Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP.datamngr


  • Please log in to reply
17 replies to this topic

#1 mellowjay123

mellowjay123

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 20 January 2013 - 03:39 AM

Hi, I'm an old friend and am back because I have new problems. Thanks in advance for the help! When I run MBAM, I get two infected files PUP.datamangr - I remove them, but they are there every time I scan. I think they are related to Ilivid and Torch??? Cant uninstall either of those. Please advice

Thanks,
jay

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

  • Members
  • 2,826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:21 AM

Posted 20 January 2013 - 08:08 AM

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Report FF Proxy Settings
Reset Ie proxy Settins
Reset FF proxy settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

Download Adware Cleaner run it Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner


Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe


Download Emsisoft Emergency Kit and save it to your desktop. Right-click on EmsisoftEmergencyKit.zip and select Extract All.... Leave all settings as they are and click Extract. You will now have a folder named EmsisoftEmergencyKit on your desktop.

Open the EmsisoftEmergencyKit
http://www.emsisoft.com/en/software/eek/download/
folder and double-click Start.exe.
A new window will open. Under "Run Directly:" click Emergency Kit Scanner.
When asked to run an online update, click Yes.
When the update is finished, click the Back to Security Status link in the left corner. On the main screen click the Scan Now button.
Select the Deep Scan option and click the SCAN button.
When the scan is finished click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
Click the View Report button and in the Reports window double-click on the most recent log. Note, logs are named as follows: a2scan_<date>-<time>.txt.
Copy/paste the report contents in your next reply.
What happens when you press Alt + F4 at the same time?

#3 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 20 January 2013 - 12:28 PM

Hi, Thanks so much for helping me! Here is the log from Mini Tool Box

MiniToolBox by Farbar Version:10-01-2013
Ran by veg (administrator) on 20-01-2013 at 10:26:16
Running from "C:\Users\veg\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : veg-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.actdsltmp

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : AC-81-12-87-16-DF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : domain.actdsltmp
Description . . . . . . . . . . . : 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : AC-81-12-87-16-DE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fd18:e887:fcaa:cf75%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 20, 2013 10:10:37 AM
Lease Expires . . . . . . . . . . : Sunday, January 27, 2013 10:10:41 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 265346970
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-DD-C4-56-38-60-77-04-25-F1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : domain.actdsltmp
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 38-60-77-04-25-F1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6417:a8fe:15c3:5c91%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 20, 2013 10:10:32 AM
Lease Expires . . . . . . . . . . : Sunday, January 27, 2013 10:10:32 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 272130167
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-DD-C4-56-38-60-77-04-25-F1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:1cce:3675:3f57:fe9b(Preferred)
Link-local IPv6 Address . . . . . : fe80::1cce:3675:3f57:fe9b%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.domain.actdsltmp:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domain.actdsltmp
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2607:f8b0:400f:800::1007
74.125.225.163
74.125.225.164
74.125.225.165
74.125.225.166
74.125.225.167
74.125.225.168
74.125.225.169
74.125.225.174
74.125.225.160
74.125.225.161
74.125.225.162


Pinging google.com [74.125.225.164] with 32 bytes of data:
Reply from 74.125.225.164: bytes=32 time=53ms TTL=56
Reply from 74.125.225.164: bytes=32 time=56ms TTL=56

Ping statistics for 74.125.225.164:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 53ms, Maximum = 56ms, Average = 54ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=328ms TTL=50
Reply from 98.139.183.24: bytes=32 time=301ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 301ms, Maximum = 328ms, Average = 314ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...ac 81 12 87 16 df ......Microsoft Virtual WiFi Miniport Adapter
14...ac 81 12 87 16 de ......802.11n Wireless LAN Card
13...38 60 77 04 25 f1 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.0 255.255.255.0 On-link 192.168.1.101 281
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.101 255.255.255.255 On-link 192.168.1.101 281
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 192.168.1.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 192.168.1.101 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:953c:1cce:3675:3f57:fe9b/128
On-link
13 276 fe80::/64 On-link
14 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1cce:3675:3f57:fe9b/128
On-link
13 276 fe80::6417:a8fe:15c3:5c91/128
On-link
14 281 fe80::fd18:e887:fcaa:cf75/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
13 276 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/20/2013 01:37:00 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/20/2013 01:37:00 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/20/2013 01:37:00 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/20/2013 01:37:00 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (01/20/2013 01:36:58 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/20/2013 01:36:58 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/20/2013 01:36:58 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/20/2013 01:36:58 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/20/2013 01:36:58 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (01/20/2013 01:36:57 AM) (Source: ESENT) (User: )
Description: Windows (4276) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00203.log.


System errors:
=============
Error: (01/20/2013 10:06:05 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/20/2013 01:42:55 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/20/2013 01:37:00 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/20/2013 01:37:00 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (01/20/2013 01:15:12 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/20/2013 00:57:28 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/20/2013 00:51:35 AM) (Source: Service Control Manager) (User: )
Description: The SBSD Security Center Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/20/2013 00:51:09 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/20/2013 00:46:03 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/20/2013 00:46:03 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (01/20/2013 01:37:00 AM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/20/2013 01:37:00 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/20/2013 01:37:00 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/20/2013 01:37:00 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (01/20/2013 01:36:58 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (01/20/2013 01:36:58 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/20/2013 01:36:58 AM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (01/20/2013 01:36:58 AM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (01/20/2013 01:36:58 AM) (Source: Windows Search Service)(User: )
Description:
Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (01/20/2013 01:36:57 AM) (Source: ESENT)(User: )
Description: Windows4276Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00203.log-1811


