error Category: 3Event: 3024 Source: Windows Search ServiceThe update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.Context: Application, SystemIndex CatalogLog: 'Application' Date/Time: 23/03/2013 5:00:30 PMType: error Category: 3Event: 3058 Source: Windows Search ServiceThe application cannot be initialized.Context: Windows ApplicationDetails: The content index cannot be read. (0xc0041800)Log: 'Application' Date/Time: 23/03/2013 5:00:30 PMType: error Category: 3Event: 3028 Source: Windows Search ServiceThe gatherer object cannot be initialized.Context: Windows Application, SystemIndex CatalogDetails: The content index cannot be read. (0xc0041800)Log: 'Application' Date/Time: 23/03/2013 5:00:30 PMType: error Category: 3Event: 3029 Source: Windows Search ServiceThe plug-in in <Search.TripoliIndexer> cannot be initialized.Context: Windows Application, SystemIndex CatalogDetails: The content index cannot be read. (0xc0041800)Log: 'Application' Date/Time: 23/03/2013 5:00:30 PMType: error Category: 1Event: 7040 Source: Windows Search ServiceThe search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.Context: Windows Application, SystemIndex CatalogDetails: 0xc0041801 (0xc0041801)Log: 'Application' Date/Time: 23/03/2013 1:07:28 PMType: error Category: 0Event: 100 Source: Bonjour ServiceTask Scheduling Error: m->NextScheduledSPRetry 2646875Log: 'Application' Date/Time: 23/03/2013 1:07:28 PMType: error Category: 0Event: 100 Source: Bonjour ServiceTask Scheduling Error: m->NextScheduledEvent 2646875Log: 'Application' Date/Time: 23/03/2013 1:07:28 PMType: error Category: 0Event: 100 Source: Bonjour ServiceTask Scheduling Error: Continuously busy for more than a secondLog: 'Application' Date/Time: 23/03/2013 1:07:26 PMType: error Category: 0Event: 100 Source: Bonjour ServiceTask Scheduling Error: m->NextScheduledSPRetry 2644921Log: 'Application' Date/Time: 23/03/2013 1:07:26 PMType: error Category: 0Event: 100 Source: Bonjour ServiceTask Scheduling Error: m->NextScheduledEvent 2644921~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'Application' Log - warning Type~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Log: 'Application' Date/Time: 24/03/2013 1:53:39 PMType: warning Category: 3Event: 3036 Source: Windows Search ServiceThe content source <outlookexpress://{s-1-5-21-3978688810-3690266219-1518113616-1005}/{4e3254d7-522a-412a-9296-3f4767b3a2cb}/> cannot be accessed.Context: Application, SystemIndex CatalogDetails: (0x81270005)Log: 'Application' Date/Time: 23/03/2013 5:01:56 PMType: warning Category: 1Event: 1008 Source: Windows Search ServiceThe Windows Search Service is attempting to remove the old catalog.Log: 'Application' Date/Time: 23/03/2013 5:00:30 PMType: warning Category: 1Event: 1008 Source: Windows Search ServiceThe Windows Search Service is attempting to remove the old catalog.Log: 'Application' Date/Time: 23/03/2013 4:30:21 PMType: warning Category: 0Event: 1517 Source: UserenvWindows saved user MAIN_COMPUTER\Glenn registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.Log: 'Application' Date/Time: 23/03/2013 4:25:20 PMType: warning Category: 1Event: 32068 Source: Microsoft FaxThe outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'Log: 'Application' Date/Time: 23/03/2013 4:25:20 PMType: warning Category: 1Event: 32066 Source: Microsoft FaxAt least one of the devices in the outgoing routing group is not valid. Group name: '<All devices>'Log: 'Application' Date/Time: 23/03/2013 4:25:20 PMType: warning Category: 1Event: 32026 Source: Microsoft FaxFax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.Log: 'Application' Date/Time: 22/03/2013 10:49:59 PMType: warning Category: 0Event: 1517 Source: UserenvWindows saved user MAIN_COMPUTER\Glenn registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.Log: 'Application' Date/Time: 22/03/2013 9:32:27 PMType: warning Category: 0Event: 1517 Source: UserenvWindows saved user MAIN_COMPUTER\Glenn registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.Log: 'Application' Date/Time: 21/03/2013 11:53:12 PMType: warning Category: 0Event: 1517 Source: UserenvWindows saved user MAIN_COMPUTER\Glenn registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'System' Log - error Type~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Log: 'System' Date/Time: 24/03/2013 1:53:01 PMType: error Category: 0Event: 7023 Source: Service Control ManagerThe Intel® Quick Resume Technology Drivers service terminated with the following error: The system could not find the environment option that was entered. Log: 'System' Date/Time: 23/03/2013 5:00:41 PMType: error Category: 0Event: 7024 Source: Service Control ManagerThe Windows Search service terminated with service-specific error 2147749155 (0x80040D23).Log: 'System' Date/Time: 23/03/2013 4:49:41 PMType: error Category: 0Event: 7023 Source: Service Control ManagerThe Intel® Quick Resume Technology Drivers service terminated with the following error: The system could not find the environment option that was entered. Log: 'System' Date/Time: 23/03/2013 4:40:46 PMType: error Category: 0Event: 7023 Source: Service Control ManagerThe Intel® Quick Resume Technology Drivers service terminated with the following error: The system could not find the environment option that was entered. Log: 'System' Date/Time: 23/03/2013 4:37:28 PMType: error Category: 0Event: 7023 Source: Service Control ManagerThe Intel® Quick Resume Technology Drivers service terminated with the following error: The system could not find the environment option that was entered. Log: 'System' Date/Time: 23/03/2013 4:31:34 PMType: error Category: 0Event: 7023 Source: Service Control ManagerThe Intel® Quick Resume Technology Drivers service terminated with the following error: The system could not find the environment option that was entered. Log: 'System' Date/Time: 23/03/2013 4:25:21 PMType: error Category: 0Event: 7023 Source: Service Control ManagerThe Intel® Quick Resume Technology Drivers service terminated with the following error: The system could not find the environment option that was entered. Log: 'System' Date/Time: 23/03/2013 7:46:49 AMType: error Category: 0Event: 7023 Source: Service Control ManagerThe Intel® Quick Resume Technology Drivers service terminated with the following error: The system could not find the environment option that was entered. Log: 'System' Date/Time: 22/03/2013 11:08:52 PMType: error Category: 0Event: 10010 Source: DCOMThe server {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} did not register with DCOM within the required timeout.Log: 'System' Date/Time: 22/03/2013 11:06:44 PMType: error Category: 0Event: 7023 Source: Service Control ManagerThe Intel® Quick Resume Technology Drivers service terminated with the following error: The system could not find the environment option that was entered. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'System' Log - warning Type~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Log: 'System' Date/Time: 23/03/2013 8:16:36 PMType: warning Category: 0Event: 8021 Source: BROWSERThe browser was unable to retrieve a list of servers from the browser master \\FINGOLFINS-LADY on the network \Device\NetBT_Tcpip_{39B48252-B3B4-4E20-8ED5-6C7F78E9F74A}. The data is the error code.Log: 'System' Date/Time: 23/03/2013 4:27:48 PMType: warning Category: 0Event: 256 Source: PlugPlayManagerTimed out sending notification of device interface change to window of "ModemDeviceChange"Log: 'System' Date/Time: 22/03/2013 9:07:39 PMType: warning Category: 0Event: 240 Source: Win32kA request to suspend power was denied by winlogon.exe.Log: 'System' Date/Time: 22/03/2013 3:36:47 PMType: warning Category: 0Event: 51 Source: DiskAn error was detected on device \Device\Harddisk0\D during a paging operation.Log: 'System' Date/Time: 22/03/2013 3:36:37 PMType: warning Category: 0Event: 51 Source: DiskAn error was detected on device \Device\Harddisk0\D during a paging operation.Log: 'System' Date/Time: 19/03/2013 9:51:02 PMType: warning Category: 0Event: 4226 Source: TcpipTCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.Log: 'System' Date/Time: 16/03/2013 9:41:47 PMType: warning Category: 0Event: 8021 Source: BROWSERThe browser was unable to retrieve a list of servers from the browser master \\SNAPS-LAPTOP on the network \Device\NetBT_Tcpip_{39B48252-B3B4-4E20-8ED5-6C7F78E9F74A}. The data is the error code.Log: 'System' Date/Time: 16/03/2013 3:07:16 AMType: warning Category: 2Event: 57 Source: FtdiskThe system failed to flush data to the transaction log. Corruption may occur.Log: 'System' Date/Time: 16/03/2013 3:07:16 AMType: warning Category: 2Event: 57 Source: FtdiskThe system failed to flush data to the transaction log. Corruption may occur.Log: 'System' Date/Time: 16/03/2013 3:07:16 AMType: warning Category: 2Event: 57 Source: FtdiskThe system failed to flush data to the transaction log. Corruption may occur. Link to post Share on other sites More sharing options...
