mexicano2232

Members
  • Content count

    46
  • Joined

  • Last visited

About mexicano2232

  • Rank
    New Member
  1. sir I just decided to upgrade to Windows 7. There were too many problems with Vista. But thank you so much for your help. You stuck with me til the end. Thank you so much
  2. I did. I used the scan and It removed 1 trojan. but still no luck with the update. I will try to use another website for the update but could you help be with another problem? Most of my programs I have to run as adminstrator for them to work correctly. and Windows media player does not load at all
  3. i refreshed windows and it said they need to be installed so i clicked on install and i get the same error message
  4. nevermind. they did not install. it said that they did, but i refreshed windows update and they did not install
  5. the updates did install though
  6. all failed except for the 2nd one
  7. It says " You are attempting to open a file of type 'System File' (.sys)" then I click on "open with" then it says windows cannot open this file. and to Use the web service to find the correct program or to select a program from a list of installed programs
  8. Oh. I'll just copy/paste C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbt.sys c:\windows\system32\drivers\netbt.sys
  9. oh do I not copy and paste the word "copy" ?
  10. I get a window that says "Windows cannot find 'copy'. Make sure you typed the name correctly and then try again."
  11. ComboFix 12-06-15.06 - aaron's 06/15/2012 18:23:05.4.1 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1012.370 [GMT -6:00] Running from: c:\users\aaron's\Desktop\ComboFix.exe Command switches used :: c:\users\aaron's\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\drivers\netbt.sys . . . is missing!! . . --------------- FCopy --------------- . c:\windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbt.sys --> c:\windows\system32\drivers\netbt.sys . ((((((((((((((((((((((((( Files Created from 2012-05-16 to 2012-06-16 ))))))))))))))))))))))))))))))) . . 2012-06-16 00:50 . 2012-06-16 00:56 -------- d-----w- c:\users\aaron's\AppData\Local\temp 2012-06-16 00:50 . 2012-06-16 00:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-15 18:18 . 2012-06-15 18:18 -------- d-----w- c:\users\aaron's\AppData\Roaming\redsn0w 2012-06-15 17:22 . 2012-06-15 17:22 -------- d-----w- c:\users\aaron's\AppData\Local\libimobiledevice 2012-06-15 01:32 . 2012-06-15 01:32 -------- d-----w- C:\audacity_temp 2012-06-14 22:32 . 2012-06-14 22:32 -------- dc----w- c:\program files\Apple Software Update 2012-06-10 08:46 . 2012-06-14 22:28 -------- d-----w- c:\windows\system32\catroot2 2012-06-04 07:23 . 2012-06-04 07:28 -------- d-----w- c:\users\aaron's\AppData\Local\ElevatedDiagnostics 2012-05-31 01:36 . 2012-05-31 01:36 -------- d-----w- c:\users\aaron's\AppData\Roaming\Malwarebytes 2012-05-31 01:35 . 2012-05-31 01:35 -------- d-----w- c:\programdata\Malwarebytes 2012-05-31 01:35 . 2012-05-31 01:36 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-31 01:35 . 2012-04-04 21:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-31 00:36 . 2012-05-31 00:36 399264 ----a-w- c:\windows\unhide.exe 2012-05-30 23:20 . 2012-05-30 23:20 -------- d-----w- C:\found.000 2012-05-28 05:20 . 2012-05-28 05:35 -------- dc----w- c:\program files\Free Window Registry Repair 2012-05-26 04:45 . 2012-05-26 04:45 -------- d-----w- c:\programdata\PC Tools 2012-05-26 04:45 . 2012-05-26 04:45 -------- d-----w- c:\users\aaron's\AppData\Roaming\Product_PT 2012-05-26 03:54 . 2012-05-26 03:55 -------- dc----w- c:\program files\Defraggler 2012-05-26 01:46 . 2012-05-26 01:46 -------- d-----w- c:\users\aaron's\AppData\Local\VS Revo Group 2012-05-26 01:46 . 2009-12-30 17:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2012-05-26 01:46 . 2012-05-26 01:46 -------- dc----w- c:\program files\VS Revo Group 2012-05-26 01:00 . 2012-04-17 14:25 27080 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys 2012-05-25 23:55 . 2010-09-23 18:29 511328 -c--a-w- c:\program files\Common Files\Microsoft Shared\CAPICOM\CAPICOM.DLL 2012-05-25 23:45 . 2012-05-25 23:45 74703 ----a-w- c:\windows\system32\mfc45.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-05 06:11 . 2012-04-17 01:13 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-05 06:11 . 2012-01-13 21:17 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-25 18:11 . 2012-04-25 18:11 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll 2012-04-25 18:11 . 2012-04-25 18:11 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2012-04-03 08:16 . 2012-05-09 20:19 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-03 08:16 . 2012-05-09 20:19 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-02 13:36 . 2012-05-09 20:19 2044928 ----a-w- c:\windows\system32\win32k.sys 2012-03-30 12:39 . 2012-05-09 20:22 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-20 23:28 . 2012-05-09 20:22 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-06 23:15 123536 -c--a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wisdom-soft AutoScreenRecorder 3.1 Pro"="0" [X] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-01-03 9210400] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-05 150552] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-08 421776] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-05 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-05 173592] "ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-20 583016] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R3 ADASPROT;SYSTWEAKASO;c:\program files\Advanced System Optimizer 3\adasprot32.sys [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] S2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2009-04-22 110304] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2012-01-03 87968] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc hpdevmgmt REG_MULTI_SZ hpqcxs08 LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2012-06-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 06:11] . 2012-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-16 05:16] . 2012-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-16 05:16] . 2012-06-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031169062-1864207035-1914167420-1000Core.job - c:\users\aaron's\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-25 18:57] . 2012-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031169062-1864207035-1914167420-1000UA.job - c:\users\aaron's\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-25 18:57] . . ------- Supplementary Scan ------- . mStart Page = about:blank uInternet Settings,ProxyOverride = <local>;*.local uSearchURL,(Default) = hxxp://my.netzero.net/s/search?r=minisearch IE: &Clean Traces IE: &Download with &DAP IE: Download &all with DAP IE: Download all by YouTube Robot IE: Download by YouTube Robot IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html Trusted Zone: adobe.com\kb2 TCP: DhcpNameServer = 192.168.0.1 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-06-15 18:55 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\SetID\Internal] @Denied: (A 2) (LocalSystem) "DEVICE2"="vaaur8rPygA=" "DATA2"="<settings accountStatus=\"4\" oldDevice=\"\" timeDiff=\"1106312873\" expireTime=\"1309830893\" productStatus=\"1\" obSize=\"2\" InstallTS=\"1289332796\" isSubsc=\"0\" authStat_ts=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"1\" moduleId1=\"7\" moduleId2=\"10\" relType=\"1\" />" . [HKEY_USERS\S-1-5-21-4031169062-1864207035-1914167420-1000\Software\SecuROM\License information*] "datasecu"=hex:a2,07,db,f1,87,7b,e6,76,34,33,d8,56,f0,9d,a6,d8,bd,40,00,1e,dc, 22,28,34,9f,c8,10,46,ac,39,d7,ef,93,1a,1e,bb,4f,4c,cf,2c,0b,8c,b0,fd,de,f0,\ "rkeysecu"=hex:2e,94,cc,97,cf,8d,95,62,3d,19,af,1e,26,41,cb,4b . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\DRIVERS\xaudio.exe c:\windows\system32\conime.exe c:\program files\Windows Media Player\wmplayer.exe c:\program files\iPod\bin\iPodService.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Completion time: 2012-06-15 19:07:31 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-16 01:06 ComboFix2.txt 2012-06-15 22:04 ComboFix3.txt 2012-06-01 20:32 . Pre-Run: 33,004,048,384 bytes free Post-Run: 32,960,122,880 bytes free . - - End Of File - - A39907D264EED9841A682FD7505CFCCD
