Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected with a rootkit?


  • Please log in to reply
28 replies to this topic

#1 artharpster

artharpster

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 17 April 2012 - 05:37 PM

Hello,

Today there has been many attempts (every 10 seconds or so) of multiple ISPs to make outgoing connections that have been blocked by Malewarebytes. The ISP range is 206.161.121.2 to 206.161.121.5. Sometimes the 'attacks' can go on incessantly for hours. Looking up the ISP, it seems to come from 'Beyond The Network America'. Also, 204.137.28.195 comes up from time to time.

Linkscanner from AVG antivirus program popped up today with a message "c:\windows\system32\svchost.exe process ID: 808 Exploit blackhole exploit kit".

Reading has lead me to believe that I may have a rootkit.

Can someone help me determine if this is an accurate assessment and if so, help me remove it?

Thank you!

PS I am running windows xp professional service pack 3

Edited by artharpster, 17 April 2012 - 05:42 PM.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:21 AM

Posted 17 April 2012 - 05:40 PM

Hi artharpster,

I will be helping you with your problems
Please do the following:

Step 1

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 2

Please download Farbar Service Scanner to your Desktop and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Step 3

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Step 4

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 17 April 2012 - 06:34 PM

Thank you dev00790!

Security Check Log:

Results of screen317's Security Check version 0.99.32
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
AVG 2012
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

SpywareBlaster 4.4
SUPERAntiSpyware
TuneUp Utilities 2011
TuneUp Utilities Language Pack (en-GB)
CCleaner
Java™ 6 Update 29
Java™ 7 Update 1
Java™ SE Development Kit 7 Update 1
Java version out of date!
Adobe Flash Player 10.3.183.5 Flash Player out of Date!
Adobe Reader X (10.1.3)
Mozilla Firefox (9.0.1)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````


Farbar Service Scanner Log:

Farbar Service Scanner Version: 16-04-2012
Ran by Randy (administrator) on 17-04-2012 at 18:56:33
Running from "C:\Documents and Settings\Randy\Desktop\Bleeping computer"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Avgfwfd(8) Avgtdix(9) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x09000000050000000100000002000000030000000400000008000000090000000600000007000000
IpSec Tag value is correct.

**** End of log ****


MiniToolbox Scan Result:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Randy (administrator) on 17-04-2012 at 19:00:41
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 secure.tune-up.com

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : supernat-f2b3b3

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : Belkin



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : Belkin

Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection

Physical Address. . . . . . . . . : 00-1D-09-8C-46-04

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.6

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : Tuesday, April 17, 2012 4:26:21 PM

Lease Expires . . . . . . . . . . : Monday, January 18, 2038 11:14:07 PM

Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.47.101, 74.125.47.102, 74.125.47.113, 74.125.47.138
74.125.47.100, 74.125.47.139



Pinging google.com [74.125.159.138] with 32 bytes of data:



Reply from 74.125.159.138: bytes=32 time=38ms TTL=52

Reply from 74.125.159.138: bytes=32 time=37ms TTL=52



Ping statistics for 74.125.159.138:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 37ms, Maximum = 38ms, Average = 37ms

Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=91ms TTL=49

Reply from 72.30.38.140: bytes=32 time=92ms TTL=49



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 91ms, Maximum = 92ms, Average = 91ms

Server: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 09 8c 46 04 ...... Intel® 82562V-2 10/100 Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.6 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.2.6 192.168.2.6 20
192.168.2.0 255.255.255.0 192.168.2.6 192.168.2.6 20
192.168.2.6 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.2.255 255.255.255.255 192.168.2.6 192.168.2.6 20
224.0.0.0 240.0.0.0 192.168.2.6 192.168.2.6 20
255.255.255.255 255.255.255.255 192.168.2.6 192.168.2.6 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/21/2011 01:45:43 PM) (Source: MsiInstaller) (User: Randy)Randy
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:45:42 PM) (Source: MsiInstaller) (User: Randy)Randy
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:45:41 PM) (Source: MsiInstaller) (User: Randy)Randy
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:45:41 PM) (Source: MsiInstaller) (User: Randy)Randy
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:45:40 PM) (Source: MsiInstaller) (User: Randy)Randy
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:45:39 PM) (Source: MsiInstaller) (User: Randy)Randy
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:44:21 PM) (Source: MsiInstaller) (User: Randy)Randy
Description: Product: Adobe Photoshop Elements 10 -- Please install/uninstall the product using Setup.exe in the root folder.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:36:54 PM) (Source: Application Hang) (User: )
Description: Hanging application msiexec.exe, version 4.5.6001.22159, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/21/2011 01:22:11 PM) (Source: Application Hang) (User: )
Description: Hanging application CORE10k.EXE, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/17/2011 08:48:21 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x8424b48b.
Processing media-specific event for [iexplore.exe!ws!]


System errors:
=============
Error: (10/30/2011 11:51:39 AM) (Source: DCOM) (User: Randy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/29/2011 01:44:17 PM) (Source: DCOM) (User: Randy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/28/2011 09:30:33 PM) (Source: DCOM) (User: Randy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/28/2011 09:04:16 PM) (Source: DCOM) (User: Randy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/28/2011 04:17:55 PM) (Source: DCOM) (User: Randy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/28/2011 01:27:34 PM) (Source: DCOM) (User: Randy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/28/2011 09:50:05 AM) (Source: DCOM) (User: Randy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/27/2011 06:07:17 PM) (Source: DCOM) (User: Randy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/27/2011 03:18:42 PM) (Source: DCOM) (User: Randy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/27/2011 01:08:34 PM) (Source: DCOM) (User: Randy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (01/02/2012 01:12:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 148 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/11/2011 05:05:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/22/2011 06:47:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/25/2011 00:06:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/25/2011 10:52:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 7.1.8)
7-Zip 9.20
AccmeWare FileBulldog Toolbar
Adobe AIR (Version: 2.7.0.19530)
Adobe Audition CS5.5 (Version: 4.0)
Adobe Community Help (Version: 3.5.23)
Adobe Digital Editions
Adobe Flash Player 10 Plugin (Version: 10.3.183.5)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.228)
Adobe Photoshop Elements 10 (Version: 10.0)
Adobe Photoshop Elements 9 (Version: 9.0.3.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.07)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Akamai NetSession Interface
Amazon Kindle
Amazon MP3 Downloader 1.0.14 (Version: 1.0.14)
Antares Auto-Tune v4.39
AnyDVD (Version: 6.8.4.2)
AnySync (Version: 6.5)
AnyTime Organizer (Version: 13)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Atmosphere Deluxe v7.1
Audacity 1.2.6
Audiograbber 1.83 SE (Version: 1.83 SE )
Audiograbber MP3 Plugin (Version: 1.0)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2411)
AVG 2012 (Version: 2012.0.1913)
BenVista PhotoArtist 2.0.8 (Version: 2.0.8)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 140.0.212.000)
C309g-m (Version: 140.0.690.000)
calibre (Version: 0.8.24)
CCleaner (Version: 3.14)
CCScore (Version: 8.02.0000.0001)
Cepstral Whispery 5.1.0 (Version: 5.1.0)
CloneDVD2 (Version: 2.9.2.8)
CoffeeCup Direct FTP (Version: 3.9.1942)
CoffeeCup Flash FireStarter
CoffeeCup Flash Menu Builder
CoffeeCup HTML Editor
CoffeeCup LockBox
CoffeeCup MP3 Rip & Burn
CoffeeCup Photo Gallery
CoffeeCup PixConverter
CoffeeCup Web Form Builder
CoffeeCup Web Form Builder (Version: 1.1.3182)
CoffeeCup Web Form Builder Lite (Version: 1.0.3033)
CoffeeCup Web Video Player
CoffeeCup Website Access Manager
CoffeeCup Website Color Schemer
ColorPic (Version: 4.1)
Cool MP3 Splitter 2.02
Defraggler (Version: 2.08)
Delete Duplicate Files 4.6
Dell Resource CD (Version: 1.00.0000)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DFX for Windows Media Player (Version: 9.304.0.0)
Dragon NaturallySpeaking 11 (Version: 11.50.100)
Driver Genius Professional Edition (Version: 10.0)
Edirol HQ Orchestral VSTi v1.03
Elements 10 Organizer (Version: 10.0)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
ESSBrwr (Version: 8.02.0000.0001)
ESSCDBK (Version: 8.03.0000.0001)
ESScore (Version: 8.03.0000.0001)
ESSgui (Version: 8.03.0000.0001)
ESSini (Version: 8.02.0000.0001)
ESSPCD (Version: 8.02.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
Exact Audio Copy 1.0beta3 (Version: 1.0beta3)
Facemoods Toolbar
FinePrint (Version: 6.25)
Firebird SQL Server - MAGIX Edition (Version: 2.1.31.0)
Free Audio Recorder 6.5.6
Free M4a to MP3 Converter 7.0
GoodSync (Version: 8.7.6.6)
Google Chrome (Version: 18.0.1025.162)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GoToMeeting 4.8.0.723 (Version: 4.8.0.723)
GPBaseService2 (Version: 140.0.211.000)
Hal Text-to-Speech with NeoSpeech VoiceText (Version: 1.03.0000)
Horizons - 1.00.06
Horizons - 1.00.08
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Inkscape 0.48.2 (Version: 0.48.2)
Intel® Graphics Media Accelerator Driver (Version: 0.0.0.0000)
Intel® PRO Network Connections 12.1.12.0 (Version: )
Internet Download Manager
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 10.6.1.7)
iZotope Ozone 4 (Version: 4.00)
iZotope Vinyl (Version: 1.61)
j2 Messenger (Version: 4.4.0.515)
Java Auto Updater (Version: 2.1.5.1)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 7 Update 1 (Version: 7.0.10)
Java™ SE Development Kit 7 Update 1 (Version: 1.7.0.10)
Kepler 7.0
Kindle PC Converter (Version: )
Kodak EasyShare software
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
LogoDesignSuite
Magic Bullet Quick Looks (for MAGIX) (Version: 1.0.0)
MAGIX Audio Cleaning Lab 16 deluxe Download Version (Version: 16.0.0.0)
MAGIX Movie Edit Pro 17 Plus (Version: 10.0.0.33)
MAGIX Movie Edit Pro 17 Plus Video Plugins (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium (Red Giant Magic Bullet Quick Looks) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium (Video Plugins) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Demo project) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Design elements) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Fade effects) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Individual menu templates) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Introductory videos) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Menu templates 1) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Menu templates 2) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (movie templates) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (NewBlueFX Light Blends) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (proDAD Adorage starter package) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (proDAD VitaScene 2 MAGIX Edition) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Slideshow Maker styles 1) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Slideshow Maker styles 2) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Soundtrack Maker styles) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (title effects) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Version: 11.0.1.4)
MAGIX Music Maker 17 Premium (Demo songs) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Instrument package 1) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Instrument package 2) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Instrument package 3) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Introductory videos) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Sound package) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Synthesizer and effects) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium Download Version (Version: 17.0.0.16)
MAGIX Music Maker MX Production Suite Download Version (Demo songs) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 1) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 2) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 3) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 4) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 5) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 6) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Introductory videos) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Sound package) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Synthesizer and effects) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Version: 18.0.1.11)
MAGIX Music Maker MX Production Suite Download Version (Visuals) (Version: 1.0.0.0)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Speed 2 (MSI) (Version: 6.0.1.2)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 140.0.212.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft ActiveSync (Version: 4.5.5096.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Basic 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WinUsb 1.0
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mind Stereo 1.1.3
Mind Stereo Visualizations Pack 1.1.2
Mind WorkStation 1.3.2
Mind WorkStation Visualizations Pack 1.0
Mindjet MindManager 2012 (Version: 10.0.445)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MP4/M4A Plugin (Free/GPL) 1.1, install for Neuro-Programmer 3
MP4/M4A Plugin (Free/GPL), install for Mind WorkStation 1.2.2
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML 6.0 Parser (Version: 6.00.3883.15)
netbrdg (Version: 7.01.0000.0001)
Network (Version: 140.0.215.000)
Neuro-Programmer 2.5.4
Neuro-Programmer 3 Visualizations Pack 1.0
Neuro-Programmer 3.1.2
NewBlue 3D Explosions for Windows (Version: 1.4)
NewBlue 3D Transformations for Windows (Version: 1.4)
NewBlue Art Blends for Windows (Version: 2.4)
NewBlue Art Effects for Windows (Version: 2.4)
NewBlue Film Effects for Windows (Version: 1.4)
NewBlue Free Effects for Windows (Version: 1.4)
NewBlue Light Effects for Windows (Version: 1.4)
NewBlue Motion Blends for Windows (Version: 2.4)
NewBlue Motion Effects for Windows (Version: 2.4)
NewBlue Paint Blends for Windows (Version: 1.4)
NewBlue Paint Effects for Windows (Version: 1.4)
NewBlue Sampler Pack for Windows (Version: 1.4)
NewBlue Stabilizer for Windows (Version: 1.4)
NewBlue Video Essentials for Windows (Version: 1.4)
NewBlue Video Essentials II for Windows (Version: 1.4)
NewBlue Video Essentials III for Windows (Version: 1.4)
NewBlue Video Essentials IV for Windows (Version: 1.4)
OfotoXMI (Version: 8.03.0000.0001)
Olympus Digital Wave Player
palmOne (Version: 4.1.0420)
PDF-XChange 3
pdfFactory Pro (Version: 4.50)
Picture Merge Genius 2.8.1
Power CD+G Filter
PowerISO
proDAD Adorage 3.0 (Version: 3.0.92)
proDAD Vitascene 2.0 (Version: 2.0.112)
PRS-500 USB driver (Version: 1.0.00.08110)
PS_AIO_06_C309g-m_SW_Min (Version: 140.0.690.000)
PSE10 STI Installer (Version: 10.0)
QuickTime (Version: 7.71.80.42)
QuickTransfer (Version: 140.0.98.000)
Reader Library by Sony (Version: 3.3.00.07130)
Realtek High Definition Audio Driver (Version: 5.10.0.5408)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.2300.0)
Scan (Version: 140.0.80.000)
Seagate Dashboard (Version: 1.1.0.1421)
SFR (Version: 8.01.0000.0001)
SHARM 4
SHASTA (Version: 7.01.0000.0001)
Shop for HP Supplies (Version: 14.0)
skin0001 (Version: 8.02.0000.0001)
SKINXSDK (Version: 8.02.0000.0001)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
SmartSound Common Data (Version: 1.1.0)
SmartSound Sonicfire Pro 5 (Version: 5.7.1)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.213.000)
Sothink SWF Decompiler (Version: 6.1)
Sothink SWF Quicker (Version: 4.0)
Sound Forge Pro 10.0 (Version: 10.0.368)
SpywareBlaster 4.4 (Version: 4.4.0)
staticcr (Version: 8.02.0000.0001)
Status (Version: 140.0.212.000)
Style Master 4.6 (Version: 4.6.0)
SUPERAntiSpyware (Version: 5.0.1146)
Switch Sound File Converter
TeamViewer 6 (Version: 6.0.10722)
TeamViewer 7 (Version: 7.0.12541)
Text-To-Speech-Runtime (Version: 1.0.0.0)
TextAloud 3.0 (Version: 3.0)
The Action Machine 3
The Flash Ad Creator v2
The Flash Ad Creator v2.6
The Logo Creator
The Logo Creator v5
The Logo Creator v5.2
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
TuneUp Utilities 2011 (Version: 10.0.4320.13)
TuneUp Utilities Language Pack (en-GB) (Version: 10.0.4320.13)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking (Version: 11.0.0)
Visual Site Designer (Version: 7.0.76)
VLC media player 1.1.11 (Version: 1.1.11)
VPRINTOL (Version: 8.02.0000.0001)
VT-Bridget-M16-SAPI5 (Version: 3.11.1.0)
Weather Watcher Live (Version: Weather Watcher Live (Build: 9/28/11))
Web Calendar
Web Image Studio (Version: 1.0.3348)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 140.0.212.017)
Win*Star 2.05.05 Install
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080) (Version: 08/08/2006 1.0.03.08080)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
WinRAR archiver
WIRELESS (Version: 8.02.0000.0001)
WOW Love
Xara Designer Pro 6 (Version: 6.1.1.13205)
Xara Designer Pro 6 Content Pack (Version: 1.0.0.0)
Xara Designer Pro 7 (MAGIX PanoramaStudio 2) (Version: 1.3.0.0)
Xara Designer Pro 7 (Version: 7.1.1.17261)
Xara Designer Pro 7 Content Pack (Version: 1.9.0.0)
Xara Web Designer 7 (Version: 7.1.2.18332)
Xara Web Designer 7 Content Pack (Version: 1.0.2.0)
Xilisoft MP3 CD Burner 6 (Version: 6.2.0.0331)
Yahoo! Toolbar
YouSendIt Express (Version: 2.10.2)
YouSendIt Plug-in for Outlook (Version: 2.15.0)