CodeIntegrity Errors:
===================================
Date: 2013-01-17 23:06:00.668
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-01-17 23:06:00.608
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Actiontec Gateway
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
AIO_Scan (Version: 130.0.365.000)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Media Foundation Decoders (Version: 1.0.60704.0132)
AMD VISION Engine Control Center (Version: 2011.0704.121.523)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.829.0)
avast! Free Antivirus (Version: 7.0.1474.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
C6200 (Version: 130.0.365.000)
C6200_Help (Version: 100.0.206.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0704.121.523)
Catalyst Control Center InstallProxy (Version: 2011.0704.121.523)
Catalyst Control Center Localization All (Version: 2011.0704.121.523)
ccc-utility64 (Version: 2011.0704.121.523)
CCC Help Chinese Standard (Version: 2011.0704.0120.523)
CCC Help Chinese Traditional (Version: 2011.0704.0120.523)
CCC Help Czech (Version: 2011.0704.0120.523)
CCC Help Danish (Version: 2011.0704.0120.523)
CCC Help Dutch (Version: 2011.0704.0120.523)
CCC Help English (Version: 2011.0704.0120.523)
CCC Help Finnish (Version: 2011.0704.0120.523)
CCC Help French (Version: 2011.0704.0120.523)
CCC Help German (Version: 2011.0704.0120.523)
CCC Help Greek (Version: 2011.0704.0120.523)
CCC Help Hungarian (Version: 2011.0704.0120.523)
CCC Help Italian (Version: 2011.0704.0120.523)
CCC Help Japanese (Version: 2011.0704.0120.523)
CCC Help Korean (Version: 2011.0704.0120.523)
CCC Help Norwegian (Version: 2011.0704.0120.523)
CCC Help Polish (Version: 2011.0704.0120.523)
CCC Help Portuguese (Version: 2011.0704.0120.523)
CCC Help Russian (Version: 2011.0704.0120.523)
CCC Help Spanish (Version: 2011.0704.0120.523)
CCC Help Swedish (Version: 2011.0704.0120.523)
CCC Help Thai (Version: 2011.0704.0120.523)
CCC Help Turkish (Version: 2011.0704.0120.523)
CCleaner (Version: 3.13)
Citrix online plug-in (Web) (Version: 11.2.0.31560)
Copy (Version: 130.0.428.000)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
Fax (Version: 130.0.418.000)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP LinkUp (Version: 2.01.028)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Product Detection (Version: 11.14.0001)
HP Setup (Version: 8.7.4747.3786)
HP Setup Manager (Version: 1.1.13880.3792)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 7.0.39.15)
HP Support Information (Version: 10.1.1000)
HP Update (Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.9.0.0)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000)
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
hpphotosmartdisclabelplugin (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
IDT Audio (Version: 1.0.6349.0)
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 11.0.1.12)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.3925)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (Version: 4.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Maintenance Service (Version: 18.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
NOOK for PC (Version: 2.5.6.9575)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PDF Complete Special Edition (Version: 4.0.54)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Power2Go (Version: 6.1.5331)
PS_AIO_02_ProductContext (Version: 130.0.365.000)
PS_AIO_02_Software (Version: 130.0.365.000)
PS_AIO_02_Software_Min (Version: 130.0.365.000)
Ralink 802.11n Wireless LAN Card (Version: 4.0.3.0)
Recovery Manager (Version: 5.5.0.4320)
Remote Graphics Receiver (Version: 5.4.5)
Revo Uninstaller 1.94 (Version: 1.94)
Scan (Version: 13.0.0.0)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 130.0.469.000)
SUPERAntiSpyware (Version: 5.0.1142)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VideoCam Suite 3.5 (Version: 3.05.011.1033)
WebReg (Version: 130.0.132.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinX DVD Ripper 5.5.5

========================= Devices: ================================

Name: psc 2500 series
Description: psc 2500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: hp
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 5616.6 MB
Available physical RAM: 4064.27 MB
Total Pagefile: 15614.79 MB
Available Pagefile: 13929.09 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.39 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:919.87 GB) (Free:629.12 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.54 GB) (Free:1.41 GB) NTFS

========================= Users: ========================================

User accounts for \\VEG-HP

Administrator Guest veg


**** End of log ****

#4 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 20 January 2013 - 12:40 PM

Here is the log from adwcleaner - It did need to shut down my computer and restart -



# AdwCleaner v2.106 - Logfile created 01/20/2013 at 10:30:05
# Updated 17/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : veg - VEG-HP
# Boot Mode : Normal
# Running from : C:\Users\veg\Desktop\adwcleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
File Deleted : C:\Users\veg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Folder Deleted : C:\Program Files (x86)\search results toolbar
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\veg\AppData\Local\Ilivid
Folder Deleted : C:\Users\veg\AppData\Roaming\OpenCandy

***** [Registry] *****

Data Deleted : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll
Data Deleted : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\ilividtoolbarguid
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll

#5 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 20 January 2013 - 12:58 PM

JRT log ran in safe mode


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\veg\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\veg\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\veg\appdata\locallow\ilividtoolbarguid"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\veg\AppData\Roaming\mozilla\firefox\profiles\4gs4jryz.default\ilividtoolbarguid
Successfully deleted the following from C:\Users\veg\AppData\Roaming\mozilla\firefox\profiles\4gs4jryz.default\prefs.js

user_pref("extensions.wrc.SearchRules.baidu.com.style", ".WRCN {display:none} .result .f .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
user_pref("extensions.wrc.SearchRules.baidu.com.url", "^http\\:\\/\\/www\\.baidu\\.com\\/.*");
user_pref("extensions.wrc.SearchRules.excite.com.style", ".WRCN {display:none} .searchResult .resultTitlePane .WRCN {display:inline !important; background: url(\"IMAGE\") righ
user_pref("extensions.wrc.SearchRules.excite.com.url", "^http\\:\\/\\/msxml\\.excite\\.com\\/search\\/.*");
Emptied folder: C:\Users\veg\AppData\Roaming\mozilla\firefox\profiles\4gs4jryz.default\minidumps [548 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 01/20/2013 at 10:49:47.80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#6 InadequateInfirmity

InadequateInfirmity

  • Members
  • 2,826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:21 AM

Posted 20 January 2013 - 02:12 PM

As soon as we have the Emsisoft log we will continue. :thumbup2:
What happens when you press Alt + F4 at the same time?

#7 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 20 January 2013 - 02:39 PM

Hi, here is the log from emsisoft -


Emsisoft Emergency Kit - Version 3.0
Last update: 1/20/2013 11:40:51 AM

Scan settings:

Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\, D:\, Q:\

Detect Riskware: Off
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 1/20/2013 11:46:05 AM


Scanned 463607
Found 0

Scan end: 1/20/2013 12:36:19 PM
Scan time: 0:50:14

#8 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 20 January 2013 - 04:40 PM

0 objects found - that's good right? Thanks again for your help and standing by!

#9 InadequateInfirmity

InadequateInfirmity

  • Members
  • 2,826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:21 AM

Posted 21 January 2013 - 05:03 AM

Please remove Spybot - Search & Destroy (Version: 1.6.2) from your machine it is about as useless as Windows defender reboot your machine.

After removing Spybot and rebooting see below.


Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe


Right Click it Run As Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.




Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.

Download the program below.
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Run the program hit the scan button allow it to finish.
Then hit the delete button.
Reboot your machine post the Rouge killer log please.
What happens when you press Alt + F4 at the same time?

#10 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 21 January 2013 - 12:49 PM