  12. SystemLook 30.07.11 by jpshortstuff Log created at 17:44 on 15/06/2012 by aaron's Administrator - Elevation successful ========== filefind ========== Searching for "netbt.sys" C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6000.16386_none_5e2e0665fa591691\netbt.sys --a---- 184320 bytes [08:57 02/11/2006] [08:57 02/11/2006] E3A168912E7EEFC3BD3B814720D68B41 C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6001.18000_none_6064c861f7442765\netbt.sys --a---- 184320 bytes [16:41 19/12/2008] [05:55 19/01/2008] 7C5FEE5B1C5728507CD96FB4A13E7A02 C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbt.sys --a---- 185856 bytes [18:55 12/09/2009] [04:45 11/04/2009] 70635790371DAC98714CA365AFED79C2 -= EOF =-
  13. ComboFix 12-06-15.06 - aaron's 06/15/2012 15:14:27.3.1 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1012.366 [GMT -6:00] Running from: c:\users\aaron's\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\drivers\netbt.sys . . . is missing!! . . ((((((((((((((((((((((((( Files Created from 2012-05-15 to 2012-06-15 ))))))))))))))))))))))))))))))) . . 2012-06-15 21:45 . 2012-06-15 21:50 -------- d-----w- c:\users\aaron's\AppData\Local\temp 2012-06-15 21:45 . 2012-06-15 21:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-15 18:18 . 2012-06-15 18:18 -------- d-----w- c:\users\aaron's\AppData\Roaming\redsn0w 2012-06-15 17:22 . 2012-06-15 17:22 -------- d-----w- c:\users\aaron's\AppData\Local\libimobiledevice 2012-06-15 01:32 . 2012-06-15 01:32 -------- d-----w- C:\audacity_temp 2012-06-14 22:32 . 2012-06-14 22:32 -------- dc----w- c:\program files\Apple Software Update 2012-06-10 08:46 . 2012-06-14 22:28 -------- d-----w- c:\windows\system32\catroot2 2012-06-04 07:23 . 2012-06-04 07:28 -------- d-----w- c:\users\aaron's\AppData\Local\ElevatedDiagnostics 2012-05-31 01:36 . 2012-05-31 01:36 -------- d-----w- c:\users\aaron's\AppData\Roaming\Malwarebytes 2012-05-31 01:35 . 2012-05-31 01:35 -------- d-----w- c:\programdata\Malwarebytes 2012-05-31 01:35 . 2012-05-31 01:36 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-31 01:35 . 2012-04-04 21:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-31 00:36 . 2012-05-31 00:36 399264 ----a-w- c:\windows\unhide.exe 2012-05-30 23:20 . 2012-05-30 23:20 -------- d-----w- C:\found.000 2012-05-28 05:20 . 2012-05-28 05:35 -------- dc----w- c:\program files\Free Window Registry Repair 2012-05-26 04:45 . 2012-05-26 04:45 -------- d-----w- c:\programdata\PC Tools 2012-05-26 04:45 . 2012-05-26 04:45 -------- d-----w- c:\users\aaron's\AppData\Roaming\Product_PT 2012-05-26 03:54 . 2012-05-26 03:55 -------- dc----w- c:\program files\Defraggler 2012-05-26 01:46 . 2012-05-26 01:46 -------- d-----w- c:\users\aaron's\AppData\Local\VS Revo Group 2012-05-26 01:46 . 2009-12-30 17:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2012-05-26 01:46 . 2012-05-26 01:46 -------- dc----w- c:\program files\VS Revo Group 2012-05-26 01:00 . 2012-04-17 14:25 27080 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys 2012-05-25 23:55 . 2010-09-23 18:29 511328 -c--a-w- c:\program files\Common Files\Microsoft Shared\CAPICOM\CAPICOM.DLL 2012-05-25 23:45 . 2012-05-25 23:45 74703 ----a-w- c:\windows\system32\mfc45.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-05 06:11 . 2012-04-17 01:13 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-05 06:11 . 2012-01-13 21:17 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-25 18:11 . 2012-04-25 18:11 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll 2012-04-25 18:11 . 2012-04-25 18:11 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2012-04-03 08:16 . 2012-05-09 20:19 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-03 08:16 . 2012-05-09 20:19 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-02 13:36 . 2012-05-09 20:19 2044928 ----a-w- c:\windows\system32\win32k.sys 2012-03-30 12:39 . 2012-05-09 20:22 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-20 23:28 . 2012-05-09 20:22 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-06 23:15 123536 -c--a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wisdom-soft AutoScreenRecorder 3.1 Pro"="0" [X] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-01-03 9210400] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-05 150552] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-08 421776] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-05 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-05 173592] "ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-20 583016] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R3 ADASPROT;SYSTWEAKASO;c:\program files\Advanced System Optimizer 3\adasprot32.sys [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] S2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2009-04-22 110304] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2012-01-03 87968] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc hpdevmgmt REG_MULTI_SZ hpqcxs08 LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2012-06-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 06:11] . 2012-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-16 05:16] . 2012-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-16 05:16] . 2012-06-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031169062-1864207035-1914167420-1000Core.job - c:\users\aaron's\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-25 18:57] . 2012-06-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031169062-1864207035-1914167420-1000UA.job - c:\users\aaron's\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-25 18:57] . . ------- Supplementary Scan ------- . mStart Page = about:blank uInternet Settings,ProxyOverride = <local>;*.local uSearchURL,(Default) = hxxp://my.netzero.net/s/search?r=minisearch IE: &Clean Traces IE: &Download with &DAP IE: Download &all with DAP IE: Download all by YouTube Robot IE: Download by YouTube Robot IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html Trusted Zone: adobe.com\kb2 TCP: DhcpNameServer = 192.168.0.1 . . ------- File Associations ------- . JSEFile=NOTEPAD.EXE %1 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-06-15 15:50 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\SetID\Internal] @Denied: (A 2) (LocalSystem) "DEVICE2"="vaaur8rPygA=" "DATA2"="<settings accountStatus=\"4\" oldDevice=\"\" timeDiff=\"1106312873\" expireTime=\"1309830893\" productStatus=\"1\" obSize=\"2\" InstallTS=\"1289332796\" isSubsc=\"0\" authStat_ts=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"1\" moduleId1=\"7\" moduleId2=\"10\" relType=\"1\" />" . [HKEY_USERS\S-1-5-21-4031169062-1864207035-1914167420-1000\Software\SecuROM\License information*] "datasecu"=hex:a2,07,db,f1,87,7b,e6,76,34,33,d8,56,f0,9d,a6,d8,bd,40,00,1e,dc, 22,28,34,9f,c8,10,46,ac,39,d7,ef,93,1a,1e,bb,4f,4c,cf,2c,0b,8c,b0,fd,de,f0,\ "rkeysecu"=hex:2e,94,cc,97,cf,8d,95,62,3d,19,af,1e,26,41,cb,4b . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\DRIVERS\xaudio.exe c:\windows\system32\conime.exe c:\program files\Windows Media Player\wmplayer.exe c:\program files\iPod\bin\iPodService.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\system32\RacAgent.exe c:\windows\system32\lpremove.exe . ************************************************************************** . Completion time: 2012-06-15 16:04:08 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-15 22:02 ComboFix2.txt 2012-06-01 20:32 . Pre-Run: 32,107,421,696 bytes free Post-Run: 33,018,576,896 bytes free . - - End Of File - - 4915FD97B7EEBCB432167A380CD08573