========================= Devices: ================================

Name: Photosmart Premium C309g-m
Description: Photosmart Premium C309g-m
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 80%
Total physical RAM: 3317.1 MB
Available physical RAM: 655.61 MB
Total Pagefile: 5201.14 MB
Available Pagefile: 2342.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.86 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.04 GB) (Free:167.11 GB) NTFS
3 Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:1863.01 GB) (Free:707.95 GB) NTFS

========================= Users: ========================================

User accounts for \\SUPERNAT-F2B3B3

Administrator ASPNET Guest
HelpAssistant Randy SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****



Malewarebytes Bytes Log:

www.malwarebytes.org

Database version: v2012.04.17.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Randy :: SUPERNAT-F2B3B3 [administrator]

Protection: Enabled

4/17/2012 7:08:55 PM
mbam-log-2012-04-17 (19-08-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 258461
Time elapsed: 22 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:21 AM

Posted 19 April 2012 - 07:02 PM

Hi artharpster,

Sorry for the delay. I will try to give the next steps this weekend.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 20 April 2012 - 08:27 AM

Hi dev00790,

No problem.

In the meantime, I have used Kasperky's Rscue disk 10 and it found some problems.

It appears to have fixed the constant popups from malewarebytes.

Is there a scan I can do to see if all is really clean?

Thank you.



Here is the log:

13:46:18.0515 2732 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
13:46:18.0796 2732 ============================================================
13:46:18.0796 2732 Current date / time: 2012/04/19 13:46:18.0796
13:46:18.0796 2732 SystemInfo:
13:46:18.0796 2732
13:46:18.0796 2732 OS Version: 5.1.2600 ServicePack: 3.0
13:46:18.0796 2732 Product type: Workstation
13:46:18.0796 2732 ComputerName: SUPERNAT-F2B3B3
13:46:18.0796 2732 UserName: Randy
13:46:18.0796 2732 Windows directory: C:\WINDOWS
13:46:18.0796 2732 System windows directory: C:\WINDOWS
13:46:18.0796 2732 Processor architecture: Intel x86
13:46:18.0796 2732 Number of processors: 2
13:46:18.0796 2732 Page size: 0x1000
13:46:18.0796 2732 Boot type: Normal boot
13:46:18.0796 2732 ============================================================
13:46:22.0484 2732 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:46:22.0484 2732 Drive \Device\Harddisk1\DR3 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:46:22.0500 2732 \Device\Harddisk0\DR0:
13:46:22.0500 2732 MBR partitions:
13:46:22.0500 2732 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x25411F7A
13:46:22.0500 2732 \Device\Harddisk1\DR3:
13:46:22.0500 2732 MBR partitions:
13:46:22.0500 2732 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
13:46:22.0562 2732 C: <-> \Device\Harddisk0\DR0\Partition0
13:46:22.0734 2732 F: <-> \Device\Harddisk1\DR3\Partition0
13:46:22.0734 2732 Initialize success
13:46:22.0734 2732 ============================================================
13:46:25.0640 2908 ============================================================
13:46:25.0640 2908 Scan started
13:46:25.0640 2908 Mode: Manual;
13:46:25.0640 2908 ============================================================
13:46:27.0343 2908 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
13:46:27.0343 2908 !SASCORE - ok
13:46:27.0421 2908 Abiosdsk - ok
13:46:27.0437 2908 abp480n5 - ok
13:46:27.0500 2908 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:46:27.0500 2908 ACPI - ok
13:46:27.0546 2908 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:46:27.0546 2908 ACPIEC - ok
13:46:27.0640 2908 AdobeActiveFileMonitor10.0 (c245e08ec469a52a622efdc9787a0dcc) C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
13:46:27.0640 2908 AdobeActiveFileMonitor10.0 - ok
13:46:27.0687 2908 AdobeActiveFileMonitor9.0 (c004f38974f4d321b4c20a240e1175c0) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
13:46:27.0703 2908 AdobeActiveFileMonitor9.0 - ok
13:46:27.0812 2908 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:46:27.0843 2908 AdobeFlashPlayerUpdateSvc - ok
13:46:27.0843 2908 adpu160m - ok
13:46:27.0890 2908 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:46:27.0890 2908 aec - ok
13:46:27.0953 2908 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:46:27.0968 2908 AFD - ok
13:46:27.0968 2908 Aha154x - ok
13:46:27.0984 2908 aic78u2 - ok
13:46:27.0984 2908 aic78xx - ok
13:46:28.0031 2908 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
13:46:28.0031 2908 Alerter - ok
13:46:28.0062 2908 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
13:46:28.0062 2908 ALG - ok
13:46:28.0078 2908 AliIde - ok
13:46:28.0156 2908 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
13:46:28.0203 2908 Ambfilt - ok
13:46:28.0203 2908 amsint - ok
13:46:28.0250 2908 AnyDVD (133b7b6d6a3ec9e46fbe742ee1516c37) C:\WINDOWS\system32\Drivers\AnyDVD.sys
13:46:28.0265 2908 AnyDVD - ok
13:46:28.0328 2908 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:46:28.0328 2908 Apple Mobile Device - ok
13:46:28.0375 2908 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
13:46:28.0421 2908 AppMgmt - ok
13:46:28.0468 2908 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:46:28.0468 2908 Arp1394 - ok
13:46:28.0468 2908 asc - ok
13:46:28.0484 2908 asc3350p - ok
13:46:28.0500 2908 asc3550 - ok
13:46:28.0640 2908 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:46:28.0656 2908 aspnet_state - ok
13:46:28.0671 2908 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:46:28.0671 2908 AsyncMac - ok
13:46:28.0718 2908 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:46:28.0718 2908 atapi - ok
13:46:28.0734 2908 Atdisk - ok
13:46:28.0765 2908 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:46:28.0765 2908 Atmarpc - ok
13:46:28.0796 2908 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
13:46:28.0796 2908 AudioSrv - ok
13:46:28.0859 2908 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:46:28.0859 2908 audstub - ok
13:46:28.0921 2908 Avgfwdx (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
13:46:28.0921 2908 Avgfwdx - ok
13:46:28.0921 2908 Avgfwfd (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
13:46:28.0921 2908 Avgfwfd - ok
13:46:29.0078 2908 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files\AVG\AVG2012\avgfws.exe
13:46:29.0093 2908 avgfws - ok
13:46:29.0234 2908 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
13:46:29.0343 2908 AVGIDSAgent - ok
13:46:29.0406 2908 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
13:46:29.0406 2908 AVGIDSDriver - ok
13:46:29.0437 2908 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
13:46:29.0437 2908 AVGIDSEH - ok
13:46:29.0468 2908 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
13:46:29.0468 2908 AVGIDSFilter - ok
13:46:29.0531 2908 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
13:46:29.0531 2908 AVGIDSShim - ok
13:46:29.0609 2908 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
13:46:29.0609 2908 Avgldx86 - ok
13:46:29.0609 2908 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
13:46:29.0609 2908 Avgmfx86 - ok
13:46:29.0656 2908 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
13:46:29.0656 2908 Avgrkx86 - ok
13:46:29.0687 2908 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
13:46:29.0703 2908 Avgtdix - ok
13:46:29.0750 2908 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
13:46:29.0750 2908 avgwd - ok
13:46:29.0859 2908 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:46:29.0859 2908 Beep - ok
13:46:29.0906 2908 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
13:46:29.0937 2908 BITS - ok
13:46:29.0984 2908 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
13:46:30.0000 2908 Bonjour Service - ok
13:46:30.0031 2908 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
13:46:30.0031 2908 Browser - ok
13:46:30.0062 2908 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:46:30.0062 2908 cbidf2k - ok
13:46:30.0093 2908 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:46:30.0093 2908 CCDECODE - ok
13:46:30.0109 2908 cd20xrnt - ok
13:46:30.0156 2908 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:46:30.0156 2908 Cdaudio - ok
13:46:30.0187 2908 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:46:30.0187 2908 Cdfs - ok
13:46:30.0218 2908 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:46:30.0218 2908 Cdrom - ok
13:46:30.0265 2908 Cepstral License Server (e0d1a86936ae67a266a88ea84b1b5d79) C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
13:46:30.0265 2908 Cepstral License Server - ok
13:46:30.0328 2908 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
13:46:30.0343 2908 cercsr6 - ok
13:46:30.0343 2908 Changer - ok
13:46:30.0375 2908 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
13:46:30.0375 2908 CiSvc - ok
13:46:30.0406 2908 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
13:46:30.0406 2908 ClipSrv - ok
13:46:30.0562 2908 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:46:30.0562 2908 clr_optimization_v2.0.50727_32 - ok
13:46:30.0578 2908 CmdIde - ok
13:46:30.0578 2908 COMSysApp - ok
13:46:30.0593 2908 Cpqarray - ok
13:46:30.0609 2908 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
13:46:30.0609 2908 CryptSvc - ok
13:46:30.0625 2908 dac2w2k - ok
13:46:30.0625 2908 dac960nt - ok
13:46:30.0687 2908 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:46:30.0703 2908 DcomLaunch - ok
13:46:30.0734 2908 Delete Duplicate Files Scan on Schedule Service (953bfa65032b6b6eec5d82612b872fb7) C:\Program Files\Delete Duplicate Files\DDFS.exe
13:46:30.0734 2908 Delete Duplicate Files Scan on Schedule Service - ok
13:46:30.0781 2908 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
13:46:30.0781 2908 Dhcp - ok
13:46:30.0812 2908 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:46:30.0812 2908 Disk - ok
13:46:30.0828 2908 dmadmin - ok
13:46:30.0859 2908 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
13:46:30.0875 2908 dmboot - ok
13:46:30.0906 2908 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
13:46:30.0906 2908 dmio - ok
13:46:30.0953 2908 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:46:30.0953 2908 dmload - ok
13:46:30.0953 2908 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
13:46:30.0953 2908 dmserver - ok
13:46:31.0000 2908 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:46:31.0000 2908 DMusic - ok
13:46:31.0062 2908 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
13:46:31.0062 2908 Dnscache - ok
13:46:31.0093 2908 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
13:46:31.0109 2908 Dot3svc - ok
13:46:31.0109 2908 dpti2o - ok
13:46:31.0156 2908 DragonSvc (fbb015880ad6b8366e0d061ea42cc091) C:\Program Files\Common Files\Nuance\dgnsvc.exe
13:46:31.0171 2908 DragonSvc - ok
13:46:31.0171 2908 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:46:31.0171 2908 drmkaud - ok
13:46:31.0234 2908 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
13:46:31.0234 2908 e1express - ok
13:46:31.0281 2908 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
13:46:31.0281 2908 EapHost - ok
13:46:31.0328 2908 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
13:46:31.0328 2908 ElbyCDIO - ok
13:46:31.0390 2908 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
13:46:31.0390 2908 ERSvc - ok
13:46:31.0453 2908 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:46:31.0468 2908 Eventlog - ok
13:46:31.0484 2908 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
13:46:31.0484 2908 EventSystem - ok
13:46:31.0500 2908 Fabs - ok
13:46:31.0515 2908 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:46:31.0515 2908 Fastfat - ok
13:46:31.0578 2908 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:46:31.0578 2908 FastUserSwitchingCompatibility - ok
13:46:31.0578 2908 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:46:31.0578 2908 Fdc - ok
13:46:31.0640 2908 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
13:46:31.0640 2908 FilterService - ok
13:46:31.0656 2908 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
13:46:31.0656 2908 Fips - ok
13:46:31.0765 2908 FirebirdServerMAGIXInstance (5bd96d8c5411ace71a7eaacaf0ef2903) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
13:46:31.0843 2908 FirebirdServerMAGIXInstance - ok
13:46:31.0875 2908 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
13:46:31.0890 2908 Flpydisk - ok
13:46:31.0953 2908 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:46:31.0953 2908 FltMgr - ok
13:46:32.0109 2908 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:46:32.0109 2908 FontCache3.0.0.0 - ok
13:46:32.0140 2908 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:46:32.0140 2908 Fs_Rec - ok
13:46:32.0187 2908 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:46:32.0187 2908 Ftdisk - ok
13:46:32.0250 2908 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:46:32.0281 2908 GEARAspiWDM - ok
13:46:32.0312 2908 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:46:32.0312 2908 Gpc - ok
13:46:32.0375 2908 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:32.0375 2908 gupdate - ok
13:46:32.0390 2908 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:32.0390 2908 gupdatem - ok
13:46:32.0437 2908 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:46:32.0437 2908 gusvc - ok
13:46:32.0453 2908 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:46:32.0453 2908 HDAudBus - ok
13:46:32.0515 2908 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:46:32.0515 2908 helpsvc - ok
13:46:32.0562 2908 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
13:46:32.0562 2908 HidServ - ok
13:46:32.0593 2908 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:46:32.0593 2908 hidusb - ok
13:46:32.0640 2908 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
13:46:32.0640 2908 hkmsvc - ok
13:46:32.0656 2908 hpn - ok
13:46:32.0687 2908 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:46:32.0703 2908 hpqcxs08 - ok
13:46:32.0734 2908 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:46:32.0750 2908 hpqddsvc - ok
13:46:32.0765 2908 HPSLPSVC (a04f4ac48895774a2cf9d1c9eaaacef0) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
13:46:32.0781 2908 HPSLPSVC - ok
13:46:32.0859 2908 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
13:46:32.0859 2908 HPZid412 - ok
13:46:32.0921 2908 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
13:46:32.0921 2908 HPZipr12 - ok
13:46:32.0984 2908 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
13:46:32.0984 2908 HPZius12 - ok
13:46:33.0046 2908 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:46:33.0046 2908 HTTP - ok
13:46:33.0109 2908 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
13:46:33.0109 2908 HTTPFilter - ok
13:46:33.0125 2908 i2omgmt - ok
13:46:33.0125 2908 i2omp - ok
13:46:33.0218 2908 ialm (c5db546f9028cd00e64335091860d8f3) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
13:46:33.0312 2908 ialm - ok
13:46:33.0359 2908 IDMTDI (eb5a63adbf35314465cfbc33558cdaf7) C:\WINDOWS\system32\DRIVERS\idmtdi.sys
13:46:33.0359 2908 IDMTDI - ok
13:46:33.0421 2908 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:46:33.0421 2908 IDriverT - ok
13:46:33.0562 2908 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:46:33.0578 2908 idsvc - ok
13:46:33.0625 2908 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:46:33.0640 2908 Imapi - ok
13:46:33.0687 2908 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
13:46:33.0687 2908 ImapiService - ok
13:46:33.0703 2908 ini910u - ok
13:46:33.0875 2908 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:46:34.0046 2908 IntcAzAudAddService - ok
13:46:34.0046 2908 IntelIde - ok
13:46:34.0093 2908 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:46:34.0093 2908 intelppm - ok
13:46:34.0125 2908 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:46:34.0125 2908 Ip6Fw - ok
13:46:34.0171 2908 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:46:34.0171 2908 IpFilterDriver - ok
13:46:34.0203 2908 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:46:34.0203 2908 IpInIp - ok
13:46:34.0234 2908 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:46:34.0234 2908 IpNat - ok
13:46:34.0312 2908 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
13:46:34.0343 2908 iPod Service - ok
13:46:34.0343 2908 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:46:34.0343 2908 IPSec - ok
13:46:34.0375 2908 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:46:34.0375 2908 IRENUM - ok
13:46:34.0406 2908 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:46:34.0421 2908 isapnp - ok
13:46:34.0625 2908 JavaQuickStarterService (92e16f5d034e7864da308ba6309a98b7) C:\Program Files\Java\jre7\bin\jqs.exe
13:46:34.0625 2908 JavaQuickStarterService - ok
13:46:34.0640 2908 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:46:34.0656 2908 Kbdclass - ok
13:46:34.0656 2908 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:46:34.0656 2908 kbdhid - ok
13:46:34.0671 2908 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:46:34.0671 2908 kmixer - ok
13:46:34.0718 2908 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:46:34.0718 2908 KSecDD - ok
13:46:34.0765 2908 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
13:46:34.0765 2908 lanmanserver - ok
13:46:34.0828 2908 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
13:46:34.0828 2908 lanmanworkstation - ok
13:46:34.0875 2908 lbrtfdc - ok
13:46:34.0937 2908 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
13:46:34.0937 2908 LmHosts - ok
13:46:35.0000 2908 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
13:46:35.0000 2908 LVPr2Mon - ok
13:46:35.0062 2908 LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
13:46:35.0078 2908 LVPrcSrv - ok
13:46:35.0125 2908 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys
13:46:35.0140 2908 LVRS - ok
13:46:35.0203 2908 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\WINDOWS\system32\drivers\LVUSBSta.sys
13:46:35.0203 2908 LVUSBSta - ok
13:46:35.0437 2908 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
13:46:35.0656 2908 LVUVC - ok
13:46:35.0687 2908 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
13:46:35.0687 2908 MBAMProtector - ok
13:46:35.0750 2908 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:46:35.0750 2908 MBAMService - ok
13:46:35.0781 2908 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
13:46:35.0781 2908 Messenger - ok
13:46:35.0828 2908 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:46:35.0828 2908 mnmdd - ok
13:46:35.0875 2908 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
13:46:35.0875 2908 mnmsrvc - ok
13:46:35.0890 2908 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
13:46:35.0890 2908 Modem - ok
13:46:35.0953 2908 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
13:46:35.0984 2908 Monfilt - ok
13:46:36.0031 2908 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:46:36.0031 2908 Mouclass - ok
13:46:36.0093 2908 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:46:36.0093 2908 mouhid - ok
13:46:36.0093 2908 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:46:36.0093 2908 MountMgr - ok
13:46:36.0109 2908 mraid35x - ok
13:46:36.0140 2908 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:46:36.0140 2908 MRxDAV - ok
13:46:36.0187 2908 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:46:36.0203 2908 MRxSmb - ok
13:46:36.0234 2908 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
13:46:36.0234 2908 MSDTC - ok
13:46:36.0281 2908 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:46:36.0281 2908 Msfs - ok
13:46:36.0328 2908 MSIServer - ok
13:46:36.0453 2908 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:46:36.0484 2908 MSKSSRV - ok