Thanks again! - Here is TDS log


10:46:13.0865 4736 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:46:15.0472 4736 ============================================================
10:46:15.0472 4736 Current date / time: 2013/01/21 10:46:15.0472
10:46:15.0472 4736 SystemInfo:
10:46:15.0472 4736
10:46:15.0472 4736 OS Version: 6.1.7601 ServicePack: 1.0
10:46:15.0472 4736 Product type: Workstation
10:46:15.0472 4736 ComputerName: VEG-HP
10:46:15.0472 4736 UserName: veg
10:46:15.0472 4736 Windows directory: C:\Windows
10:46:15.0472 4736 System windows directory: C:\Windows
10:46:15.0472 4736 Running under WOW64
10:46:15.0472 4736 Processor architecture: Intel x64
10:46:15.0472 4736 Number of processors: 4
10:46:15.0472 4736 Page size: 0x1000
10:46:15.0472 4736 Boot type: Normal boot
10:46:15.0472 4736 ============================================================
10:46:15.0924 4736 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:46:15.0955 4736 ============================================================
10:46:15.0955 4736 \Device\Harddisk0\DR0:
10:46:15.0955 4736 MBR partitions:
10:46:15.0955 4736 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:46:15.0955 4736 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72FBF000
10:46:15.0955 4736 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72FF1800, BlocksNum 0x1714800
10:46:15.0955 4736 ============================================================
10:46:15.0986 4736 C: <-> \Device\Harddisk0\DR0\Partition2
10:46:16.0018 4736 D: <-> \Device\Harddisk0\DR0\Partition3
10:46:16.0018 4736 ============================================================
10:46:16.0018 4736 Initialize success
10:46:16.0018 4736 ============================================================
10:46:23.0256 4596 ============================================================
10:46:23.0256 4596 Scan started
10:46:23.0256 4596 Mode: Manual; TDLFS;
10:46:23.0256 4596 ============================================================
10:46:23.0630 4596 ================ Scan system memory ========================
10:46:23.0630 4596 System memory - ok
10:46:23.0630 4596 ================ Scan services =============================
10:46:23.0740 4596 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:46:23.0740 4596 !SASCORE - ok
10:46:23.0911 4596 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:46:23.0927 4596 1394ohci - ok
10:46:23.0942 4596 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:46:23.0942 4596 ACPI - ok
10:46:23.0989 4596 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:46:23.0989 4596 AcpiPmi - ok
10:46:24.0083 4596 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:46:24.0098 4596 AdobeFlashPlayerUpdateSvc - ok
10:46:24.0114 4596 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:46:24.0114 4596 adp94xx - ok
10:46:24.0130 4596 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:46:24.0145 4596 adpahci - ok
10:46:24.0145 4596 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:46:24.0145 4596 adpu320 - ok
10:46:24.0176 4596 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:46:24.0176 4596 AeLookupSvc - ok
10:46:24.0239 4596 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
10:46:24.0239 4596 AESTFilters - ok
10:46:24.0270 4596 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:46:24.0270 4596 AFD - ok
10:46:24.0317 4596 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:46:24.0317 4596 agp440 - ok
10:46:24.0332 4596 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:46:24.0332 4596 ALG - ok
10:46:24.0364 4596 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:46:24.0364 4596 aliide - ok
10:46:24.0379 4596 [ 9A75FD4D9A1B9152CFC920D6A9E2B61A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:46:24.0379 4596 AMD External Events Utility - ok
10:46:24.0410 4596 [ C17BAFA60F941A1AF5C2B10D8632C409 ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
10:46:24.0410 4596 amdhub30 - ok
10:46:24.0426 4596 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:46:24.0426 4596 amdide - ok
10:46:24.0457 4596 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:46:24.0457 4596 AmdK8 - ok
10:46:24.0707 4596 [ F937254A1C63B6BB6DDBB41BF69967BB ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:46:24.0754 4596 amdkmdag - ok
10:46:24.0785 4596 [ 5E709520B37733331D4CEA35A9E9483E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:46:24.0785 4596 amdkmdap - ok
10:46:24.0816 4596 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:46:24.0816 4596 AmdPPM - ok
10:46:24.0847 4596 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:46:24.0847 4596 amdsata - ok
10:46:24.0863 4596 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:46:24.0863 4596 amdsbs - ok
10:46:24.0878 4596 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:46:24.0878 4596 amdxata - ok
10:46:24.0894 4596 [ 3DC51308F5E7A4BB8020D16E64E9D882 ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
10:46:24.0894 4596 amdxhc - ok
10:46:24.0910 4596 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
10:46:24.0910 4596 amd_sata - ok
10:46:24.0910 4596 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
10:46:24.0910 4596 amd_xata - ok
10:46:24.0941 4596 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:46:24.0941 4596 AppID - ok
10:46:24.0956 4596 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:46:24.0956 4596 AppIDSvc - ok
10:46:24.0972 4596 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:46:24.0972 4596 Appinfo - ok
10:46:25.0050 4596 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:46:25.0050 4596 Apple Mobile Device - ok
10:46:25.0066 4596 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
10:46:25.0081 4596 arc - ok
10:46:25.0081 4596 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:46:25.0081 4596 arcsas - ok
10:46:25.0144 4596 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:46:25.0144 4596 aspnet_state - ok
10:46:25.0175 4596 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
10:46:25.0175 4596 aswFsBlk - ok
10:46:25.0206 4596 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:46:25.0206 4596 aswMonFlt - ok
10:46:25.0222 4596 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
10:46:25.0222 4596 aswRdr - ok
10:46:25.0253 4596 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:46:25.0253 4596 aswSnx - ok
10:46:25.0284 4596 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:46:25.0284 4596 aswSP - ok
10:46:25.0300 4596 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
10:46:25.0300 4596 aswTdi - ok
10:46:25.0315 4596 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:46:25.0315 4596 AsyncMac - ok
10:46:25.0331 4596 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:46:25.0346 4596 atapi - ok
10:46:25.0378 4596 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:46:25.0378 4596 AudioEndpointBuilder - ok
10:46:25.0393 4596 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:46:25.0393 4596 AudioSrv - ok
10:46:25.0440 4596 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:46:25.0440 4596 avast! Antivirus - ok
10:46:25.0440 4596 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:46:25.0456 4596 AxInstSV - ok
10:46:25.0471 4596 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:46:25.0487 4596 b06bdrv - ok
10:46:25.0518 4596 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:46:25.0534 4596 b57nd60a - ok
10:46:25.0580 4596 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:46:25.0580 4596 BDESVC - ok
10:46:25.0643 4596 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:46:25.0643 4596 Beep - ok
10:46:25.0674 4596 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:46:25.0674 4596 BFE - ok
10:46:25.0721 4596 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
10:46:25.0721 4596 BITS - ok
10:46:25.0752 4596 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:46:25.0752 4596 blbdrive - ok
10:46:25.0783 4596 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:46:25.0783 4596 Bonjour Service - ok
10:46:25.0814 4596 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:46:25.0814 4596 bowser - ok
10:46:25.0846 4596 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:46:25.0846 4596 BrFiltLo - ok
10:46:25.0861 4596 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:46:25.0861 4596 BrFiltUp - ok
10:46:25.0924 4596 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:46:25.0924 4596 BridgeMP - ok
10:46:25.0939 4596 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:46:25.0939 4596 Browser - ok
10:46:25.0970 4596 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:46:25.0970 4596 Brserid - ok
10:46:25.0986 4596 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:46:25.0986 4596 BrSerWdm - ok
10:46:26.0002 4596 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:46:26.0002 4596 BrUsbMdm - ok
10:46:26.0017 4596 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:46:26.0017 4596 BrUsbSer - ok
10:46:26.0033 4596 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:46:26.0048 4596 BTHMODEM - ok
10:46:26.0064 4596 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:46:26.0064 4596 bthserv - ok
10:46:26.0080 4596 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:46:26.0080 4596 cdfs - ok
10:46:26.0111 4596 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:46:26.0111 4596 cdrom - ok
10:46:26.0126 4596 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:46:26.0126 4596 CertPropSvc - ok
10:46:26.0158 4596 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
10:46:26.0158 4596 circlass - ok
10:46:26.0173 4596 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:46:26.0189 4596 CLFS - ok
10:46:26.0220 4596 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:46:26.0220 4596 clr_optimization_v2.0.50727_32 - ok