  14. 14:37:18.0592 4832 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31 14:37:19.0337 4832 ============================================================ 14:37:19.0337 4832 Current date / time: 2012/06/15 14:37:19.0337 14:37:19.0338 4832 SystemInfo: 14:37:19.0338 4832 14:37:19.0338 4832 OS Version: 6.0.6002 ServicePack: 2.0 14:37:19.0338 4832 Product type: Workstation 14:37:19.0338 4832 ComputerName: MEZA-PC 14:37:19.0338 4832 UserName: aaron's 14:37:19.0338 4832 Windows directory: C:\Windows 14:37:19.0338 4832 System windows directory: C:\Windows 14:37:19.0338 4832 Processor architecture: Intel x86 14:37:19.0338 4832 Number of processors: 1 14:37:19.0338 4832 Page size: 0x1000 14:37:19.0338 4832 Boot type: Normal boot 14:37:19.0338 4832 ============================================================ 14:37:21.0592 4832 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 14:37:21.0679 4832 Drive \Device\Harddisk5\DR5 - Size: 0x3C8C0000 (0.95 Gb), SectorSize: 0x200, Cylinders: 0x7B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 14:37:21.0685 4832 ============================================================ 14:37:21.0685 4832 \Device\Harddisk0\DR0: 14:37:21.0685 4832 MBR partitions: 14:37:21.0685 4832 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000 14:37:21.0685 4832 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x115ED000 14:37:21.0685 4832 \Device\Harddisk5\DR5: 14:37:21.0691 4832 MBR partitions: 14:37:21.0691 4832 \Device\Harddisk5\DR5\Partition0: MBR, Type 0x6, StartLBA 0xF9, BlocksNum 0x1E4407 14:37:21.0691 4832 ============================================================ 14:37:21.0834 4832 C: <-> \Device\Harddisk0\DR0\Partition1 14:37:21.0997 4832 D: <-> \Device\Harddisk0\DR0\Partition0 14:37:21.0998 4832 ============================================================ 14:37:21.0998 4832 Initialize success 14:37:21.0998 4832 ============================================================ 14:38:00.0600 4252 ============================================================ 14:38:00.0600 4252 Scan started 14:38:00.0600 4252 Mode: Manual; SigCheck; TDLFS; 14:38:00.0600 4252 ============================================================ 14:38:03.0906 4252 ACEDRV09 (ec818aed40e3359fe49ddb1700151e56) C:\Windows\system32\drivers\ACEDRV09.sys 14:38:04.0203 4252 ACEDRV09 - ok 14:38:04.0293 4252 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 14:38:04.0328 4252 ACPI - ok 14:38:04.0377 4252 ADASPROT - ok 14:38:04.0455 4252 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 14:38:04.0495 4252 AdobeFlashPlayerUpdateSvc - ok 14:38:04.0537 4252 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 14:38:04.0576 4252 adp94xx - ok 14:38:04.0610 4252 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 14:38:04.0648 4252 adpahci - ok 14:38:04.0671 4252 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 14:38:04.0696 4252 adpu160m - ok 14:38:04.0737 4252 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 14:38:04.0768 4252 adpu320 - ok 14:38:04.0802 4252 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll 14:38:05.0311 4252 AeLookupSvc - ok 14:38:05.0395 4252 AERTFilters (a6ce73469591554279da63be715dbc93) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe 14:38:05.0415 4252 AERTFilters - ok 14:38:05.0448 4252 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys 14:38:05.0467 4252 Afc - ok 14:38:05.0509 4252 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 14:38:05.0714 4252 AFD - ok 14:38:05.0849 4252 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys 14:38:05.0873 4252 agp440 - ok 14:38:06.0334 4252 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 14:38:06.0501 4252 aic78xx - ok 14:38:06.0567 4252 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe 14:38:06.0935 4252 ALG - ok 14:38:06.0976 4252 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys 14:38:06.0996 4252 aliide - ok 14:38:07.0024 4252 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys 14:38:07.0048 4252 amdagp - ok 14:38:07.0057 4252 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys 14:38:07.0083 4252 amdide - ok 14:38:07.0115 4252 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 14:38:07.0298 4252 AmdK7 - ok 14:38:07.0325 4252 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 14:38:07.0422 4252 AmdK8 - ok 14:38:07.0506 4252 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll 14:38:07.0652 4252 Appinfo - ok 14:38:07.0842 4252 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:38:07.0864 4252 Apple Mobile Device - ok 14:38:07.0921 4252 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 14:38:07.0944 4252 arc - ok 14:38:07.0983 4252 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 14:38:08.0005 4252 arcsas - ok 14:38:08.0142 4252 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\Windows\system32\drivers\aswFsBlk.sys 14:38:08.0201 4252 aswFsBlk - ok 14:38:08.0257 4252 aswMonFlt (6693141560b1615d8dccf0d8eb00087e) C:\Windows\system32\drivers\aswMonFlt.sys 14:38:08.0276 4252 aswMonFlt - ok 14:38:08.0290 4252 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\Windows\system32\drivers\aswRdr.sys 14:38:08.0312 4252 aswRdr - ok 14:38:08.0369 4252 aswSnx (dcb199b967375753b5019ec15f008f53) C:\Windows\system32\drivers\aswSnx.sys 14:38:08.0436 4252 aswSnx - ok 14:38:08.0493 4252 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\Windows\system32\drivers\aswSP.sys 14:38:08.0530 4252 aswSP - ok 14:38:08.0569 4252 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\Windows\system32\drivers\aswTdi.sys 14:38:08.0588 4252 aswTdi - ok 14:38:08.0644 4252 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 14:38:08.0730 4252 AsyncMac - ok 14:38:08.0788 4252 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 14:38:08.0808 4252 atapi - ok 14:38:08.0874 4252 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 14:38:08.0924 4252 AudioEndpointBuilder - ok 14:38:08.0932 4252 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 14:38:08.0975 4252 Audiosrv - ok 14:38:09.0064 4252 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 14:38:09.0083 4252 avast! Antivirus - ok 14:38:09.0137 4252 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 14:38:09.0205 4252 Beep - ok 14:38:09.0448 4252 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll 14:38:09.0520 4252 BFE - ok 14:38:09.0659 4252 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll 14:38:09.0760 4252 BITS - ok 14:38:09.0805 4252 blbdrive - ok 14:38:09.0958 4252 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 14:38:10.0024 4252 Bonjour Service - ok 14:38:10.0062 4252 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 14:38:10.0168 4252 bowser - ok 14:38:10.0192 4252 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 14:38:10.0243 4252 BrFiltLo - ok 14:38:10.0264 4252 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 14:38:10.0307 4252 BrFiltUp - ok 14:38:10.0358 4252 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll 14:38:10.0411 4252 Browser - ok 14:38:10.0588 4252 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 14:38:10.0697 4252 Brserid - ok 14:38:10.0727 4252 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 14:38:10.0814 4252 BrSerWdm - ok 14:38:10.0843 4252 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 14:38:10.0931 4252 BrUsbMdm - ok 14:38:10.0952 4252 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 14:38:11.0028 4252 BrUsbSer - ok 14:38:11.0064 4252 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 14:38:11.0142 4252 BTHMODEM - ok 14:38:11.0152 4252 catchme - ok 14:38:11.0250 4252 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 14:38:11.0337 4252 cdfs - ok 14:38:11.0381 4252 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 14:38:11.0453 4252 cdrom - ok 14:38:11.0503 4252 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 14:38:11.0548 4252 CertPropSvc - ok 14:38:11.0575 4252 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 14:38:11.0663 4252 circlass - ok 14:38:11.0796 4252 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 14:38:11.0830 4252 CLFS - ok 14:38:11.0927 4252 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:38:12.0037 4252 clr_optimization_v2.0.50727_32 - ok 14:38:12.0127 4252 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:38:12.0292 4252 clr_optimization_v4.0.30319_32 - ok 14:38:12.0312 4252 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys 14:38:12.0335 4252 cmdide - ok 14:38:12.0365 4252 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys 14:38:12.0386 4252 Compbatt - ok 14:38:12.0393 4252 COMSysApp - ok 14:38:12.0425 4252 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 14:38:12.0444 4252 crcdisk - ok 14:38:12.0467 4252 