13:46:36.0656 2908 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:46:36.0671 2908 MSPCLOCK - ok
13:46:36.0703 2908 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:46:36.0703 2908 MSPQM - ok
13:46:36.0718 2908 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:46:36.0718 2908 mssmbios - ok
13:46:36.0750 2908 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
13:46:36.0750 2908 MSTEE - ok
13:46:36.0781 2908 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:46:36.0781 2908 Mup - ok
13:46:36.0812 2908 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:46:36.0812 2908 NABTSFEC - ok
13:46:36.0843 2908 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
13:46:36.0843 2908 napagent - ok
13:46:36.0859 2908 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:46:36.0859 2908 NDIS - ok
13:46:36.0890 2908 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:46:36.0890 2908 NdisIP - ok
13:46:36.0937 2908 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:46:36.0937 2908 NdisTapi - ok
13:46:36.0953 2908 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:46:36.0953 2908 Ndisuio - ok
13:46:36.0968 2908 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:46:36.0968 2908 NdisWan - ok
13:46:37.0000 2908 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:46:37.0000 2908 NDProxy - ok
13:46:37.0046 2908 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
13:46:37.0046 2908 Net Driver HPZ12 - ok
13:46:37.0046 2908 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:46:37.0046 2908 NetBIOS - ok
13:46:37.0093 2908 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:46:37.0109 2908 NetBT - ok
13:46:37.0156 2908 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:46:37.0156 2908 NetDDE - ok
13:46:37.0156 2908 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:46:37.0171 2908 NetDDEdsdm - ok
13:46:37.0203 2908 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:46:37.0203 2908 Netlogon - ok
13:46:37.0218 2908 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
13:46:37.0234 2908 Netman - ok
13:46:37.0328 2908 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:46:37.0343 2908 NetTcpPortSharing - ok
13:46:37.0375 2908 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:46:37.0375 2908 NIC1394 - ok
13:46:37.0390 2908 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
13:46:37.0406 2908 Nla - ok
13:46:37.0406 2908 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:46:37.0406 2908 Npfs - ok
13:46:37.0468 2908 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:46:37.0484 2908 Ntfs - ok
13:46:37.0484 2908 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:46:37.0500 2908 NtLmSsp - ok
13:46:37.0531 2908 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
13:46:37.0531 2908 NtmsSvc - ok
13:46:37.0578 2908 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:46:37.0578 2908 Null - ok
13:46:37.0640 2908 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:46:37.0640 2908 NwlnkFlt - ok
13:46:37.0640 2908 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:46:37.0640 2908 NwlnkFwd - ok
13:46:37.0796 2908 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:46:37.0796 2908 odserv - ok
13:46:37.0812 2908 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:46:37.0812 2908 ohci1394 - ok
13:46:37.0859 2908 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:46:37.0859 2908 ose - ok
13:46:37.0875 2908 PalmUSBD - ok
13:46:37.0921 2908 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
13:46:37.0921 2908 Parport - ok
13:46:37.0937 2908 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:46:37.0937 2908 PartMgr - ok
13:46:37.0968 2908 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
13:46:37.0968 2908 ParVdm - ok
13:46:37.0984 2908 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
13:46:37.0984 2908 PCI - ok
13:46:38.0000 2908 PCIDump - ok
13:46:38.0000 2908 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:46:38.0015 2908 PCIIde - ok
13:46:38.0031 2908 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:46:38.0031 2908 Pcmcia - ok
13:46:38.0031 2908 PDCOMP - ok
13:46:38.0046 2908 PDFRAME - ok
13:46:38.0046 2908 PDRELI - ok
13:46:38.0062 2908 PDRFRAME - ok
13:46:38.0062 2908 perc2 - ok
13:46:38.0078 2908 perc2hib - ok
13:46:38.0140 2908 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:46:38.0140 2908 PlugPlay - ok
13:46:38.0187 2908 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
13:46:38.0203 2908 Pml Driver HPZ12 - ok
13:46:38.0203 2908 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:46:38.0203 2908 PolicyAgent - ok
13:46:38.0265 2908 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:46:38.0265 2908 PptpMiniport - ok
13:46:38.0265 2908 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:46:38.0265 2908 ProtectedStorage - ok
13:46:38.0281 2908 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:46:38.0281 2908 PSched - ok
13:46:38.0312 2908 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:46:38.0312 2908 Ptilink - ok
13:46:38.0343 2908 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:46:38.0359 2908 PxHelp20 - ok
13:46:38.0359 2908 ql1080 - ok
13:46:38.0375 2908 Ql10wnt - ok
13:46:38.0375 2908 ql12160 - ok
13:46:38.0390 2908 ql1240 - ok
13:46:38.0390 2908 ql1280 - ok
13:46:38.0406 2908 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:46:38.0406 2908 RasAcd - ok
13:46:38.0437 2908 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
13:46:38.0437 2908 RasAuto - ok
13:46:38.0468 2908 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:46:38.0468 2908 Rasl2tp - ok
13:46:38.0531 2908 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
13:46:38.0531 2908 RasMan - ok
13:46:38.0531 2908 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:46:38.0546 2908 RasPppoe - ok
13:46:38.0546 2908 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:46:38.0546 2908 Raspti - ok
13:46:38.0593 2908 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:46:38.0593 2908 Rdbss - ok
13:46:38.0593 2908 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:46:38.0593 2908 RDPCDD - ok
13:46:38.0609 2908 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:46:38.0609 2908 rdpdr - ok
13:46:38.0656 2908 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
13:46:38.0671 2908 RDPWD - ok
13:46:38.0687 2908 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
13:46:38.0687 2908 RDSessMgr - ok
13:46:38.0718 2908 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:46:38.0718 2908 redbook - ok
13:46:38.0765 2908 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
13:46:38.0765 2908 RemoteAccess - ok
13:46:38.0796 2908 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
13:46:38.0796 2908 RemoteRegistry - ok
13:46:38.0812 2908 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
13:46:38.0812 2908 RpcLocator - ok
13:46:38.0859 2908 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:46:38.0859 2908 RpcSs - ok
13:46:38.0921 2908 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
13:46:38.0921 2908 RSVP - ok
13:46:38.0921 2908 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:46:38.0921 2908 SamSs - ok
13:46:39.0078 2908 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:46:39.0078 2908 SASDIFSV - ok
13:46:39.0078 2908 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
13:46:39.0078 2908 SASKUTIL - ok
13:46:39.0109 2908 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
13:46:39.0125 2908 SCardSvr - ok
13:46:39.0171 2908 SCDEmu (c23dbd9bfba8b1170706e0896b3cf7da) C:\WINDOWS\system32\drivers\SCDEmu.sys
13:46:39.0171 2908 SCDEmu - ok
13:46:39.0234 2908 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
13:46:39.0234 2908 Schedule - ok
13:46:39.0343 2908 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
13:46:39.0343 2908 SeagateDashboardService - ok
13:46:39.0375 2908 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:46:39.0375 2908 Secdrv - ok
13:46:39.0406 2908 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
13:46:39.0406 2908 seclogon - ok
13:46:39.0421 2908 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
13:46:39.0421 2908 SENS - ok
13:46:39.0437 2908 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
13:46:39.0437 2908 Serial - ok
13:46:39.0500 2908 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:46:39.0500 2908 Sfloppy - ok
13:46:39.0531 2908 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
13:46:39.0531 2908 SharedAccess - ok
13:46:39.0593 2908 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:46:39.0593 2908 ShellHWDetection - ok
13:46:39.0625 2908 Simbad - ok
13:46:39.0671 2908 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:46:39.0671 2908 SLIP - ok
13:46:39.0718 2908 Sony SCSI Helper Service (3bb48f7e33c2b76184ddf233000c09cd) C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
13:46:39.0718 2908 Sony SCSI Helper Service - ok
13:46:39.0718 2908 Sparrow - ok
13:46:39.0750 2908 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:46:39.0765 2908 splitter - ok
13:46:39.0796 2908 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
13:46:39.0796 2908 Spooler - ok
13:46:39.0828 2908 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
13:46:39.0828 2908 sr - ok
13:46:39.0859 2908 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
13:46:39.0875 2908 srservice - ok
13:46:39.0890 2908 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:46:39.0890 2908 Srv - ok
13:46:39.0921 2908 ssadbus (48f44a1be434830b7c90fb730745f65a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
13:46:39.0953 2908 ssadbus - ok
13:46:39.0984 2908 ssadmdfl (9630b486b62cc0adb0a89152ed0218d7) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
13:46:39.0984 2908 ssadmdfl - ok
13:46:40.0015 2908 ssadmdm (9afaa23421622c392b55508fa9613949) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
13:46:40.0015 2908 ssadmdm - ok
13:46:40.0046 2908 ssadserd (1cac71d756ce00ae0681f9028dde874b) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
13:46:40.0046 2908 ssadserd - ok
13:46:40.0062 2908 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
13:46:40.0062 2908 sscdbus - ok
13:46:40.0093 2908 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
13:46:40.0093 2908 sscdmdfl - ok
13:46:40.0140 2908 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
13:46:40.0140 2908 sscdmdm - ok
13:46:40.0171 2908 sscdserd (6c239402a3303c66016f5f915e0e8698) C:\WINDOWS\system32\DRIVERS\sscdserd.sys
13:46:40.0171 2908 sscdserd - ok
13:46:40.0187 2908 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
13:46:40.0203 2908 SSDPSRV - ok
13:46:40.0250 2908 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
13:46:40.0265 2908 stisvc - ok
13:46:40.0312 2908 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:46:40.0312 2908 streamip - ok
13:46:40.0343 2908 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:46:40.0343 2908 swenum - ok
13:46:40.0359 2908 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:46:40.0359 2908 swmidi - ok
13:46:40.0375 2908 SwPrv - ok
13:46:40.0375 2908 symc810 - ok
13:46:40.0390 2908 symc8xx - ok
13:46:40.0406 2908 sym_hi - ok
13:46:40.0406 2908 sym_u3 - ok
13:46:40.0437 2908 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:46:40.0437 2908 sysaudio - ok
13:46:40.0484 2908 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
13:46:40.0484 2908 SysmonLog - ok
13:46:40.0515 2908 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
13:46:40.0515 2908 TapiSrv - ok
13:46:40.0562 2908 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:46:40.0578 2908 Tcpip - ok
13:46:40.0609 2908 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:46:40.0609 2908 TDPIPE - ok
13:46:40.0625 2908 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:46:40.0625 2908 TDTCP - ok
13:46:40.0843 2908 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
13:46:40.0921 2908 TeamViewer7 - ok
13:46:40.0953 2908 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:46:40.0953 2908 TermDD - ok
13:46:40.0984 2908 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
13:46:40.0984 2908 TermService - ok
13:46:41.0046 2908 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:46:41.0046 2908 Themes - ok
13:46:41.0093 2908 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
13:46:41.0093 2908 TlntSvr - ok
13:46:41.0109 2908 TosIde - ok
13:46:41.0156 2908 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
13:46:41.0156 2908 TrkWks - ok
13:46:41.0265 2908 TuneUp.UtilitiesSvc (40234b24fcce742b0b74a38129ec138d) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
13:46:41.0328 2908 TuneUp.UtilitiesSvc - ok
13:46:41.0375 2908 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
13:46:41.0375 2908 TuneUpUtilitiesDrv - ok
13:46:41.0406 2908 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:46:41.0421 2908 Udfs - ok
13:46:41.0421 2908 ultra - ok
13:46:41.0484 2908 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:46:41.0484 2908 Update - ok
13:46:41.0500 2908 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
13:46:41.0515 2908 upnphost - ok
13:46:41.0546 2908 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
13:46:41.0546 2908 UPS - ok
13:46:41.0578 2908 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
13:46:41.0578 2908 usbaudio - ok
13:46:41.0640 2908 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:46:41.0656 2908 usbccgp - ok
13:46:41.0703 2908 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:46:41.0703 2908 usbehci - ok
13:46:41.0703 2908 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:46:41.0718 2908 usbhub - ok
13:46:41.0781 2908 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:46:41.0781 2908 usbprint - ok
13:46:41.0828 2908 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:46:41.0828 2908 usbscan - ok
13:46:41.0843 2908 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:46:41.0843 2908 USBSTOR - ok
13:46:41.0859 2908 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:46:41.0859 2908 usbuhci - ok
13:46:41.0906 2908 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
13:46:41.0921 2908 usbvideo - ok
13:46:41.0937 2908 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
13:46:41.0937 2908 usb_rndisx - ok
13:46:41.0968 2908 UxTuneUp (677a6e9bb5c299b5b566a512d5c17534) C:\WINDOWS\System32\uxtuneup.dll
13:46:41.0968 2908 UxTuneUp - ok
13:46:41.0984 2908 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:46:41.0984 2908 VgaSave - ok
13:46:42.0000 2908 ViaIde - ok
13:46:42.0046 2908 VNUSB (ae01e1ed5a81e0d268b91b4a6de5a872) C:\WINDOWS\system32\DRIVERS\VNUSB.sys
13:46:42.0062 2908 VNUSB - ok
13:46:42.0093 2908 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
13:46:42.0093 2908 VolSnap - ok
13:46:42.0140 2908 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
13:46:42.0140 2908 VSS - ok
13:46:42.0312 2908 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
13:46:42.0328 2908 vToolbarUpdater10.2.0 - ok
13:46:42.0375 2908 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
13:46:42.0375 2908 W32Time - ok
13:46:42.0406 2908 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:46:42.0406 2908 Wanarp - ok
13:46:42.0453 2908 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
13:46:42.0453 2908 wceusbsh - ok
13:46:42.0484 2908 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
13:46:42.0500 2908 Wdf01000 - ok
13:46:42.0515 2908 WDICA - ok
13:46:42.0546 2908 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:46:42.0546 2908 wdmaud - ok
13:46:42.0593 2908 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
13:46:42.0593 2908 WebClient - ok
13:46:42.0703 2908 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:46:42.0703 2908 winmgmt - ok
13:46:42.0765 2908 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
13:46:42.0765 2908 WinUSB - ok
13:46:42.0796 2908 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
13:46:42.0796 2908 WmdmPmSN - ok
13:46:42.0843 2908 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
13:46:42.0859 2908 Wmi - ok
13:46:42.0906 2908 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:46:42.0921 2908 WmiApSrv - ok
13:46:43.0046 2908 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
13:46:43.0078 2908 WMPNetworkSvc - ok
13:46:43.0140 2908 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
13:46:43.0140 2908 wscsvc - ok
13:46:43.0140 2908 WSearch - ok
13:46:43.0203 2908 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:46:43.0203 2908 WSTCODEC - ok
13:46:43.0234 2908 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
13:46:43.0234 2908 wuauserv - ok
13:46:43.0296 2908 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:46:43.0296 2908 WudfPf - ok
13:46:43.0312 2908 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:46:43.0312 2908 WudfRd - ok
13:46:43.0343 2908 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
13:46:43.0359 2908 WudfSvc - ok
13:46:43.0406 2908 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
13:46:43.0421 2908 WZCSVC - ok
13:46:43.0468 2908 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
13:46:43.0468 2908 xmlprov - ok
13:46:43.0500 2908 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
13:46:44.0015 2908 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
13:46:44.0015 2908 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
13:46:44.0015 2908 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
13:46:44.0031 2908 \Device\Harddisk1\DR3 - ok
13:46:44.0031 2908 Boot (0x1200) (5cdab5eb157f0a681515ca93bf0175da) \Device\Harddisk0\DR0\Partition0
13:46:44.0031 2908 \Device\Harddisk0\DR0\Partition0 - ok
13:46:44.0031 2908 Boot (0x1200) (86fa015f297857cb252d3caa1dd4b83b) \Device\Harddisk1\DR3\Partition0
13:46:44.0031 2908 \Device\Harddisk1\DR3\Partition0 - ok
13:46:44.0031 2908 ============================================================
13:46:44.0031 2908 Scan finished
13:46:44.0031 2908 ============================================================
13:46:44.0046 2516 Detected object count: 1
13:46:44.0046 2516 Actual detected object count: 1
13:47:01.0656 2516 \Device\Harddisk0\DR0\# - copied to quarantine
13:47:01.0656 2516 \Device\Harddisk0\DR0 - copied to quarantine
13:47:01.0656 2516 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Quarantine
13:47:11.0062 4176 Deinitialize success