10:46:26.0251 4596 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:46:26.0251 4596 clr_optimization_v2.0.50727_64 - ok
10:46:26.0298 4596 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:46:26.0314 4596 clr_optimization_v4.0.30319_32 - ok
10:46:26.0345 4596 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:46:26.0345 4596 clr_optimization_v4.0.30319_64 - ok
10:46:26.0360 4596 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:46:26.0360 4596 CmBatt - ok
10:46:26.0392 4596 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:46:26.0392 4596 cmdide - ok
10:46:26.0438 4596 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:46:26.0438 4596 CNG - ok
10:46:26.0454 4596 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:46:26.0470 4596 Compbatt - ok
10:46:26.0485 4596 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:46:26.0485 4596 CompositeBus - ok
10:46:26.0501 4596 COMSysApp - ok
10:46:26.0516 4596 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:46:26.0516 4596 crcdisk - ok
10:46:26.0548 4596 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:46:26.0548 4596 CryptSvc - ok
10:46:26.0610 4596 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:46:26.0626 4596 cvhsvc - ok
10:46:26.0641 4596 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:46:26.0657 4596 DcomLaunch - ok
10:46:26.0672 4596 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:46:26.0672 4596 defragsvc - ok
10:46:26.0688 4596 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:46:26.0704 4596 DfsC - ok
10:46:26.0704 4596 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:46:26.0719 4596 Dhcp - ok
10:46:26.0719 4596 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:46:26.0719 4596 discache - ok
10:46:26.0750 4596 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
10:46:26.0750 4596 Disk - ok
10:46:26.0766 4596 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:46:26.0766 4596 Dnscache - ok
10:46:26.0782 4596 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:46:26.0782 4596 dot3svc - ok
10:46:26.0813 4596 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:46:26.0813 4596 Dot4 - ok
10:46:26.0828 4596 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:46:26.0828 4596 Dot4Print - ok
10:46:26.0844 4596 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:46:26.0844 4596 dot4usb - ok
10:46:26.0860 4596 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:46:26.0860 4596 DPS - ok
10:46:26.0891 4596 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:46:26.0891 4596 drmkaud - ok
10:46:26.0938 4596 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:46:26.0938 4596 DXGKrnl - ok
10:46:26.0984 4596 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:46:26.0984 4596 EapHost - ok
10:46:27.0140 4596 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:46:27.0172 4596 ebdrv - ok
10:46:27.0218 4596 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:46:27.0218 4596 EFS - ok
10:46:27.0296 4596 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:46:27.0296 4596 ehRecvr - ok
10:46:27.0312 4596 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:46:27.0312 4596 ehSched - ok
10:46:27.0343 4596 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:46:27.0343 4596 elxstor - ok
10:46:27.0359 4596 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:46:27.0359 4596 ErrDev - ok
10:46:27.0374 4596 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:46:27.0390 4596 EventSystem - ok
10:46:27.0390 4596 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:46:27.0406 4596 exfat - ok
10:46:27.0421 4596 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:46:27.0421 4596 fastfat - ok
10:46:27.0452 4596 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:46:27.0452 4596 Fax - ok
10:46:27.0484 4596 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
10:46:27.0484 4596 fdc - ok
10:46:27.0499 4596 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:46:27.0499 4596 fdPHost - ok
10:46:27.0515 4596 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:46:27.0515 4596 FDResPub - ok
10:46:27.0515 4596 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:46:27.0515 4596 FileInfo - ok
10:46:27.0530 4596 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:46:27.0530 4596 Filetrace - ok
10:46:27.0546 4596 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:46:27.0546 4596 flpydisk - ok
10:46:27.0562 4596 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:46:27.0562 4596 FltMgr - ok
10:46:27.0593 4596 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:46:27.0608 4596 FontCache - ok
10:46:27.0640 4596 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:46:27.0640 4596 FontCache3.0.0.0 - ok
10:46:27.0640 4596 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:46:27.0640 4596 FsDepends - ok
10:46:27.0671 4596 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:46:27.0671 4596 Fs_Rec - ok
10:46:27.0686 4596 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:46:27.0686 4596 fvevol - ok
10:46:27.0718 4596 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:46:27.0718 4596 gagp30kx - ok
10:46:27.0780 4596 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:46:27.0780 4596 GEARAspiWDM - ok
10:46:27.0811 4596 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:46:27.0827 4596 gpsvc - ok
10:46:27.0889 4596 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:46:27.0889 4596 gupdate - ok
10:46:27.0905 4596 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:46:27.0905 4596 gupdatem - ok
10:46:27.0920 4596 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:46:27.0920 4596 hcw85cir - ok
10:46:27.0936 4596 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:46:27.0936 4596 HdAudAddService - ok
10:46:27.0952 4596 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:46:27.0952 4596 HDAudBus - ok
10:46:27.0967 4596 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:46:27.0967 4596 HidBatt - ok
10:46:27.0983 4596 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:46:27.0983 4596 HidBth - ok
10:46:28.0014 4596 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:46:28.0014 4596 HidIr - ok
10:46:28.0030 4596 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:46:28.0045 4596 hidserv - ok
10:46:28.0061 4596 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:46:28.0061 4596 HidUsb - ok
10:46:28.0061 4596 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:46:28.0076 4596 hkmsvc - ok
10:46:28.0076 4596 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:46:28.0076 4596 HomeGroupListener - ok
10:46:28.0108 4596 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:46:28.0108 4596 HomeGroupProvider - ok
10:46:28.0186 4596 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:46:28.0186 4596 HP Support Assistant Service - ok
10:46:28.0217 4596 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:46:28.0217 4596 HPClientSvc - ok
10:46:28.0295 4596 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:46:28.0295 4596 hpqcxs08 - ok
10:46:28.0310 4596 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:46:28.0310 4596 hpqddsvc - ok
10:46:28.0420 4596 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
10:46:28.0420 4596 hpqwmiex - ok
10:46:28.0451 4596 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:46:28.0451 4596 HpSAMD - ok
10:46:28.0482 4596 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:46:28.0498 4596 HPSLPSVC - ok
10:46:28.0529 4596 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:46:28.0529 4596 HTTP - ok
10:46:28.0529 4596 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:46:28.0529 4596 hwpolicy - ok
10:46:28.0560 4596 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:46:28.0560 4596 i8042prt - ok
10:46:28.0576 4596 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:46:28.0576 4596 iaStorV - ok
10:46:28.0622 4596 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:46:28.0638 4596 idsvc - ok
10:46:28.0747 4596 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:46:28.0778 4596 igfx - ok
10:46:28.0810 4596 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:46:28.0810 4596 iirsp - ok
10:46:28.0825 4596 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:46:28.0841 4596 IKEEXT - ok
10:46:28.0856 4596 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:46:28.0856 4596 intelide - ok
10:46:28.0872 4596 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
10:46:28.0872 4596 intelppm - ok
10:46:28.0888 4596 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:46:28.0888 4596 IPBusEnum - ok
10:46:28.0903 4596 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:46:28.0903 4596 IpFilterDriver - ok
10:46:28.0950 4596 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:46:28.0966 4596 iphlpsvc - ok
10:46:28.0966 4596 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:46:28.0966 4596 IPMIDRV - ok
10:46:28.0981 4596 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:46:28.0981 4596 IPNAT - ok
10:46:29.0028 4596 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:46:29.0028 4596 iPod Service - ok
10:46:29.0059 4596 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:46:29.0059 4596 IRENUM - ok
10:46:29.0075 4596 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:46:29.0075 4596 isapnp - ok
10:46:29.0090 4596 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:46:29.0106 4596 iScsiPrt - ok
10:46:29.0106 4596 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:46:29.0106 4596 kbdclass - ok
10:46:29.0122 4596 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:46:29.0122 4596 kbdhid - ok
10:46:29.0137 4596 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:46:29.0137 4596 KeyIso - ok