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 14:38:12.0560 4252 Crusoe - ok 14:38:12.0618 4252 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll 14:38:12.0654 4252 CryptSvc - ok 14:38:12.0727 4252 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 14:38:12.0796 4252 DcomLaunch - ok 14:38:12.0945 4252 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 14:38:13.0018 4252 DfsC - ok 14:38:13.0151 4252 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe 14:38:13.0606 4252 DFSR - ok 14:38:13.0763 4252 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll 14:38:13.0823 4252 Dhcp - ok 14:38:13.0903 4252 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 14:38:13.0926 4252 disk - ok 14:38:13.0980 4252 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll 14:38:14.0063 4252 Dnscache - ok 14:38:14.0122 4252 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll 14:38:14.0186 4252 dot3svc - ok 14:38:14.0234 4252 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll 14:38:14.0317 4252 DPS - ok 14:38:14.0358 4252 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 14:38:14.0390 4252 drmkaud - ok 14:38:14.0452 4252 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 14:38:14.0504 4252 DXGKrnl - ok 14:38:14.0739 4252 e1express (422ca8361d33da819976b428b9c8e560) C:\Windows\system32\DRIVERS\e1e6032.sys 14:38:14.0771 4252 e1express - ok 14:38:14.0812 4252 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 14:38:14.0898 4252 E1G60 - ok 14:38:14.0950 4252 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll 14:38:15.0000 4252 EapHost - ok 14:38:15.0112 4252 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 14:38:15.0139 4252 Ecache - ok 14:38:15.0191 4252 ElRawDisk (e00cdaed2c0dbdc60c6e5d000dee01e9) C:\Windows\system32\drivers\ElRawDsk.sys 14:38:15.0212 4252 ElRawDisk - ok 14:38:15.0280 4252 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 14:38:15.0312 4252 elxstor - ok 14:38:15.0390 4252 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll 14:38:15.0505 4252 EMDMgmt - ok 14:38:15.0748 4252 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll 14:38:15.0834 4252 EventSystem - ok 14:38:15.0948 4252 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 14:38:16.0049 4252 exfat - ok 14:38:16.0102 4252 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 14:38:16.0163 4252 fastfat - ok 14:38:16.0213 4252 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 14:38:16.0263 4252 fdc - ok 14:38:16.0347 4252 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll 14:38:16.0417 4252 fdPHost - ok 14:38:16.0596 4252 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll 14:38:16.0696 4252 FDResPub - ok 14:38:16.0744 4252 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 14:38:16.0766 4252 FileInfo - ok 14:38:16.0818 4252 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 14:38:16.0875 4252 Filetrace - ok 14:38:16.0906 4252 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 14:38:16.0980 4252 flpydisk - ok 14:38:17.0038 4252 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 14:38:17.0114 4252 FltMgr - ok 14:38:17.0200 4252 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll 14:38:17.0366 4252 FontCache - ok 14:38:17.0489 4252 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 14:38:17.0510 4252 FontCache3.0.0.0 - ok 14:38:17.0563 4252 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys 14:38:17.0671 4252 Fs_Rec - ok 14:38:17.0701 4252 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 14:38:17.0722 4252 gagp30kx - ok 14:38:17.0796 4252 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll 14:38:17.0852 4252 gpsvc - ok 14:38:17.0967 4252 gupdate1c9ee41abc7afe7 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 14:38:17.0995 4252 gupdate1c9ee41abc7afe7 - ok 14:38:18.0001 4252 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 14:38:18.0025 4252 gupdatem - ok 14:38:18.0386 4252 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 14:38:18.0452 4252 HDAudBus - ok 14:38:18.0496 4252 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 14:38:18.0576 4252 HidBth - ok 14:38:18.0601 4252 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 14:38:18.0692 4252 HidIr - ok 14:38:18.0753 4252 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll 14:38:18.0881 4252 hidserv - ok 14:38:18.0928 4252 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 14:38:18.0961 4252 HidUsb - ok 14:38:19.0010 4252 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll 14:38:19.0065 4252 hkmsvc - ok 14:38:19.0167 4252 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 14:38:19.0187 4252 HpCISSs - ok 14:38:19.0278 4252 hpqcxs08 (f50f7984fdd151edd8a70a8dbd9e2a44) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 14:38:19.0312 4252 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 14:38:19.0312 4252 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 14:38:19.0417 4252 HSF_DPV (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys 14:38:19.0551 4252 HSF_DPV - ok 14:38:19.0603 4252 HSXHWBS2 (fe440536bd98af772130dc3a6fe1915f) C:\Windows\system32\DRIVERS\HSXHWBS2.sys 14:38:19.0645 4252 HSXHWBS2 - ok 14:38:19.0716 4252 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys 14:38:19.0826 4252 HTTP - ok 14:38:19.0873 4252 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 14:38:19.0907 4252 i2omp - ok 14:38:20.0027 4252 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 14:38:20.0081 4252 i8042prt - ok 14:38:20.0281 4252 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys 14:38:20.0332 4252 iaStor - ok 14:38:20.0385 4252 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 14:38:20.0431 4252 iaStorV - ok 14:38:20.0612 4252 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 14:38:20.0681 4252 idsvc - ok 14:38:21.0001 4252 igfx (a9221d13d8f1f772010ee293ba9baeb7) C:\Windows\system32\DRIVERS\igdkmd32.sys 14:38:21.0432 4252 igfx - ok 14:38:21.0572 4252 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 14:38:21.0596 4252 iirsp - ok 14:38:21.0727 4252 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll 14:38:21.0798 4252 IKEEXT - ok 14:38:21.0961 4252 IntcAzAudAddService (f42f2f88017a2e2b6f783acef6c2c149) C:\Windows\system32\drivers\RTKVHDA.sys 14:38:22.0266 4252 IntcAzAudAddService - ok 14:38:22.0447 4252 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys 14:38:22.0468 4252 intelide - ok 14:38:22.0621 4252 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 14:38:22.0703 4252 intelppm - ok 14:38:22.0770 4252 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll 14:38:22.0833 4252 IPBusEnum - ok 14:38:22.0886 4252 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:38:22.0939 4252 IpFilterDriver - ok 14:38:23.0015 4252 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll 14:38:23.0122 4252 iphlpsvc - ok 14:38:23.0134 4252 IpInIp - ok 14:38:23.0169 4252 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 14:38:23.0250 4252 IPMIDRV - ok 14:38:23.0362 4252 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 14:38:23.0413 4252 IPNAT - ok 14:38:23.0530 4252 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe 14:38:23.0601 4252 iPod Service - ok 14:38:23.0663 4252 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 14:38:23.0701 4252 IRENUM - ok 14:38:23.0747 4252 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys 14:38:23.0768 4252 isapnp - ok 14:38:23.0893 4252 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 14:38:23.0928 4252 iScsiPrt - ok 14:38:23.0956 4252 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 14:38:23.0979 4252 iteatapi - ok 14:38:23.0999 4252 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 14:38:24.0027 4252 iteraid - ok 14:38:24.0100 4252 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 14:38:24.0123 4252 kbdclass - ok 14:38:24.0184 4252 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 14:38:24.0222 4252 kbdhid - ok 14:38:24.0279 4252 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 14:38:24.0376 4252 KeyIso - ok 14:38:24.0406 4252 kl1 (6512f37e1b52531bfd8d65fa95b6ee63) C:\Windows\system32\DRIVERS\kl1.sys 14:38:24.0437 4252 kl1 - ok 14:38:24.0530 4252 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys 14:38:24.0567 4252 KSecDD - ok 14:38:24.0649 4252 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll 14:38:24.0727 4252 KtmRm - ok 14:38:24.0791 4252 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll 14:38:24.0888 4252 LanmanServer - ok 14:38:25.0031 4252 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll 14:38:25.0113 4252 LanmanWorkstation - ok 14:38:25.0209 4252 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 14:38:25.0248 4252 lltdio - ok 14:38:25.0328 4252 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll 14:38:25.0394 4252 lltdsvc - ok 14:38:25.0434 4252 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll 14:38:25.0521 4252 lmhosts - ok 14:38:25.0567 4252 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 14:38:25.0605 4252 LSI_FC - ok 14:38:25.0627 4252 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 14:38:25.0649 4252 LSI_SAS - ok 14:38:25.0667 4252 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 14:38:25.0692 4252 LSI_SCSI - ok 14:38:25.0766 4252 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 14:38:25.0829 4252 luafv - ok 14:38:25.0843 4252 MCSTRM - ok 14:38:25.0881 4252 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys 14:38:25.0946 4252 mdmxsdk - ok 14:38:25.0994 4252 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 14:38:26.0014 4252 megasas - ok 14:38:26.0126 4252 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 14:38:26.0184 4252 MMCSS - ok 14:38:26.0237 4252 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 14:38:26.0289 4252 Modem - ok 14:38:26.0347 4252 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 14:38:26.0403 4252 monitor - ok 14:38:26.0458 4252 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 14:38:26.0479 4252 mouclass - ok 14:38:26.0532 4252 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 14:38:26.0614 4252 mouhid - ok 14:38:26.0682 4252 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 14:38:26.0704 4252 MountMgr - ok 14:38:26.0744 4252 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 14:38:26.0766 4252 mpio - ok 14:38:26.0837 4252 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 14:38:26.0869 4252 mpsdrv - ok 14:38:26.0966 4252 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll 14:38:27.0065 4252 MpsSvc - ok 14:38:27.0110 4252 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 14:38:27.0130 4252 Mraid35x - ok 14:38:27.0237 4252 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 14:38:27.0297 4252 MRxDAV - ok 14:38:27.0358 4252 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:38:27.0469 4252 mrxsmb - ok 14:38:27.0532 4252 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:38:27.0587 4252 mrxsmb10 - ok 14:38:27.0642 4252 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:38:27.0677 4252 mrxsmb20 - ok 14:38:27.0708 4252 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys 14:38:27.0730 4252 msahci - ok 14:38:27.0767 4252 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 14:38:27.0790 4252 msdsm - ok 14:38:27.0852 4252 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe 14:38:27.0915 4252 MSDTC - ok 14:38:27.0991 4252 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 14:38:28.0043 4252 Msfs - ok 14:38:28.0165 4252 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 14:38:28.0214 4252 msisadrv - ok 14:38:28.0340 4252 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll 14:38:28.0424 4252 MSiSCSI - ok 14:38:28.0440 4252 msiserver - ok 14:38:28.0502 4252 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 14:38:28.0550 4252 MSKSSRV - ok 14:38:28.0588 4252 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 14:38:28.0645 4252 MSPCLOCK - ok 14:38:28.0662 4252 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 14:38:28.0702 4252 MSPQM - ok 14:38:28.0766 4252 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 14:38:28.0801 4252 MsRPC - ok 14:38:29.0011 4252 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 14:38:29.0042 4252 mssmbios - ok 14:38:29.0125 4252 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 14:38:29.0180 4252 MSTEE - ok 14:38:29.0438 4252 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 14:38:29.0543 4252 Mup - ok 14:38:29.0790 4252 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll 14:38:29.0853 4252 napagent - ok 14:38:29.0912 4252 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 14:38:29.0949 4252 NativeWifiP - ok 14:38:30.0035 4252 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 14:38:30.0148 4252 NDIS - ok 14:38:30.0211 4252 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 14:38:30.0262 4252 NdisTapi - ok 14:38:30.0426 4252 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 14:38:30.0479 4252 Ndisuio - ok 14:38:30.0540 4252 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 14:38:30.0596 4252 NdisWan - ok 14:38:30.0655 4252 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 14:38:30.0702 4252 NDProxy - ok 14:38:30.0766 4252 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 14:38:30.0829 4252 NetBIOS - ok 14:38:30.0892 4252 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 14:38:30.0917 4252 Netlogon - ok 14:38:30.0987 4252 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll 14:38:31.0061 4252 Netman - ok 14:38:31.0132 4252 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll 14:38:31.0197 4252 netprofm - ok 14:38:31.0338 4252 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:38:31.0420 4252 NetTcpPortSharing - ok 14:38:31.0724 4252 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 14:38:31.0772 4252 nfrd960 - ok 14:38:31.0903 4252 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll 14:38:31.0980 4252 NlaSvc - ok 14:38:32.0027 4252 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 14:38:32.0073 4252 Npfs - ok 14:38:32.0133 4252 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll 14:38:32.0177 4252 nsi - ok 14:38:32.0237 4252 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 14:38:32.0300 4252 nsiproxy - ok 14:38:32.0440 4252 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 14:38:32.0527 4252 Ntfs - ok 14:38:32.0677 4252 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 14:38:32.0755 4252 ntrigdigi - ok 14:38:32.0810 4252 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 14:38:32.0861 4252 Null - ok 14:38:32.0938 4252 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 14:38:32.0963 4252 nvraid - ok 14:38:32.0989 4252 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 14:38:33.0009 4252 nvstor - ok 14:38:33.0137 4252 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys 14:38:33.0159 4252 nv_agp - ok 14:38:33.0172 4252 NwlnkFlt - ok 14:38:33.0187 4252 NwlnkFwd - ok 14:38:33.0398 4252 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 14:38:33.0456 4252 odserv - ok 14:38:33.0508 4252 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 14:38:33.0600 4252 ohci1394 - ok 14:38:33.0673 4252 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:38:33.0703 4252 ose - ok 14:38:33.0797 4252 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 14:38:33.0930 4252 p2pimsvc - ok 14:38:33.0947 4252 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 14:38:33.0987 4252 p2psvc - ok 14:38:34.0034 4252 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 14:38:34.0111 4252 Parport - ok 14:38:34.0231 4252 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys 14:38:34.0300 4252 partmgr - ok 14:38:34.0393 4252 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 14:38:34.0478 4252 Parvdm - ok 14:38:34.0537 4252 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll 14:38:34.0632 4252 PcaSvc - ok 14:38:34.0693 4252 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 14:38:34.0719 4252 pci - ok 14:38:34.0774 4252 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 14:38:34.0796 4252 pciide - ok 14:38:34.0819 4252 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 14:38:34.0874 4252 pcmcia - ok 14:38:34.0923 4252 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys 14:38:34.0995 4252 pcouffin - ok 14:38:35.0055 4252 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 14:38:35.0165 4252 PEAUTH - ok 14:38:35.0307 4252 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll 14:38:35.0438 