Tomk1 Posted March 24, 2013 ID:660523 Share Posted March 24, 2013 kgej_73,It appears that those errors can be related to a harddrive problem or even a driver issue. I'm trying to come up with a plan. Meanwhile let's let windows check out your disk.Press the windows key (between the Ctrl and Alt key on your keypboard) and while holding it press R. This will bring up a run box.In the run box type chkdsk /r (note the space between the k and /). Windows will tell you it needs to reboot to run. Let it reboot and the utility will run on startup (takes awhile). When finished it should tell you if it found any errors. Link to post Share on other sites More sharing options...
kgej_73 Posted March 26, 2013 Author ID:661259 Share Posted March 26, 2013 I ran chkdsk /r. I don't think it found any errors. Here is the chkdsk log from Event Viewer.Checking file system on C:The type of the file system is NTFS.Cleaning up minor inconsistencies on the drive.Cleaning up 87 unused index entries from index $SII of file 0x9.Cleaning up 87 unused index entries from index $SDH of file 0x9.Cleaning up 87 unused security descriptors.CHKDSK is verifying Usn Journal...Usn Journal verification completed.CHKDSK is verifying file data (stage 4 of 5)...File data verification completed.CHKDSK is verifying free space (stage 5 of 5)...Free space verification is complete. 151332299 KB total disk space. 48863260 KB in 84614 files. 28180 KB in 7343 indexes. 0 KB in bad sectors. 199831 KB in use by the system. 65536 KB occupied by the log file. 102241028 KB available on disk. 4096 bytes in each allocation unit. 37833074 total allocation units on disk. 25560257 allocation units available on disk.Internal Info:50 6c 01 00 41 67 01 00 e2 f1 01 00 00 00 00 00 Pl..Ag..........9a 0e 00 00 02 00 00 00 01 07 00 00 00 00 00 00 ................b4 d2 2b 07 00 00 00 00 04 62 c0 51 00 00 00 00 ..+......b.Q....7e 4e 5d 0d 00 00 00 00 da 5f 26 0a 04 00 00 00 ~N]......_&.....e0 a0 40 e3 05 00 00 00 26 9d 39 58 0a 00 00 00 ..@.....&.9X....20 ef 7b a6 00 00 00 00 90 38 07 00 86 4a 01 00 .{......8...J..00 00 00 00 00 70 60 a6 0b 00 00 00 af 1c 00 00 .....p`.........Windows has finished checking your disk.Please wait while your computer restarts. Link to post Share on other sites More sharing options...
Tomk1 Posted March 26, 2013 ID:661306 Share Posted March 26, 2013 OK... Let's try another little trick.RKILLPlease download Rkill by Grinler from one of the 4 links below (if one of them does not work try another.) and save it to your desktop:Link 1Link 2In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.If nothing happens or if the tool does not run, please let me know in your next reply.Now... without rebooting your system... please attempt to run ComboFix again.If everything works as I hope... you will have an Rkill log and a ComboFix log to post to me. Link to post Share on other sites More sharing options...
Recommended Posts