10:46:29.0153 4596 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:46:29.0153 4596 KSecDD - ok
10:46:29.0168 4596 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:46:29.0168 4596 KSecPkg - ok
10:46:29.0184 4596 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:46:29.0184 4596 ksthunk - ok
10:46:29.0215 4596 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:46:29.0215 4596 KtmRm - ok
10:46:29.0262 4596 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:46:29.0262 4596 LanmanServer - ok
10:46:29.0309 4596 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:46:29.0309 4596 LanmanWorkstation - ok
10:46:29.0340 4596 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:46:29.0356 4596 lltdio - ok
10:46:29.0356 4596 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:46:29.0371 4596 lltdsvc - ok
10:46:29.0371 4596 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:46:29.0371 4596 lmhosts - ok
10:46:29.0402 4596 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:46:29.0402 4596 LSI_FC - ok
10:46:29.0418 4596 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:46:29.0418 4596 LSI_SAS - ok
10:46:29.0434 4596 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:46:29.0434 4596 LSI_SAS2 - ok
10:46:29.0449 4596 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:46:29.0449 4596 LSI_SCSI - ok
10:46:29.0465 4596 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:46:29.0465 4596 luafv - ok
10:46:29.0496 4596 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:46:29.0496 4596 Mcx2Svc - ok
10:46:29.0512 4596 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
10:46:29.0512 4596 megasas - ok
10:46:29.0527 4596 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:46:29.0527 4596 MegaSR - ok
10:46:29.0543 4596 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:46:29.0543 4596 MMCSS - ok
10:46:29.0558 4596 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:46:29.0558 4596 Modem - ok
10:46:29.0590 4596 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:46:29.0590 4596 monitor - ok
10:46:29.0636 4596 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:46:29.0636 4596 mouclass - ok
10:46:29.0652 4596 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:46:29.0652 4596 mouhid - ok
10:46:29.0668 4596 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:46:29.0668 4596 mountmgr - ok
10:46:29.0699 4596 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:46:29.0714 4596 MozillaMaintenance - ok
10:46:29.0730 4596 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:46:29.0730 4596 mpio - ok
10:46:29.0746 4596 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:46:29.0746 4596 mpsdrv - ok
10:46:29.0792 4596 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:46:29.0792 4596 MpsSvc - ok
10:46:29.0808 4596 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:46:29.0824 4596 MRxDAV - ok
10:46:29.0839 4596 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:46:29.0839 4596 mrxsmb - ok
10:46:29.0855 4596 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:46:29.0855 4596 mrxsmb10 - ok
10:46:29.0870 4596 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:46:29.0870 4596 mrxsmb20 - ok
10:46:29.0886 4596 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:46:29.0886 4596 msahci - ok
10:46:29.0902 4596 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:46:29.0902 4596 msdsm - ok
10:46:29.0917 4596 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:46:29.0917 4596 MSDTC - ok
10:46:29.0933 4596 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:46:29.0933 4596 Msfs - ok
10:46:29.0948 4596 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:46:29.0948 4596 mshidkmdf - ok
10:46:29.0948 4596 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:46:29.0948 4596 msisadrv - ok
10:46:29.0980 4596 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:46:29.0980 4596 MSiSCSI - ok
10:46:29.0980 4596 msiserver - ok
10:46:29.0995 4596 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:46:29.0995 4596 MSKSSRV - ok
10:46:30.0011 4596 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:46:30.0011 4596 MSPCLOCK - ok
10:46:30.0026 4596 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:46:30.0026 4596 MSPQM - ok
10:46:30.0042 4596 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:46:30.0058 4596 MsRPC - ok
10:46:30.0073 4596 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:46:30.0073 4596 mssmbios - ok
10:46:30.0089 4596 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:46:30.0089 4596 MSTEE - ok
10:46:30.0104 4596 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:46:30.0104 4596 MTConfig - ok
10:46:30.0120 4596 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:46:30.0120 4596 Mup - ok
10:46:30.0136 4596 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:46:30.0151 4596 napagent - ok
10:46:30.0167 4596 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:46:30.0167 4596 NativeWifiP - ok
10:46:30.0229 4596 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:46:30.0245 4596 NDIS - ok
10:46:30.0245 4596 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:46:30.0245 4596 NdisCap - ok
10:46:30.0276 4596 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:46:30.0276 4596 NdisTapi - ok
10:46:30.0276 4596 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:46:30.0276 4596 Ndisuio - ok
10:46:30.0307 4596 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:46:30.0307 4596 NdisWan - ok
10:46:30.0307 4596 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:46:30.0307 4596 NDProxy - ok
10:46:30.0354 4596 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:46:30.0370 4596 Net Driver HPZ12 - ok
10:46:30.0370 4596 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:46:30.0370 4596 NetBIOS - ok
10:46:30.0385 4596 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:46:30.0401 4596 NetBT - ok
10:46:30.0401 4596 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:46:30.0416 4596 Netlogon - ok
10:46:30.0432 4596 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:46:30.0432 4596 Netman - ok
10:46:30.0463 4596 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:46:30.0463 4596 NetMsmqActivator - ok
10:46:30.0463 4596 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:46:30.0479 4596 NetPipeActivator - ok
10:46:30.0479 4596 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:46:30.0494 4596 netprofm - ok
10:46:30.0572 4596 [ 3B7DE4C730202F6F5B0CB202990AA6EF ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
10:46:30.0572 4596 netr28x - ok
10:46:30.0588 4596 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:46:30.0588 4596 NetTcpActivator - ok
10:46:30.0588 4596 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:46:30.0588 4596 NetTcpPortSharing - ok
10:46:30.0604 4596 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:46:30.0604 4596 nfrd960 - ok
10:46:30.0619 4596 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:46:30.0635 4596 NlaSvc - ok
10:46:30.0650 4596 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:46:30.0650 4596 Npfs - ok
10:46:30.0666 4596 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:46:30.0666 4596 nsi - ok
10:46:30.0697 4596 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:46:30.0697 4596 nsiproxy - ok
10:46:30.0791 4596 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:46:30.0806 4596 Ntfs - ok
10:46:30.0806 4596 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:46:30.0806 4596 Null - ok
10:46:30.0838 4596 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:46:30.0838 4596 nvraid - ok
10:46:30.0853 4596 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:46:30.0853 4596 nvstor - ok
10:46:30.0869 4596 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:46:30.0869 4596 nv_agp - ok
10:46:30.0884 4596 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:46:30.0884 4596 ohci1394 - ok
10:46:30.0916 4596 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:46:30.0916 4596 ose - ok
10:46:30.0994 4596 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:46:31.0025 4596 osppsvc - ok
10:46:31.0040 4596 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:46:31.0056 4596 p2pimsvc - ok
10:46:31.0072 4596 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:46:31.0072 4596 p2psvc - ok
10:46:31.0103 4596 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
10:46:31.0103 4596 Parport - ok
10:46:31.0118 4596 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:46:31.0118 4596 partmgr - ok
10:46:31.0134 4596 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:46:31.0134 4596 PcaSvc - ok
10:46:31.0150 4596 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:46:31.0150 4596 pci - ok
10:46:31.0165 4596 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:46:31.0165 4596 pciide - ok
10:46:31.0181 4596 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:46:31.0181 4596 pcmcia - ok
10:46:31.0196 4596 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:46:31.0196 4596 pcw - ok
10:46:31.0212 4596 pdfcDispatcher - ok
10:46:31.0228 4596 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:46:31.0243 4596 PEAUTH - ok
10:46:31.0290 4596 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:46:31.0290 4596 PerfHost - ok
10:46:31.0337 4596 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:46:31.0352 4596 pla - ok
10:46:31.0399 4596 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:46:31.0415 4596 PlugPlay - ok
10:46:31.0446 4596 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:46:31.0446 4596 Pml Driver HPZ12 - ok
10:46:31.0446 4596 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:46:31.0462 4596 PNRPAutoReg - ok
10:46:31.0477 4596 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:46:31.0477 4596 PNRPsvc - ok