4252 pla - ok 14:38:35.0697 4252 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll 14:38:35.0779 4252 PlugPlay - ok 14:38:35.0861 4252 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 14:38:35.0901 4252 PNRPAutoReg - ok 14:38:35.0940 4252 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 14:38:35.0997 4252 PNRPsvc - ok 14:38:36.0066 4252 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll 14:38:36.0137 4252 PolicyAgent - ok 14:38:36.0235 4252 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 14:38:36.0284 4252 PptpMiniport - ok 14:38:36.0329 4252 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 14:38:36.0400 4252 Processor - ok 14:38:36.0468 4252 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll 14:38:36.0650 4252 ProfSvc - ok 14:38:36.0706 4252 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 14:38:36.0746 4252 ProtectedStorage - ok 14:38:36.0801 4252 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 14:38:36.0847 4252 PSched - ok 14:38:36.0889 4252 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys 14:38:36.0907 4252 PxHelp20 - ok 14:38:36.0966 4252 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 14:38:37.0026 4252 ql2300 - ok 14:38:37.0142 4252 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 14:38:37.0174 4252 ql40xx - ok 14:38:37.0244 4252 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll 14:38:37.0286 4252 QWAVE - ok 14:38:37.0347 4252 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 14:38:37.0386 4252 QWAVEdrv - ok 14:38:37.0514 4252 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys 14:38:37.0666 4252 R300 - ok 14:38:37.0910 4252 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 14:38:37.0948 4252 RasAcd - ok 14:38:38.0012 4252 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll 14:38:38.0084 4252 RasAuto - ok 14:38:38.0224 4252 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:38:38.0274 4252 Rasl2tp - ok 14:38:38.0361 4252 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll 14:38:38.0436 4252 RasMan - ok 14:38:38.0511 4252 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 14:38:38.0543 4252 RasPppoe - ok 14:38:38.0611 4252 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 14:38:38.0647 4252 RasSstp - ok 14:38:38.0717 4252 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 14:38:38.0778 4252 rdbss - ok 14:38:38.0863 4252 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:38:38.0927 4252 RDPCDD - ok 14:38:38.0985 4252 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys 14:38:39.0049 4252 rdpdr - ok 14:38:39.0080 4252 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 14:38:39.0119 4252 RDPENCDD - ok 14:38:39.0188 4252 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys 14:38:39.0291 4252 RDPWD - ok 14:38:39.0396 4252 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll 14:38:39.0440 4252 RemoteAccess - ok 14:38:39.0507 4252 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll 14:38:39.0553 4252 RemoteRegistry - ok 14:38:39.0588 4252 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys 14:38:39.0611 4252 Revoflt - ok 14:38:39.0677 4252 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe 14:38:39.0826 4252 RpcLocator - ok 14:38:39.0919 4252 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 14:38:40.0037 4252 RpcSs - ok 14:38:40.0097 4252 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 14:38:40.0136 4252 rspndr - ok 14:38:40.0187 4252 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 14:38:40.0212 4252 SamSs - ok 14:38:40.0289 4252 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 14:38:40.0310 4252 sbp2port - ok 14:38:40.0373 4252 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll 14:38:40.0420 4252 SCardSvr - ok 14:38:40.0557 4252 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll 14:38:40.0766 4252 Schedule - ok 14:38:40.0838 4252 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 14:38:40.0870 4252 SCPolicySvc - ok 14:38:40.0981 4252 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll 14:38:41.0223 4252 SDRSVC - ok 14:38:41.0255 4252 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 14:38:41.0338 4252 secdrv - ok 14:38:41.0390 4252 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll 14:38:41.0432 4252 seclogon - ok 14:38:41.0484 4252 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll 14:38:41.0536 4252 SENS - ok 14:38:41.0563 4252 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 14:38:41.0644 4252 Serenum - ok 14:38:41.0684 4252 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 14:38:41.0751 4252 Serial - ok 14:38:41.0809 4252 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 14:38:41.0848 4252 sermouse - ok 14:38:41.0934 4252 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll 14:38:41.0999 4252 SessionEnv - ok 14:38:42.0037 4252 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys 14:38:42.0094 4252 sffdisk - ok 14:38:42.0122 4252 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys 14:38:42.0166 4252 sffp_mmc - ok 14:38:42.0305 4252 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys 14:38:42.0334 4252 sffp_sd - ok 14:38:42.0378 4252 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 14:38:42.0458 4252 sfloppy - ok 14:38:42.0514 4252 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll 14:38:42.0586 4252 SharedAccess - ok 14:38:42.0661 4252 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll 14:38:42.0807 4252 ShellHWDetection - ok 14:38:42.0850 4252 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys 14:38:42.0873 4252 sisagp - ok 14:38:42.0895 4252 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 14:38:42.0918 4252 SiSRaid2 - ok 14:38:42.0977 4252 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 14:38:42.0999 4252 SiSRaid4 - ok 14:38:43.0297 4252 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe 14:38:43.0646 4252 slsvc - ok 14:38:43.0822 4252 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll 14:38:43.0870 4252 SLUINotify - ok 14:38:43.0957 4252 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 14:38:44.0005 4252 Smb - ok 14:38:44.0064 4252 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe 14:38:44.0121 4252 SNMPTRAP - ok 14:38:44.0192 4252 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 14:38:44.0213 4252 spldr - ok 14:38:44.0279 4252 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe 14:38:44.0379 4252 Spooler - ok 14:38:44.0416 4252 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 14:38:44.0497 4252 srv - ok 14:38:44.0539 4252 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 14:38:44.0589 4252 srv2 - ok 14:38:44.0621 4252 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 14:38:44.0666 4252 srvnet - ok 14:38:44.0729 4252 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll 14:38:44.0800 4252 SSDPSRV - ok 14:38:44.0863 4252 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll 14:38:44.0910 4252 SstpSvc - ok 14:38:45.0086 4252 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll 14:38:45.0164 4252 stisvc - ok 14:38:45.0242 4252 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 14:38:45.0262 4252 swenum - ok 14:38:45.0335 4252 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll 14:38:45.0408 4252 swprv - ok 14:38:45.0459 4252 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 14:38:45.0488 4252 Symc8xx - ok 14:38:45.0522 4252 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 14:38:45.0551 4252 Sym_hi - ok 14:38:45.0585 4252 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 14:38:45.0608 4252 Sym_u3 - ok 14:38:45.0706 4252 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll 14:38:45.0827 4252 SysMain - ok 14:38:45.0867 4252 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll 14:38:45.0949 4252 TabletInputService - ok 14:38:46.0062 4252 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll 14:38:46.0131 4252 TapiSrv - ok 14:38:46.0252 4252 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll 14:38:46.0305 4252 TBS - ok 14:38:46.0458 4252 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys 14:38:46.0520 4252 Tcpip - ok 14:38:46.0545 4252 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys 14:38:46.0593 4252 Tcpip6 - ok 