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:21 AM

Posted 22 April 2012 - 09:59 AM

Hi artharpster,

1

Please rerun TDSSkiller, and post the log in your next reply.

2

Please click HERE to download Kaspersky Virus Removal Tool (click on the Download link for Version 11).
NOTE. This is quite large file, so be patient.

  • Double click on the file you just downloaded and let it install.
  • It will install to your desktop (be patient; it may take a while).
  • Accept license agreement and click "Start" button.
  • Click on Settings button Posted Image
    • In Scan scope leave pre-checked items as they're and also checkmark My Computer
    • In Actions checkmark Select action: (disinfect; delete if disinfection fails) instead of preselected Prompt on detection
  • Click on Automatic Scan tab and then click on Start scanning button.
  • Before it is done it may prompt for action regardless of the setting so choose delete if prompted.
  • When the scan is done NO log will be produced.
  • Click on Report button Posted Image then on Automatic Scan report tab.
  • Right click anywhere within right pane, click Select All then right click again and click Copy.
  • This will copy the items that it found to the clipboard you can then open notepad (go to start then run then type in notepad) and choose paste to paste the contents into Notepad.
  • You can save this on the desktop.
  • Post the contents of the document in your next reply.

3

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

4

How is your computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 22 April 2012 - 07:38 PM

Thanks for the reply.

The tool, Kaspersky Virus Removal Tool, produced the 'Blue Screen'. I downloaded 3x and same thing. The error report said that the file 0463896drv.sys was responsible for the dump.

The TDSSKIller log:

12:25:13.0625 4588 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
12:25:13.0984 4588 ============================================================
12:25:13.0984 4588 Current date / time: 2012/04/22 12:25:13.0984
12:25:13.0984 4588 SystemInfo:
12:25:13.0984 4588
12:25:13.0984 4588 OS Version: 5.1.2600 ServicePack: 3.0
12:25:13.0984 4588 Product type: Workstation
12:25:13.0984 4588 ComputerName: SUPERNAT-F2B3B3
12:25:13.0984 4588 UserName: Randy
12:25:13.0984 4588 Windows directory: C:\WINDOWS
12:25:13.0984 4588 System windows directory: C:\WINDOWS
12:25:13.0984 4588 Processor architecture: Intel x86
12:25:13.0984 4588 Number of processors: 2
12:25:13.0984 4588 Page size: 0x1000
12:25:13.0984 4588 Boot type: Normal boot
12:25:13.0984 4588 ============================================================
12:25:15.0843 4588 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:25:15.0843 4588 Drive \Device\Harddisk1\DR3 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:25:15.0843 4588 \Device\Harddisk0\DR0:
12:25:15.0859 4588 MBR partitions:
12:25:15.0859 4588 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x25411F7A
12:25:15.0859 4588 \Device\Harddisk1\DR3:
12:25:15.0859 4588 MBR partitions:
12:25:15.0859 4588 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
12:25:15.0921 4588 C: <-> \Device\Harddisk0\DR0\Partition0
12:25:15.0984 4588 F: <-> \Device\Harddisk1\DR3\Partition0
12:25:15.0984 4588 Initialize success
12:25:15.0984 4588 ============================================================
12:25:17.0312 4772 ============================================================
12:25:17.0312 4772 Scan started
12:25:17.0312 4772 Mode: Manual;
12:25:17.0312 4772 ============================================================
12:25:18.0156 4772 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
12:25:18.0156 4772 !SASCORE - ok
12:25:18.0312 4772 51237219 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\51237219.sys
12:25:18.0312 4772 51237219 - ok
12:25:18.0359 4772 77078791 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\77078791.sys
12:25:18.0359 4772 77078791 - ok
12:25:18.0375 4772 Abiosdsk - ok
12:25:18.0375 4772 abp480n5 - ok
12:25:18.0421 4772 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:25:18.0421 4772 ACPI - ok
12:25:18.0484 4772 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:25:18.0484 4772 ACPIEC - ok
12:25:18.0562 4772 AdobeActiveFileMonitor10.0 (c245e08ec469a52a622efdc9787a0dcc) C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
12:25:18.0562 4772 AdobeActiveFileMonitor10.0 - ok
12:25:18.0656 4772 AdobeActiveFileMonitor9.0 (c004f38974f4d321b4c20a240e1175c0) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
12:25:18.0656 4772 AdobeActiveFileMonitor9.0 - ok
12:25:18.0781 4772 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:25:18.0781 4772 AdobeFlashPlayerUpdateSvc - ok
12:25:18.0796 4772 adpu160m - ok
12:25:18.0843 4772 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:25:18.0843 4772 aec - ok
12:25:18.0906 4772 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:25:18.0921 4772 AFD - ok
12:25:18.0921 4772 Aha154x - ok
12:25:18.0937 4772 aic78u2 - ok
12:25:18.0937 4772 aic78xx - ok
12:25:18.0984 4772 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:25:18.0984 4772 Alerter - ok
12:25:19.0015 4772 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:25:19.0015 4772 ALG - ok
12:25:19.0031 4772 AliIde - ok
12:25:19.0109 4772 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
12:25:19.0156 4772 Ambfilt - ok
12:25:19.0156 4772 amsint - ok
12:25:19.0203 4772 AnyDVD (133b7b6d6a3ec9e46fbe742ee1516c37) C:\WINDOWS\system32\Drivers\AnyDVD.sys
12:25:19.0218 4772 AnyDVD - ok
12:25:19.0296 4772 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:25:19.0296 4772 Apple Mobile Device - ok
12:25:19.0328 4772 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
12:25:19.0328 4772 AppMgmt - ok
12:25:19.0359 4772 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:25:19.0359 4772 Arp1394 - ok
12:25:19.0375 4772 asc - ok
12:25:19.0375 4772 asc3350p - ok
12:25:19.0390 4772 asc3550 - ok
12:25:19.0484 4772 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:25:19.0484 4772 aspnet_state - ok
12:25:19.0500 4772 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:25:19.0500 4772 AsyncMac - ok
12:25:19.0562 4772 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:25:19.0562 4772 atapi - ok
12:25:19.0562 4772 Atdisk - ok
12:25:19.0609 4772 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:25:19.0609 4772 Atmarpc - ok
12:25:19.0640 4772 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:25:19.0640 4772 AudioSrv - ok
12:25:19.0703 4772 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:25:19.0703 4772 audstub - ok
12:25:19.0765 4772 Avgfwdx (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
12:25:19.0765 4772 Avgfwdx - ok
12:25:19.0765 4772 Avgfwfd (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
12:25:19.0765 4772 Avgfwfd - ok
12:25:19.0953 4772 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files\AVG\AVG2012\avgfws.exe
12:25:20.0015 4772 avgfws - ok
12:25:20.0187 4772 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
12:25:20.0218 4772 AVGIDSAgent - ok
12:25:20.0281 4772 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
12:25:20.0281 4772 AVGIDSDriver - ok
12:25:20.0312 4772 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
12:25:20.0312 4772 AVGIDSEH - ok
12:25:20.0343 4772 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
12:25:20.0343 4772 AVGIDSFilter - ok
12:25:20.0406 4772 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
12:25:20.0406 4772 AVGIDSShim - ok
12:25:20.0468 4772 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
12:25:20.0484 4772 Avgldx86 - ok
12:25:20.0484 4772 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
12:25:20.0484 4772 Avgmfx86 - ok
12:25:20.0531 4772 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
12:25:20.0531 4772 Avgrkx86 - ok
12:25:20.0593 4772 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
12:25:20.0593 4772 Avgtdix - ok
12:25:20.0859 4772 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
12:25:20.0859 4772 avgwd - ok
12:25:20.0906 4772 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:25:20.0906 4772 Beep - ok
12:25:21.0125 4772 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:25:21.0187 4772 BITS - ok
12:25:21.0281 4772 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
12:25:21.0281 4772 Bonjour Service - ok
12:25:21.0343 4772 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:25:21.0343 4772 Browser - ok
12:25:21.0375 4772 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:25:21.0375 4772 cbidf2k - ok
12:25:21.0406 4772 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:25:21.0406 4772 CCDECODE - ok
12:25:21.0421 4772 cd20xrnt - ok
12:25:21.0453 4772 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:25:21.0453 4772 Cdaudio - ok
12:25:21.0500 4772 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:25:21.0500 4772 Cdfs - ok
12:25:21.0531 4772 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:25:21.0531 4772 Cdrom - ok
12:25:21.0593 4772 Cepstral License Server (e0d1a86936ae67a266a88ea84b1b5d79) C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
12:25:21.0593 4772 Cepstral License Server - ok
12:25:21.0640 4772 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
12:25:21.0640 4772 cercsr6 - ok
12:25:21.0640 4772 Changer - ok
12:25:21.0703 4772 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
12:25:21.0703 4772 CiSvc - ok
12:25:21.0734 4772 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
12:25:21.0734 4772 ClipSrv - ok
12:25:21.0843 4772 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:25:21.0859 4772 clr_optimization_v2.0.50727_32 - ok
12:25:21.0859 4772 CmdIde - ok
12:25:21.0875 4772 COMSysApp - ok
12:25:21.0875 4772 Cpqarray - ok
12:25:21.0906 4772 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
12:25:21.0906 4772 CryptSvc - ok
12:25:21.0906 4772 dac2w2k - ok
12:25:21.0921 4772 dac960nt - ok
12:25:22.0000 4772 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:25:22.0000 4772 DcomLaunch - ok
12:25:22.0062 4772 Delete Duplicate Files Scan on Schedule Service (953bfa65032b6b6eec5d82612b872fb7) C:\Program Files\Delete Duplicate Files\DDFS.exe
12:25:22.0062 4772 Delete Duplicate Files Scan on Schedule Service - ok
12:25:22.0093 4772 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
12:25:22.0093 4772 Dhcp - ok
12:25:22.0093 4772 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:25:22.0093 4772 Disk - ok
12:25:22.0109 4772 dmadmin - ok
12:25:22.0156 4772 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:25:22.0156 4772 dmboot - ok
12:25:22.0187 4772 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:25:22.0187 4772 dmio - ok
12:25:22.0203 4772 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:25:22.0203 4772 dmload - ok
12:25:22.0203 4772 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
12:25:22.0203 4772 dmserver - ok
12:25:22.0265 4772 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:25:22.0265 4772 DMusic - ok
12:25:22.0328 4772 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
12:25:22.0328 4772 Dnscache - ok
12:25:22.0375 4772 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
12:25:22.0390 4772 Dot3svc - ok
12:25:22.0390 4772 dpti2o - ok
12:25:22.0406 4772 DragonSvc (fbb015880ad6b8366e0d061ea42cc091) C:\Program Files\Common Files\Nuance\dgnsvc.exe
12:25:22.0421 4772 DragonSvc - ok
12:25:22.0421 4772 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:25:22.0421 4772 drmkaud - ok
12:25:22.0468 4772 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:25:22.0484 4772 e1express - ok
12:25:22.0531 4772 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
12:25:22.0531 4772 EapHost - ok
12:25:22.0593 4772 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
12:25:22.0593 4772 ElbyCDIO - ok
12:25:22.0625 4772 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
12:25:22.0625 4772 ERSvc - ok
12:25:22.0718 4772 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:25:22.0718 4772 Eventlog - ok
12:25:22.0781 4772 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
12:25:22.0796 4772 EventSystem - ok
12:25:22.0859 4772 Fabs - ok
12:25:22.0890 4772 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:25:22.0890 4772 Fastfat - ok
12:25:22.0937 4772 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:25:22.0953 4772 FastUserSwitchingCompatibility - ok
12:25:22.0953 4772 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:25:22.0953 4772 Fdc - ok
12:25:23.0015 4772 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
12:25:23.0015 4772 FilterService - ok
12:25:23.0031 4772 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:25:23.0031 4772 Fips - ok
12:25:23.0140 4772 FirebirdServerMAGIXInstance (5bd96d8c5411ace71a7eaacaf0ef2903) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
12:25:23.0187 4772 FirebirdServerMAGIXInstance - ok
12:25:23.0218 4772 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:25:23.0218 4772 Flpydisk - ok
12:25:23.0281 4772 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:25:23.0281 4772 FltMgr - ok
12:25:23.0406 4772 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:25:23.0406 4772 FontCache3.0.0.0 - ok
12:25:23.0406 4772 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:25:23.0421 4772 Fs_Rec - ok
12:25:23.0468 4772 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:25:23.0468 4772 Ftdisk - ok
12:25:23.0531 4772 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:25:23.0531 4772 GEARAspiWDM - ok
12:25:23.0546 4772 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:25:23.0546 4772 Gpc - ok
12:25:23.0656 4772 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:25:23.0656 4772 gupdate - ok
12:25:23.0656 4772 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:25:23.0656 4772 gupdatem - ok
12:25:23.0718 4772 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:25:23.0718 4772 gusvc - ok
12:25:23.0734 4772 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:25:23.0734 4772 HDAudBus - ok
12:25:23.0796 4772 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:25:23.0796 4772 helpsvc - ok
12:25:23.0828 4772 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
12:25:23.0828 4772 HidServ - ok
12:25:23.0859 4772 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:25:23.0859 4772 hidusb - ok
12:25:23.0937 4772 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
12:25:23.0937 4772 hkmsvc - ok
12:25:23.0937 4772 hpn - ok
12:25:24.0046 4772 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
12:25:24.0046 4772 hpqcxs08 - ok
12:25:24.0109 4772 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
12:25:24.0125 4772 hpqddsvc - ok
12:25:24.0140 4772 HPSLPSVC (a04f4ac48895774a2cf9d1c9eaaacef0) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
12:25:24.0156 4772 HPSLPSVC - ok
12:25:24.0218 4772 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:25:24.0218 4772 HPZid412 - ok
12:25:24.0281 4772 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:25:24.0281 4772 HPZipr12 - ok
12:25:24.0343 4772 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:25:24.0343 4772 HPZius12 - ok
12:25:24.0421 4772 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:25:24.0421 4772 HTTP - ok
12:25:24.0484 4772 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
12:25:24.0484 4772 HTTPFilter - ok
12:25:24.0484 4772 i2omgmt - ok
12:25:24.0500 4772 i2omp - ok
12:25:24.0593 4772 ialm (c5db546f9028cd00e64335091860d8f3) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:25:24.0609 4772 ialm - ok
12:25:24.0671 4772 IDMTDI (eb5a63adbf35314465cfbc33558cdaf7) C:\WINDOWS\system32\DRIVERS\idmtdi.sys
12:25:24.0671 4772 IDMTDI - ok
12:25:24.0734 4772 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:25:24.0734 4772 IDriverT - ok
12:25:24.0812 4772 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:25:24.0843 4772 idsvc - ok
12:25:24.0890 4772 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:25:24.0890 4772 Imapi - ok
12:25:24.0953 4772 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
12:25:24.0953 4772 ImapiService - ok
12:25:24.0968 4772 ini910u - ok
12:25:25.0140 4772 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:25:25.0171 4772 IntcAzAudAddService - ok
12:25:25.0171 4772 IntelIde - ok
12:25:25.0234 4772 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:25:25.0234 4772 intelppm - ok
12:25:25.0281 4772 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:25:25.0281 4772 Ip6Fw - ok
12:25:25.0312 4772 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:25:25.0312 4772 IpFilterDriver - ok
12:25:25.0343 4772 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:25:25.0343 4772 IpInIp - ok
12:25:25.0390 4772 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:25:25.0390 4772 IpNat - ok
12:25:25.0468 4772 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
12:25:25.0484 4772 iPod Service - ok
12:25:25.0500 4772 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:25:25.0500 4772 IPSec - ok
12:25:25.0515 4772 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:25:25.0515 4772 IRENUM - ok
12:25:25.0562 4772 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:25:25.0562 4772 isapnp - ok
12:25:25.0750 4772 JavaQuickStarterService (92e16f5d034e7864da308ba6309a98b7) C:\Program Files\Java\jre7\bin\jqs.exe
12:25:25.0750 4772 JavaQuickStarterService - ok
12:25:25.0765 4772 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:25:25.0765 4772 Kbdclass - ok
12:25:25.0781 4772 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:25:25.0781 4772 kbdhid - ok
12:25:25.0828 4772 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:25:25.0828 4772 kmixer - ok
12:25:25.0859 4772 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:25:25.0859 4772 KSecDD - ok
12:25:25.0906 4772 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
12:25:25.0906 4772 lanmanserver - ok
12:25:25.0968 4772 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
12:25:25.0968 4772 lanmanworkstation - ok
12:25:25.0968 4772 lbrtfdc - ok
12:25:26.0031 4772 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
12:25:26.0031 4772 LmHosts - ok
12:25:26.0093 4772 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
12:25:26.0093 4772 LVPr2Mon - ok
12:25:26.0218 4772 LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
12:25:26.0218 4772 LVPrcSrv - ok
12:25:26.0281 4772 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys
12:25:26.0296 4772 LVRS - ok
12:25:26.0359 4772 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\WINDOWS\system32\drivers\LVUSBSta.sys
12:25:26.0359 4772 LVUSBSta - ok
12:25:26.0593 4772 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
12:25:26.0640 4772 LVUVC - ok
12:25:26.0687 4772 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
12:25:26.0687 4772 MBAMProtector - ok
12:25:26.0734 4772 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:25:26.0750 4772 MBAMService - ok
12:25:26.0781 4772 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
12:25:26.0781 4772 Messenger - ok
12:25:26.0796 4772 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:25:26.0796 4772 mnmdd - ok
12:25:26.0828 4772 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
12:25:26.0828 4772 mnmsrvc - ok
12:25:26.0843 4772 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:25:26.0843 4772 Modem - ok
12:25:26.0906 4772 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
12:25:26.0921 4772 Monfilt - ok
12:25:26.0953 4772 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:25:26.0953 4772 Mouclass - ok
12:25:27.0000 4772 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:25:27.0000 4772 mouhid - ok
12:25:27.0015 4772 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:25:27.0015 4772 MountMgr - ok
12:25:27.0015 4772 mraid35x - ok
12:25:27.0062 4772 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:25:27.0062 4772 MRxDAV - ok
12:25:27.0125 4772 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:25:27.0125 4772 MRxSmb - ok