10:46:31.0524 4596 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:46:31.0524 4596 PolicyAgent - ok
10:46:31.0555 4596 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:46:31.0555 4596 Power - ok
10:46:31.0586 4596 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:46:31.0586 4596 PptpMiniport - ok
10:46:31.0602 4596 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
10:46:31.0602 4596 Processor - ok
10:46:31.0649 4596 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:46:31.0649 4596 ProfSvc - ok
10:46:31.0664 4596 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:46:31.0664 4596 ProtectedStorage - ok
10:46:31.0696 4596 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:46:31.0696 4596 Psched - ok
10:46:31.0727 4596 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:46:31.0727 4596 PxHlpa64 - ok
10:46:31.0758 4596 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:46:31.0774 4596 ql2300 - ok
10:46:31.0789 4596 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:46:31.0789 4596 ql40xx - ok
10:46:31.0820 4596 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:46:31.0820 4596 QWAVE - ok
10:46:31.0836 4596 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:46:31.0836 4596 QWAVEdrv - ok
10:46:31.0852 4596 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:46:31.0852 4596 RasAcd - ok
10:46:31.0867 4596 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:46:31.0867 4596 RasAgileVpn - ok
10:46:31.0883 4596 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:46:31.0883 4596 RasAuto - ok
10:46:31.0883 4596 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:46:31.0898 4596 Rasl2tp - ok
10:46:31.0914 4596 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:46:31.0914 4596 RasMan - ok
10:46:31.0930 4596 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:46:31.0930 4596 RasPppoe - ok
10:46:31.0945 4596 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:46:31.0945 4596 RasSstp - ok
10:46:31.0961 4596 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:46:31.0961 4596 rdbss - ok
10:46:31.0976 4596 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:46:31.0976 4596 rdpbus - ok
10:46:31.0992 4596 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:46:31.0992 4596 RDPCDD - ok
10:46:31.0992 4596 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:46:31.0992 4596 RDPENCDD - ok
10:46:32.0008 4596 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:46:32.0008 4596 RDPREFMP - ok
10:46:32.0039 4596 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:46:32.0039 4596 RDPWD - ok
10:46:32.0054 4596 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:46:32.0054 4596 rdyboost - ok
10:46:32.0070 4596 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:46:32.0086 4596 RemoteAccess - ok
10:46:32.0086 4596 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:46:32.0101 4596 RemoteRegistry - ok
10:46:32.0117 4596 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:46:32.0117 4596 RpcEptMapper - ok
10:46:32.0132 4596 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:46:32.0132 4596 RpcLocator - ok
10:46:32.0132 4596 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:46:32.0148 4596 RpcSs - ok
10:46:32.0148 4596 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:46:32.0164 4596 rspndr - ok
10:46:32.0195 4596 [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:46:32.0195 4596 RTL8167 - ok
10:46:32.0210 4596 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:46:32.0210 4596 SamSs - ok
10:46:32.0257 4596 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:46:32.0257 4596 SASDIFSV - ok
10:46:32.0273 4596 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:46:32.0273 4596 SASKUTIL - ok
10:46:32.0304 4596 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:46:32.0304 4596 sbp2port - ok
10:46:32.0335 4596 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:46:32.0335 4596 SCardSvr - ok
10:46:32.0366 4596 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:46:32.0366 4596 scfilter - ok
10:46:32.0398 4596 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:46:32.0413 4596 Schedule - ok
10:46:32.0429 4596 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:46:32.0429 4596 SCPolicySvc - ok
10:46:32.0429 4596 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:46:32.0429 4596 sdbus - ok
10:46:32.0444 4596 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:46:32.0444 4596 SDRSVC - ok
10:46:32.0460 4596 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:46:32.0460 4596 secdrv - ok
10:46:32.0476 4596 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:46:32.0476 4596 seclogon - ok
10:46:32.0476 4596 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
10:46:32.0491 4596 SENS - ok
10:46:32.0507 4596 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:46:32.0507 4596 SensrSvc - ok
10:46:32.0538 4596 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
10:46:32.0538 4596 Serenum - ok
10:46:32.0554 4596 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
10:46:32.0554 4596 Serial - ok
10:46:32.0585 4596 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:46:32.0585 4596 sermouse - ok
10:46:32.0600 4596 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:46:32.0600 4596 SessionEnv - ok
10:46:32.0616 4596 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:46:32.0616 4596 sffdisk - ok
10:46:32.0632 4596 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:46:32.0632 4596 sffp_mmc - ok
10:46:32.0663 4596 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:46:32.0663 4596 sffp_sd - ok
10:46:32.0694 4596 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:46:32.0694 4596 sfloppy - ok
10:46:32.0741 4596 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
10:46:32.0756 4596 Sftfs - ok
10:46:32.0803 4596 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:46:32.0803 4596 sftlist - ok
10:46:32.0834 4596 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:46:32.0834 4596 Sftplay - ok
10:46:32.0850 4596 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:46:32.0850 4596 Sftredir - ok
10:46:32.0850 4596 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
10:46:32.0850 4596 Sftvol - ok
10:46:32.0866 4596 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:46:32.0866 4596 sftvsa - ok
10:46:32.0912 4596 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:46:32.0912 4596 SharedAccess - ok
10:46:32.0928 4596 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:46:32.0944 4596 ShellHWDetection - ok
10:46:32.0975 4596 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:46:32.0975 4596 SiSRaid2 - ok
10:46:32.0990 4596 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:46:32.0990 4596 SiSRaid4 - ok
10:46:32.0990 4596 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:46:32.0990 4596 Smb - ok
10:46:33.0022 4596 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:46:33.0037 4596 SNMPTRAP - ok
10:46:33.0053 4596 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:46:33.0053 4596 spldr - ok
10:46:33.0084 4596 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:46:33.0084 4596 Spooler - ok
10:46:33.0146 4596 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:46:33.0162 4596 sppsvc - ok
10:46:33.0178 4596 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:46:33.0178 4596 sppuinotify - ok
10:46:33.0209 4596 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:46:33.0209 4596 srv - ok
10:46:33.0224 4596 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:46:33.0240 4596 srv2 - ok
10:46:33.0240 4596 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:46:33.0240 4596 srvnet - ok
10:46:33.0271 4596 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:46:33.0271 4596 SSDPSRV - ok
10:46:33.0287 4596 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:46:33.0302 4596 SstpSvc - ok
10:46:33.0365 4596 [ E942412186178B1331F8335E30FA076F ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
10:46:33.0365 4596 STacSV - ok
10:46:33.0380 4596 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:46:33.0380 4596 stexstor - ok
10:46:33.0396 4596 [ DCC8845692DEA3477BCF6CE9D06C711F ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
10:46:33.0396 4596 STHDA - ok
10:46:33.0427 4596 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:46:33.0427 4596 stisvc - ok
10:46:33.0443 4596 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:46:33.0443 4596 swenum - ok
10:46:33.0458 4596 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:46:33.0458 4596 swprv - ok
10:46:33.0490 4596 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:46:33.0505 4596 SysMain - ok
10:46:33.0521 4596 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:46:33.0521 4596 TabletInputService - ok
10:46:33.0552 4596 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:46:33.0552 4596 TapiSrv - ok
10:46:33.0568 4596 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:46:33.0568 4596 TBS - ok
10:46:33.0630 4596 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:46:33.0646 4596 Tcpip - ok
10:46:33.0661 4596 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:46:33.0677 4596 TCPIP6 - ok
10:46:33.0692 4596 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:46:33.0692 4596 tcpipreg - ok
10:46:33.0724 4596 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:46:33.0724 4596 TDPIPE - ok
10:46:33.0755 4596 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:46:33.0755 4596 TDTCP - ok
10:46:33.0770 4596 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:46:33.0770 4596 tdx - ok
10:46:33.0802 4596 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:46:33.0802 4596 TermDD - ok