14:38:46.0649 4252 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 14:38:46.0842 4252 tcpipreg - ok 14:38:46.0906 4252 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 14:38:46.0961 4252 TDPIPE - ok 14:38:47.0018 4252 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 14:38:47.0118 4252 TDTCP - ok 14:38:47.0179 4252 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 14:38:47.0222 4252 tdx - ok 14:38:47.0286 4252 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 14:38:47.0309 4252 TermDD - ok 14:38:47.0383 4252 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll 14:38:47.0453 4252 TermService - ok 14:38:47.0525 4252 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll 14:38:47.0570 4252 Themes - ok 14:38:47.0632 4252 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 14:38:47.0674 4252 THREADORDER - ok 14:38:47.0791 4252 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll 14:38:47.0841 4252 TrkWks - ok 14:38:47.0926 4252 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe 14:38:47.0959 4252 TrustedInstaller - ok 14:38:48.0035 4252 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:38:48.0089 4252 tssecsrv - ok 14:38:48.0180 4252 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 14:38:48.0308 4252 tunmp - ok 14:38:48.0352 4252 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 14:38:48.0376 4252 tunnel - ok 14:38:48.0416 4252 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 14:38:48.0436 4252 uagp35 - ok 14:38:48.0505 4252 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 14:38:48.0569 4252 udfs - ok 14:38:48.0645 4252 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe 14:38:48.0689 4252 UI0Detect - ok 14:38:48.0742 4252 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys 14:38:48.0774 4252 uliagpkx - ok 14:38:48.0820 4252 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 14:38:48.0852 4252 uliahci - ok 14:38:48.0882 4252 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 14:38:48.0914 4252 UlSata - ok 14:38:48.0952 4252 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 14:38:49.0001 4252 ulsata2 - ok 14:38:49.0064 4252 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 14:38:49.0103 4252 umbus - ok 14:38:49.0177 4252 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll 14:38:49.0246 4252 upnphost - ok 14:38:49.0478 4252 UPnPService (be2f0e19796e57d49bc8f8e0d045884a) C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe 14:38:49.0538 4252 UPnPService ( UnsignedFile.Multi.Generic ) - warning 14:38:49.0538 4252 UPnPService - detected UnsignedFile.Multi.Generic (1) 14:38:49.0608 4252 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 14:38:49.0699 4252 USBAAPL - ok 14:38:49.0714 4252 usbbus - ok 14:38:49.0779 4252 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 14:38:49.0827 4252 usbccgp - ok 14:38:49.0865 4252 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 14:38:49.0953 4252 usbcir - ok 14:38:49.0969 4252 UsbDiag - ok 14:38:50.0027 4252 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 14:38:50.0075 4252 usbehci - ok 14:38:50.0112 4252 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 14:38:50.0153 4252 usbhub - ok 14:38:50.0169 4252 USBModem - ok 14:38:50.0202 4252 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 14:38:50.0266 4252 usbohci - ok 14:38:50.0301 4252 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 14:38:50.0357 4252 usbprint - ok 14:38:50.0426 4252 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:38:50.0460 4252 USBSTOR - ok 14:38:50.0519 4252 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 14:38:50.0563 4252 usbuhci - ok 14:38:50.0631 4252 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll 14:38:50.0678 4252 UxSms - ok 14:38:50.0754 4252 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe 14:38:50.0816 4252 vds - ok 14:38:50.0880 4252 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 14:38:50.0944 4252 vga - ok 14:38:51.0003 4252 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 14:38:51.0078 4252 VgaSave - ok 14:38:51.0197 4252 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys 14:38:51.0218 4252 viaagp - ok 14:38:51.0260 4252 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 14:38:51.0341 4252 ViaC7 - ok 14:38:51.0407 4252 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys 14:38:51.0428 4252 viaide - ok 14:38:51.0495 4252 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 14:38:51.0517 4252 volmgr - ok 14:38:51.0582 4252 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 14:38:51.0619 4252 volmgrx - ok 14:38:51.0697 4252 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 14:38:51.0732 4252 volsnap - ok 14:38:51.0798 4252 vsbus (39d93b4c6c1216e00023f5f03420f54a) C:\Windows\system32\DRIVERS\vsb.sys 14:38:51.0831 4252 vsbus ( UnsignedFile.Multi.Generic ) - warning 14:38:51.0832 4252 vsbus - detected UnsignedFile.Multi.Generic (1) 14:38:51.0881 4252 vserial (ae90acf63103ecb9a5f40fcbd9166ae3) C:\Windows\system32\DRIVERS\vserial.sys 14:38:51.0936 4252 vserial ( UnsignedFile.Multi.Generic ) - warning 14:38:51.0936 4252 vserial - detected UnsignedFile.Multi.Generic (1) 14:38:51.0987 4252 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 14:38:52.0017 4252 vsmraid - ok 14:38:52.0164 4252 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe 14:38:52.0453 4252 VSS - ok 14:38:52.0542 4252 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll 14:38:52.0591 4252 W32Time - ok 14:38:52.0661 4252 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 14:38:52.0765 4252 WacomPen - ok 14:38:52.0939 4252 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 14:38:52.0972 4252 Wanarp - ok 14:38:52.0983 4252 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 14:38:53.0017 4252 Wanarpv6 - ok 14:38:53.0195 4252 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll 14:38:53.0318 4252 wcncsvc - ok 14:38:53.0353 4252 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll 14:38:53.0419 4252 WcsPlugInService - ok 14:38:53.0497 4252 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 14:38:53.0517 4252 Wd - ok 14:38:53.0602 4252 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 14:38:53.0651 4252 Wdf01000 - ok 14:38:53.0729 4252 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 14:38:53.0781 4252 WdiServiceHost - ok 14:38:53.0795 4252 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 14:38:53.0842 4252 WdiSystemHost - ok 14:38:54.0070 4252 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll 14:38:54.0129 4252 WebClient - ok 14:38:54.0200 4252 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll 14:38:54.0392 4252 Wecsvc - ok 14:38:54.0460 4252 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll 14:38:54.0514 4252 wercplsupport - ok 14:38:54.0576 4252 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll 14:38:54.0637 4252 WerSvc - ok 14:38:54.0730 4252 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys 14:38:54.0808 4252 winachsf - ok 14:38:54.0971 4252 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll 14:38:55.0003 4252 WinDefend - ok 14:38:55.0023 4252 WinHttpAutoProxySvc - ok 14:38:55.0250 4252 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll 14:38:55.0295 4252 Winmgmt - ok 14:38:55.0404 4252 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll 14:38:55.0563 4252 WinRM - ok 14:38:55.0754 4252 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll 14:38:55.0841 4252 Wlansvc - ok 14:38:55.0920 4252 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys 14:38:55.0997 4252 WmiAcpi - ok 14:38:56.0093 4252 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe 14:38:56.0158 4252 wmiApSrv - ok 14:38:56.0364 4252 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe 14:38:56.0480 4252 WMPNetworkSvc - ok 14:38:56.0675 4252 WnsDrvr (b4cd1f39807884b9d3217feb71d96952) C:\Windows\system32\drivers\WnsDrvr.sys 14:38:56.0685 4252 WnsDrvr ( UnsignedFile.Multi.Generic ) - warning 14:38:56.0685 4252 WnsDrvr - detected UnsignedFile.Multi.Generic (1) 14:38:56.0754 4252 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll 14:38:56.0851 4252 WPCSvc - ok 14:38:56.0914 4252 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll 14:38:57.0016 4252 