12:25:27.0156 4772 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
12:25:27.0156 4772 MSDTC - ok
12:25:27.0156 4772 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:25:27.0171 4772 Msfs - ok
12:25:27.0171 4772 MSIServer - ok
12:25:27.0187 4772 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:25:27.0187 4772 MSKSSRV - ok
12:25:27.0203 4772 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:25:27.0203 4772 MSPCLOCK - ok
12:25:27.0218 4772 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:25:27.0218 4772 MSPQM - ok
12:25:27.0234 4772 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:25:27.0234 4772 mssmbios - ok
12:25:27.0265 4772 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:25:27.0265 4772 MSTEE - ok
12:25:27.0281 4772 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:25:27.0281 4772 Mup - ok
12:25:27.0312 4772 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:25:27.0312 4772 NABTSFEC - ok
12:25:27.0343 4772 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
12:25:27.0359 4772 napagent - ok
12:25:27.0359 4772 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:25:27.0375 4772 NDIS - ok
12:25:27.0390 4772 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:25:27.0390 4772 NdisIP - ok
12:25:27.0437 4772 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:25:27.0437 4772 NdisTapi - ok
12:25:27.0453 4772 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:25:27.0453 4772 Ndisuio - ok
12:25:27.0468 4772 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:25:27.0468 4772 NdisWan - ok
12:25:27.0531 4772 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:25:27.0531 4772 NDProxy - ok
12:25:27.0578 4772 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
12:25:27.0593 4772 Net Driver HPZ12 - ok
12:25:27.0593 4772 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:25:27.0593 4772 NetBIOS - ok
12:25:27.0609 4772 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:25:27.0609 4772 NetBT - ok
12:25:27.0671 4772 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:25:27.0671 4772 NetDDE - ok
12:25:27.0671 4772 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:25:27.0687 4772 NetDDEdsdm - ok
12:25:27.0718 4772 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:25:27.0734 4772 Netlogon - ok
12:25:27.0750 4772 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
12:25:27.0750 4772 Netman - ok
12:25:27.0828 4772 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:25:27.0828 4772 NetTcpPortSharing - ok
12:25:27.0859 4772 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:25:27.0859 4772 NIC1394 - ok
12:25:27.0937 4772 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
12:25:27.0937 4772 Nla - ok
12:25:27.0937 4772 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:25:27.0937 4772 Npfs - ok
12:25:28.0000 4772 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:25:28.0000 4772 Ntfs - ok
12:25:28.0000 4772 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:25:28.0015 4772 NtLmSsp - ok
12:25:28.0046 4772 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
12:25:28.0046 4772 NtmsSvc - ok
12:25:28.0093 4772 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:25:28.0093 4772 Null - ok
12:25:28.0140 4772 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:25:28.0140 4772 NwlnkFlt - ok
12:25:28.0140 4772 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:25:28.0140 4772 NwlnkFwd - ok
12:25:28.0281 4772 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:25:28.0296 4772 odserv - ok
12:25:28.0296 4772 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:25:28.0312 4772 ohci1394 - ok
12:25:28.0343 4772 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:25:28.0343 4772 ose - ok
12:25:28.0359 4772 PalmUSBD - ok
12:25:28.0390 4772 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
12:25:28.0390 4772 Parport - ok
12:25:28.0406 4772 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:25:28.0406 4772 PartMgr - ok
12:25:28.0437 4772 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:25:28.0437 4772 ParVdm - ok
12:25:28.0453 4772 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:25:28.0453 4772 PCI - ok
12:25:28.0468 4772 PCIDump - ok
12:25:28.0468 4772 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:25:28.0468 4772 PCIIde - ok
12:25:28.0484 4772 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:25:28.0484 4772 Pcmcia - ok
12:25:28.0500 4772 PDCOMP - ok
12:25:28.0500 4772 PDFRAME - ok
12:25:28.0515 4772 PDRELI - ok
12:25:28.0531 4772 PDRFRAME - ok
12:25:28.0531 4772 perc2 - ok
12:25:28.0546 4772 perc2hib - ok
12:25:28.0593 4772 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:25:28.0593 4772 PlugPlay - ok
12:25:28.0656 4772 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
12:25:28.0656 4772 Pml Driver HPZ12 - ok
12:25:28.0671 4772 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:25:28.0671 4772 PolicyAgent - ok
12:25:28.0718 4772 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:25:28.0718 4772 PptpMiniport - ok
12:25:28.0734 4772 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:25:28.0734 4772 ProtectedStorage - ok
12:25:28.0734 4772 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:25:28.0750 4772 PSched - ok
12:25:28.0750 4772 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:25:28.0750 4772 Ptilink - ok
12:25:28.0781 4772 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:25:28.0781 4772 PxHelp20 - ok
12:25:28.0796 4772 ql1080 - ok
12:25:28.0796 4772 Ql10wnt - ok
12:25:28.0812 4772 ql12160 - ok
12:25:28.0812 4772 ql1240 - ok
12:25:28.0828 4772 ql1280 - ok
12:25:28.0828 4772 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:25:28.0828 4772 RasAcd - ok
12:25:28.0859 4772 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
12:25:28.0859 4772 RasAuto - ok
12:25:28.0890 4772 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:25:28.0890 4772 Rasl2tp - ok
12:25:28.0906 4772 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
12:25:28.0921 4772 RasMan - ok
12:25:28.0921 4772 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:25:28.0921 4772 RasPppoe - ok
12:25:28.0937 4772 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:25:28.0937 4772 Raspti - ok
12:25:28.0953 4772 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:25:28.0953 4772 Rdbss - ok
12:25:28.0968 4772 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:25:28.0968 4772 RDPCDD - ok
12:25:28.0984 4772 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:25:28.0984 4772 rdpdr - ok
12:25:29.0031 4772 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
12:25:29.0031 4772 RDPWD - ok
12:25:29.0046 4772 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
12:25:29.0062 4772 RDSessMgr - ok
12:25:29.0093 4772 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:25:29.0093 4772 redbook - ok
12:25:29.0125 4772 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
12:25:29.0125 4772 RemoteAccess - ok
12:25:29.0156 4772 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
12:25:29.0156 4772 RemoteRegistry - ok
12:25:29.0171 4772 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
12:25:29.0171 4772 RpcLocator - ok
12:25:29.0218 4772 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:25:29.0218 4772 RpcSs - ok
12:25:29.0265 4772 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:25:29.0265 4772 RSVP - ok
12:25:29.0281 4772 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:25:29.0281 4772 SamSs - ok
12:25:29.0421 4772 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
12:25:29.0421 4772 SASDIFSV - ok
12:25:29.0421 4772 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
12:25:29.0421 4772 SASKUTIL - ok
12:25:29.0468 4772 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
12:25:29.0468 4772 SCardSvr - ok
12:25:29.0500 4772 SCDEmu (c23dbd9bfba8b1170706e0896b3cf7da) C:\WINDOWS\system32\drivers\SCDEmu.sys
12:25:29.0500 4772 SCDEmu - ok
12:25:29.0531 4772 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
12:25:29.0546 4772 Schedule - ok
12:25:29.0656 4772 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
12:25:29.0671 4772 SeagateDashboardService - ok
12:25:29.0703 4772 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:25:29.0703 4772 Secdrv - ok
12:25:29.0734 4772 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
12:25:29.0734 4772 seclogon - ok
12:25:29.0750 4772 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
12:25:29.0750 4772 SENS - ok
12:25:29.0796 4772 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
12:25:29.0796 4772 Serial - ok
12:25:29.0812 4772 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:25:29.0812 4772 Sfloppy - ok
12:25:29.0875 4772 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
12:25:29.0890 4772 SharedAccess - ok
12:25:29.0953 4772 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:25:29.0953 4772 ShellHWDetection - ok
12:25:29.0953 4772 Simbad - ok
12:25:30.0015 4772 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:25:30.0015 4772 SLIP - ok
12:25:30.0109 4772 Sony SCSI Helper Service (3bb48f7e33c2b76184ddf233000c09cd) C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
12:25:30.0109 4772 Sony SCSI Helper Service - ok
12:25:30.0125 4772 Sparrow - ok
12:25:30.0140 4772 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:25:30.0140 4772 splitter - ok
12:25:30.0187 4772 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:25:30.0187 4772 Spooler - ok
12:25:30.0218 4772 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:25:30.0218 4772 sr - ok
12:25:30.0234 4772 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
12:25:30.0234 4772 srservice - ok
12:25:30.0265 4772 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:25:30.0281 4772 Srv - ok
12:25:30.0312 4772 ssadbus (48f44a1be434830b7c90fb730745f65a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
12:25:30.0312 4772 ssadbus - ok
12:25:30.0328 4772 ssadmdfl (9630b486b62cc0adb0a89152ed0218d7) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
12:25:30.0328 4772 ssadmdfl - ok
12:25:30.0359 4772 ssadmdm (9afaa23421622c392b55508fa9613949) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
12:25:30.0359 4772 ssadmdm - ok
12:25:30.0375 4772 ssadserd (1cac71d756ce00ae0681f9028dde874b) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
12:25:30.0375 4772 ssadserd - ok
12:25:30.0406 4772 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
12:25:30.0406 4772 sscdbus - ok
12:25:30.0437 4772 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
12:25:30.0437 4772 sscdmdfl - ok
12:25:30.0468 4772 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
12:25:30.0468 4772 sscdmdm - ok
12:25:30.0484 4772 sscdserd (6c239402a3303c66016f5f915e0e8698) C:\WINDOWS\system32\DRIVERS\sscdserd.sys
12:25:30.0484 4772 sscdserd - ok
12:25:30.0515 4772 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
12:25:30.0515 4772 SSDPSRV - ok
12:25:30.0562 4772 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
12:25:30.0562 4772 stisvc - ok
12:25:30.0609 4772 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:25:30.0609 4772 streamip - ok
12:25:30.0640 4772 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:25:30.0640 4772 swenum - ok
12:25:30.0656 4772 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:25:30.0656 4772 swmidi - ok
12:25:30.0671 4772 SwPrv - ok
12:25:30.0671 4772 symc810 - ok
12:25:30.0687 4772 symc8xx - ok
12:25:30.0703 4772 sym_hi - ok
12:25:30.0703 4772 sym_u3 - ok
12:25:30.0734 4772 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:25:30.0734 4772 sysaudio - ok
12:25:30.0765 4772 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
12:25:30.0765 4772 SysmonLog - ok
12:25:30.0796 4772 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
12:25:30.0812 4772 TapiSrv - ok
12:25:30.0828 4772 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:25:30.0828 4772 Tcpip - ok
12:25:30.0875 4772 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:25:30.0875 4772 TDPIPE - ok
12:25:30.0890 4772 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:25:30.0890 4772 TDTCP - ok
12:25:30.0921 4772 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:25:30.0921 4772 TermDD - ok
12:25:30.0953 4772 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
12:25:30.0953 4772 TermService - ok
12:25:31.0015 4772 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:25:31.0015 4772 Themes - ok
12:25:31.0062 4772 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
12:25:31.0062 4772 TlntSvr - ok
12:25:31.0062 4772 TosIde - ok
12:25:31.0125 4772 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
12:25:31.0125 4772 TrkWks - ok
12:25:31.0328 4772 TuneUp.UtilitiesSvc (40234b24fcce742b0b74a38129ec138d) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
12:25:31.0343 4772 TuneUp.UtilitiesSvc - ok
12:25:31.0375 4772 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
12:25:31.0375 4772 TuneUpUtilitiesDrv - ok
12:25:31.0421 4772 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:25:31.0421 4772 Udfs - ok
12:25:31.0421 4772 ultra - ok
12:25:31.0437 4772 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:25:31.0437 4772 Update - ok
12:25:31.0468 4772 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
12:25:31.0484 4772 upnphost - ok
12:25:31.0515 4772 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
12:25:31.0515 4772 UPS - ok
12:25:31.0546 4772 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:25:31.0546 4772 usbaudio - ok
12:25:31.0609 4772 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:25:31.0609 4772 usbccgp - ok
12:25:31.0625 4772 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:25:31.0625 4772 usbehci - ok
12:25:31.0640 4772 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:25:31.0640 4772 usbhub - ok
12:25:31.0718 4772 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:25:31.0734 4772 usbprint - ok
12:25:31.0781 4772 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:25:31.0781 4772 usbscan - ok
12:25:31.0796 4772 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:25:31.0796 4772 USBSTOR - ok
12:25:31.0812 4772 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:25:31.0812 4772 usbuhci - ok
12:25:31.0859 4772 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
12:25:31.0859 4772 usbvideo - ok
12:25:31.0875 4772 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
12:25:31.0875 4772 usb_rndisx - ok
12:25:31.0921 4772 UxTuneUp (677a6e9bb5c299b5b566a512d5c17534) C:\WINDOWS\System32\uxtuneup.dll
12:25:31.0921 4772 UxTuneUp - ok
12:25:31.0937 4772 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:25:31.0937 4772 VgaSave - ok
12:25:31.0937 4772 ViaIde - ok
12:25:31.0984 4772 VNUSB (ae01e1ed5a81e0d268b91b4a6de5a872) C:\WINDOWS\system32\DRIVERS\VNUSB.sys
12:25:31.0984 4772 VNUSB - ok
12:25:32.0046 4772 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:25:32.0046 4772 VolSnap - ok
12:25:32.0078 4772 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
12:25:32.0078 4772 VSS - ok
12:25:32.0296 4772 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
12:25:32.0312 4772 vToolbarUpdater10.2.0 - ok
12:25:32.0375 4772 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
12:25:32.0375 4772 W32Time - ok
12:25:32.0390 4772 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:25:32.0390 4772 Wanarp - ok
12:25:32.0437 4772 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
12:25:32.0437 4772 wceusbsh - ok
12:25:32.0500 4772 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
12:25:32.0500 4772 Wdf01000 - ok
12:25:32.0500 4772 WDICA - ok
12:25:32.0531 4772 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:25:32.0531 4772 wdmaud - ok
12:25:32.0578 4772 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
12:25:32.0578 4772 WebClient - ok
12:25:32.0671 4772 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:25:32.0671 4772 winmgmt - ok
12:25:32.0718 4772 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
12:25:32.0734 4772 WinUSB - ok
12:25:32.0765 4772 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:25:32.0765 4772 WmdmPmSN - ok
12:25:32.0828 4772 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
12:25:32.0828 4772 Wmi - ok
12:25:32.0859 4772 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:25:32.0859 4772 WmiApSrv - ok
12:25:32.0937 4772 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:25:32.0968 4772 WMPNetworkSvc - ok
12:25:33.0062 4772 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
12:25:33.0062 4772 wscsvc - ok
12:25:33.0062 4772 WSearch - ok
12:25:33.0109 4772 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:25:33.0109 4772 WSTCODEC - ok
12:25:33.0156 4772 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
12:25:33.0171 4772 wuauserv - ok
12:25:33.0218 4772 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:25:33.0218 4772 WudfPf - ok
12:25:33.0234 4772 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:25:33.0234 4772 WudfRd - ok
12:25:33.0281 4772 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:25:33.0281 4772 WudfSvc - ok
12:25:33.0343 4772 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
12:25:33.0343 4772 WZCSVC - ok
12:25:33.0390 4772 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
12:25:33.0390 4772 xmlprov - ok
12:25:33.0421 4772 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:25:33.0640 4772 \Device\Harddisk0\DR0 - ok
12:25:33.0656 4772 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
12:25:33.0656 4772 \Device\Harddisk1\DR3 - ok
12:25:33.0656 4772 Boot (0x1200) (5cdab5eb157f0a681515ca93bf0175da) \Device\Harddisk0\DR0\Partition0
12:25:33.0656 4772 \Device\Harddisk0\DR0\Partition0 - ok
12:25:33.0656 4772 Boot (0x1200) (86fa015f297857cb252d3caa1dd4b83b) \Device\Harddisk1\DR3\Partition0
12:25:33.0671 4772 \Device\Harddisk1\DR3\Partition0 - ok
12:25:33.0671 4772 ============================================================
12:25:33.0671 4772 Scan finished
12:25:33.0671 4772 ============================================================
12:25:33.0671 4564 Detected object count: 0
12:25:33.0671 4564 Actual detected object count: 0