10:46:33.0848 4596 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:46:33.0848 4596 TermService - ok
10:46:33.0880 4596 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:46:33.0880 4596 Themes - ok
10:46:33.0911 4596 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:46:33.0911 4596 THREADORDER - ok
10:46:33.0926 4596 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:46:33.0926 4596 TrkWks - ok
10:46:33.0989 4596 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:46:33.0989 4596 TrustedInstaller - ok
10:46:34.0004 4596 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:46:34.0004 4596 tssecsrv - ok
10:46:34.0020 4596 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:46:34.0020 4596 TsUsbFlt - ok
10:46:34.0051 4596 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:46:34.0051 4596 TsUsbGD - ok
10:46:34.0082 4596 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:46:34.0082 4596 tunnel - ok
10:46:34.0098 4596 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:46:34.0098 4596 uagp35 - ok
10:46:34.0114 4596 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:46:34.0114 4596 udfs - ok
10:46:34.0129 4596 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:46:34.0145 4596 UI0Detect - ok
10:46:34.0160 4596 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:46:34.0160 4596 uliagpkx - ok
10:46:34.0176 4596 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:46:34.0192 4596 umbus - ok
10:46:34.0192 4596 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
10:46:34.0192 4596 UmPass - ok
10:46:34.0207 4596 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:46:34.0223 4596 upnphost - ok
10:46:34.0254 4596 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:46:34.0254 4596 USBAAPL64 - ok
10:46:34.0270 4596 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:46:34.0270 4596 usbccgp - ok
10:46:34.0285 4596 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:46:34.0301 4596 usbcir - ok
10:46:34.0316 4596 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:46:34.0316 4596 usbehci - ok
10:46:34.0316 4596 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
10:46:34.0332 4596 usbfilter - ok
10:46:34.0332 4596 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:46:34.0332 4596 usbhub - ok
10:46:34.0348 4596 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:46:34.0348 4596 usbohci - ok
10:46:34.0379 4596 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:46:34.0379 4596 usbprint - ok
10:46:34.0394 4596 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:46:34.0394 4596 usbscan - ok
10:46:34.0410 4596 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:46:34.0410 4596 USBSTOR - ok
10:46:34.0426 4596 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:46:34.0426 4596 usbuhci - ok
10:46:34.0457 4596 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:46:34.0457 4596 UxSms - ok
10:46:34.0457 4596 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:46:34.0457 4596 VaultSvc - ok
10:46:34.0472 4596 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:46:34.0472 4596 vdrvroot - ok
10:46:34.0488 4596 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:46:34.0504 4596 vds - ok
10:46:34.0519 4596 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:46:34.0519 4596 vga - ok
10:46:34.0535 4596 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:46:34.0550 4596 VgaSave - ok
10:46:34.0566 4596 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:46:34.0566 4596 vhdmp - ok
10:46:34.0582 4596 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:46:34.0582 4596 viaide - ok
10:46:34.0597 4596 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:46:34.0597 4596 volmgr - ok
10:46:34.0613 4596 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:46:34.0613 4596 volmgrx - ok
10:46:34.0628 4596 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:46:34.0628 4596 volsnap - ok
10:46:34.0644 4596 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:46:34.0660 4596 vsmraid - ok
10:46:34.0691 4596 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:46:34.0691 4596 VSS - ok
10:46:34.0706 4596 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:46:34.0706 4596 vwifibus - ok
10:46:34.0722 4596 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:46:34.0722 4596 vwififlt - ok
10:46:34.0753 4596 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:46:34.0753 4596 vwifimp - ok
10:46:34.0769 4596 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:46:34.0769 4596 W32Time - ok
10:46:34.0800 4596 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:46:34.0800 4596 WacomPen - ok
10:46:34.0816 4596 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:46:34.0816 4596 WANARP - ok
10:46:34.0816 4596 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:46:34.0831 4596 Wanarpv6 - ok
10:46:34.0878 4596 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:46:34.0878 4596 WatAdminSvc - ok
10:46:34.0925 4596 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:46:34.0940 4596 wbengine - ok
10:46:34.0972 4596 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:46:34.0972 4596 WbioSrvc - ok
10:46:34.0987 4596 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:46:34.0987 4596 wcncsvc - ok
10:46:35.0003 4596 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:46:35.0003 4596 WcsPlugInService - ok
10:46:35.0018 4596 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
10:46:35.0018 4596 Wd - ok
10:46:35.0065 4596 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:46:35.0065 4596 Wdf01000 - ok
10:46:35.0081 4596 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:46:35.0081 4596 WdiServiceHost - ok
10:46:35.0096 4596 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:46:35.0096 4596 WdiSystemHost - ok
10:46:35.0112 4596 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:46:35.0112 4596 WebClient - ok
10:46:35.0128 4596 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:46:35.0128 4596 Wecsvc - ok
10:46:35.0143 4596 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:46:35.0143 4596 wercplsupport - ok
10:46:35.0143 4596 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:46:35.0159 4596 WerSvc - ok
10:46:35.0190 4596 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:46:35.0190 4596 WfpLwf - ok
10:46:35.0206 4596 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:46:35.0206 4596 WIMMount - ok
10:46:35.0206 4596 WinDefend - ok
10:46:35.0221 4596 WinHttpAutoProxySvc - ok
10:46:35.0252 4596 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:46:35.0252 4596 Winmgmt - ok
10:46:35.0299 4596 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:46:35.0315 4596 WinRM - ok
10:46:35.0346 4596 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:46:35.0346 4596 WinUsb - ok
10:46:35.0362 4596 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:46:35.0377 4596 Wlansvc - ok
10:46:35.0408 4596 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:46:35.0424 4596 wlcrasvc - ok
10:46:35.0471 4596 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:46:35.0486 4596 wlidsvc - ok
10:46:35.0502 4596 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:46:35.0502 4596 WmiAcpi - ok
10:46:35.0533 4596 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:46:35.0533 4596 wmiApSrv - ok
10:46:35.0549 4596 WMPNetworkSvc - ok
10:46:35.0564 4596 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:46:35.0564 4596 WPCSvc - ok
10:46:35.0580 4596 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:46:35.0580 4596 WPDBusEnum - ok
10:46:35.0596 4596 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:46:35.0596 4596 ws2ifsl - ok
10:46:35.0627 4596 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:46:35.0627 4596 wscsvc - ok
10:46:35.0627 4596 WSearch - ok
10:46:35.0689 4596 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:46:35.0705 4596 wuauserv - ok
10:46:35.0736 4596 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:46:35.0736 4596 WudfPf - ok
10:46:35.0767 4596 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:46:35.0767 4596 WUDFRd - ok
10:46:35.0783 4596 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:46:35.0783 4596 wudfsvc - ok
10:46:35.0798 4596 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:46:35.0814 4596 WwanSvc - ok
10:46:35.0845 4596 ================ Scan global ===============================
10:46:35.0923 4596 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:46:35.0970 4596 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:46:35.0986 4596 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:46:36.0017 4596 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:46:36.0048 4596 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:46:36.0064 4596 [Global] - ok
10:46:36.0064 4596 ================ Scan MBR ==================================
10:46:36.0079 4596 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:46:36.0360 4596 \Device\Harddisk0\DR0 - ok
10:46:36.0360 4596 ================ Scan VBR ==================================
10:46:36.0360 4596 [ 573E40E60911513D71AF45044336BDB4 ] \Device\Harddisk0\DR0\Partition1
10:46:36.0360 4596 \Device\Harddisk0\DR0\Partition1 - ok
10:46:36.0391 4596 [ 5033747DD674B2A9D2B1D9EFF10C83D0 ] \Device\Harddisk0\DR0\Partition2
10:46:36.0407 4596 \Device\Harddisk0\DR0\Partition2 - ok
10:46:36.0438 4596 [ 9CF67B9F96EF38592126B72BB802B497 ] \Device\Harddisk0\DR0\Partition3
10:46:36.0438 4596 \Device\Harddisk0\DR0\Partition3 - ok
10:46:36.0438 4596 ============================================================
10:46:36.0438 4596 Scan finished
10:46:36.0438 4596 ============================================================
10:46:36.0454 6136 Detected object count: 0
10:46:36.0454 6136 Actual detected object count: 0