WPDBusEnum - ok 14:38:57.0079 4252 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 14:38:57.0129 4252 WpdUsb - ok 14:38:57.0522 4252 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 14:38:57.0583 4252 WPFFontCache_v0400 - ok 14:38:57.0647 4252 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 14:38:57.0711 4252 ws2ifsl - ok 14:38:57.0770 4252 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll 14:38:57.0817 4252 wscsvc - ok 14:38:57.0831 4252 WSearch - ok 14:38:58.0029 4252 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll 14:38:58.0265 4252 wuauserv - ok 14:38:58.0495 4252 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:38:58.0561 4252 WUDFRd - ok 14:38:58.0616 4252 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll 14:38:58.0670 4252 wudfsvc - ok 14:38:58.0703 4252 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys 14:38:58.0731 4252 XAudio - ok 14:38:58.0777 4252 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe 14:38:58.0813 4252 XAudioService - ok 14:38:58.0861 4252 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 14:38:59.0139 4252 \Device\Harddisk0\DR0 - ok 14:38:59.0185 4252 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk5\DR5 14:39:00.0279 4252 \Device\Harddisk5\DR5 - ok 14:39:00.0312 4252 Boot (0x1200) (37aec735205a09bebb20a86b51fbed97) \Device\Harddisk0\DR0\Partition0 14:39:00.0314 4252 \Device\Harddisk0\DR0\Partition0 - ok 14:39:00.0332 4252 Boot (0x1200) (e963f7d02847b1c6af7ba856ce187ba5) \Device\Harddisk0\DR0\Partition1 14:39:00.0334 4252 \Device\Harddisk0\DR0\Partition1 - ok 14:39:00.0353 4252 Boot (0x1200) (80dd327d6b460d071eed70bfee11f636) \Device\Harddisk5\DR5\Partition0 14:39:00.0360 4252 \Device\Harddisk5\DR5\Partition0 - ok 14:39:00.0364 4252 ============================================================ 14:39:00.0364 4252 Scan finished 14:39:00.0364 4252 ============================================================ 14:39:00.0386 6060 Detected object count: 5 14:39:00.0386 6060 Actual detected object count: 5 14:42:35.0868 6060 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 14:42:35.0870 6060 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:42:35.0874 6060 UPnPService ( UnsignedFile.Multi.Generic ) - skipped by user 14:42:35.0875 6060 UPnPService ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:42:35.0878 6060 vsbus ( UnsignedFile.Multi.Generic ) - skipped by user 14:42:35.0878 6060 vsbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:42:35.0881 6060 vserial ( UnsignedFile.Multi.Generic ) - skipped by user 14:42:35.0882 6060 vserial ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:42:35.0887 6060 WnsDrvr ( UnsignedFile.Multi.Generic ) - skipped by user 14:42:35.0887 6060 WnsDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:43:47.0142 4360 Deinitialize success
  15. DDS: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by aaron's at 13:00:40 on 2012-06-15 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1012.120 [GMT -6:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wuauclt.exe C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\conime.exe C:\Windows\system32\taskeng.exe C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer, optimized for Bing and MSN mStart Page = about:blank uInternet Settings,ProxyOverride = <local>;*.local uSearchURL,(Default) = hxxp://my.netzero.net/s/search?r=minisearch BHO: WormRadar.com IESiteBlocker.NavFilter: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - AVG Safe Search BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - No File BHO: {dbc80044-a445-435b-bc74-9c25c1c588a9} - Java Plug-In 2 SSV Helper TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File uRun: [Wisdom-soft AutoScreenRecorder 3.1 Pro] 0 mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [ContentTransferWMDetector.exe] c:\program files\sony\content transfer\ContentTransferWMDetector.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &Clean Traces IE: &Download with &DAP IE: Download &all with DAP IE: Download all by YouTube Robot IE: Download by YouTube Robot IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB} IE: {925DAB62-F9AC-4221-806A-057BFB1014AA} IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL Trusted Zone: adobe.com\kb2 DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{884CF6F3-CFFC-4BB7-9187-C19679DE6405} : DhcpNameServer = 192.168.0.1 Notify: igfxcui - igfxdev.dll . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-31 612184] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-31 337880] R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-5-25 27080] R2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2009-4-22 110304] R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2012-1-2 87968] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-1-31 20696] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-1-31 57688] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-1-31 44768] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-12-19 21504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate1c9ee41abc7afe7;Google Update Service (gupdate1c9ee41abc7afe7);c:\program files\google\update\GoogleUpdate.exe [2009-6-15 133104] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-16 257696] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-6-15 133104] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-5-25 27192] S3 UPnPService;UPnPService;c:\program files\common files\magix shared\upnpservice\UPnPService.exe [2009-4-22 544768] S3 WnsDrvr;WnsDrvr;c:\windows\system32\drivers\wnsdrvr.sys [2009-6-7 25952] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== File Associations =============== . JSEFile=NOTEPAD.EXE %1 . =============== Created Last 30 ================ . 2012-06-15 18:18:20 -------- d-----w- c:\users\aaron's\appdata\roaming\redsn0w 2012-06-15 17:22:03 -------- d-----w- c:\users\aaron's\appdata\local\libimobiledevice 2012-06-15 01:32:57 -------- d-----w- C:\audacity_temp 2012-06-10 08:46:23 -------- d-----w- c:\windows\system32\catroot2 2012-06-04 07:23:09 -------- d-----w- c:\users\aaron's\appdata\local\ElevatedDiagnostics 2012-06-01 20:32:41 -------- d-----w- c:\users\aaron's\appdata\local\temp 2012-06-01 20:23:28 -------- d-sh--w- C:\$RECYCLE.BIN 2012-05-31 01:36:37 -------- d-----w- c:\users\aaron's\appdata\roaming\Malwarebytes 2012-05-31 01:35:56 -------- d-----w- c:\programdata\Malwarebytes 2012-05-31 01:35:54 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-31 01:35:54 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-31 00:36:42 399264 ----a-w- c:\windows\unhide.exe 2012-05-30 23:20:28 -------- d-----w- C:\found.000 2012-05-28 05:20:19 -------- dc----w- c:\program files\Free Window Registry Repair 2012-05-26 04:45:37 -------- d-----w- c:\programdata\PC Tools 2012-05-26 04:45:35 -------- d-----w- c:\users\aaron's\appdata\roaming\Product_PT 2012-05-26 03:54:52 -------- dc----w- c:\program files\Defraggler 2012-05-26 01:46:59 -------- d-----w- c:\users\aaron's\appdata\local\VS Revo Group 2012-05-26 01:46:30 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2012-05-26 01:46:23 -------- dc----w- c:\program files\VS Revo Group 2012-05-26 01:00:04 27080 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys 2012-05-25 23:55:14 511328 -c--a-w- c:\program files\common files\microsoft shared\capicom\CAPICOM.DLL 2012-05-25 23:45:12 74703 ----a-w- c:\windows\system32\mfc45.dll . ==================== Find3M ==================== . 2012-05-20 01:09:28 1668 ----a-w- c:\windows\system32\ASOROSet.bin 2012-05-05 06:11:12 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-05 06:11:12 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-04-25 18:11:36 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll 2012-04-25 18:11:36 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2012-04-03 08:16:12 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-03 08:16:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-02 13:36:21 2044928 ----a-w- c:\windows\system32\win32k.sys 2012-03-30 12:39:11 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-20 23:28:50 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys . ============= FINISH: 13:03:37.77 ===============