Edited by mellowjay123, 21 January 2013 - 12:51 PM.


#11 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 21 January 2013 - 12:51 PM

Here is the MBAM Log




MBAM


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.21.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
veg :: VEG-HP [administrator]

1/21/2013 10:41:00 AM
mbam-log-2013-01-21 (10-41-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211993
Time elapsed: 1 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#12 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 21 January 2013 - 01:00 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/21/2013 at 11:00 AM

Application Version : 5.6.1014

Core Rules Database Version : 9902
Trace Rules Database Version: 7714

Scan type : Quick Scan
Total Scan Time : 00:02:20

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 641
Memory threats detected : 0
Registry items scanned : 60638
Registry threats detected : 0
File items scanned : 10468
File threats detected : 0

#13 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 21 January 2013 - 02:37 PM

HI, I diabled Avast shields and ran Esets - I didn't completely uninstall Avast, I hope that was correct. Esets didn't find anything, I didn't see an option for result logs. I will run again if there is a way to create a log.

#14 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 21 January 2013 - 02:47 PM

Report 1




RogueKiller V8.4.3 [Jan 21 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : veg [Admin rights]
Mode : Scan -- Date : 01/21/2013 12:39:25

Bad processes : 0

Registry Entries : 2
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


MBR Check:

+++++ PhysicalDrive0: Hitachi HDS721010CLA632 SATA Disk Device +++++
--- User ---
[MBR] 0a2b7657fe73113367611caa6c3bad03
[BSP] 38a3684dddad30df871936734981d850 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 941950 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1929320448 | Size: 11817 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] e272fbdb1157fa9e584c143bbd9eb5b6
[BSP] 79debd5c34d3c3c013ac94c1aa0c13ce : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 226125824 | Size: 300 Mo

+++++ PhysicalDrive1: HP Photosmart C6200 USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_01212013_02d1239.txt >>
RKreport[1]_S_01212013_02d1239.txt

#15 mellowjay123

mellowjay123
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 21 January 2013 - 02:48 PM

Report 2


RogueKiller V8.4.3 [Jan 21 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : veg [Admin rights]
Mode : Remove -- Date : 01/21/2013 12:39:50

Bad processes : 0

Registry Entries : 2
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


MBR Check:

+++++ PhysicalDrive0: Hitachi HDS721010CLA632 SATA Disk Device +++++
--- User ---
[MBR] 0a2b7657fe73113367611caa6c3bad03
[BSP] 38a3684dddad30df871936734981d850 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 941950 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1929320448 | Size: 11817 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] e272fbdb1157fa9e584c143bbd9eb5b6
[BSP] 79debd5c34d3c3c013ac94c1aa0c13ce : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 226125824 | Size: 300 Mo

+++++ PhysicalDrive1: HP Photosmart C6200 USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive4: Generic- SD/MMC USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2]_D_01212013_02d1239.txt >>
RKreport[1]_S_01212013_02d1239.txt ; RKreport[2]_D_01212013_02d1239.txt




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users