Malwware bytes was clean.

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:21 AM

Posted 23 April 2012 - 07:01 AM

Hi artharpster,

Please do the following next:

Step 1

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2


  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main text field:

    :filefind 
    *0463896drv.sys
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt


Step 2

We Need to Diagnose Your BlueScreen

  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:

    Posted Image
  • When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:

    Posted Image

Please post me the error(s).

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 23 April 2012 - 11:30 AM

The BSOD only happens when I tried to install the Kasperky program.

Did you want me to still do the procedures in STEP 2?


SystemLook 30.07.11 by jpshortstuff
Log created at 12:04 on 23/04/2012 by Randy
Administrator - Elevation successful

========== filefind ==========

Searching for "*0463896drv.sys"
C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX2\Drivers\Win32\2\501\0463896drv.sys --a---- 475736 bytes [16:15 22/04/2012] [23:33 22/04/2012] CD40157A1A5CDDC6CA219AB14A17692A
C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX2\Drivers\Win32\2\600\0463896drv.sys --a---- 489048 bytes [16:15 22/04/2012] [23:33 22/04/2012] D45D320418AD6C36CEFB59C34540257A
C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX2\Drivers\Win64\2\501\0463896drv.sys --a---- 532056 bytes [16:15 22/04/2012] [23:33 22/04/2012] FDDDB889E2BCE3578F42016D5328CB2B
C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX2\Drivers\Win64\2\600\0463896drv.sys --a---- 556632 bytes [16:15 22/04/2012] [23:33 22/04/2012] 8ACBB0D11A99EF06BFFD09C5B4DF0925

-= EOF =-

#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:21 AM

Posted 23 April 2012 - 02:38 PM

Hi

1

The BSOD only happens when I tried to install the Kasperky program.
Did you want me to still do the procedures in STEP 2?

Just the below for the moment:
  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:

Then if the computer does BSOD again, please note down the details.

2

Did you install the program RarSFX2 on the computer? If so was it from online or a cd / dvd?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 25 April 2012 - 08:54 PM

Hi,

The message (no page file message) was: problem caused by following file: 3719828drv.sys


Here is the stop code message - stop: (oxA5BA54Do, oxooooooo2, oxoooooooo, ox8053743o).


The RarSFX2 file is not one I am familiar with nor which program it belongs to.

Thanks dev00790!


PS Because the file that caused the problem was different than the first one, I scanned it with SystemLook:

SystemLook 30.07.11 by jpshortstuff
Log created at 21:44 on 25/04/2012 by Randy
Administrator - Elevation successful

========== filefind ==========

Searching for "*3719828drv.sys"
C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX0\Drivers\Win32\2\501\3719828drv.sys --a---- 475736 bytes [01:25 26/04/2012] [09:34 25/04/2012] CD40157A1A5CDDC6CA219AB14A17692A
C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX0\Drivers\Win32\2\600\3719828drv.sys --a---- 489048 bytes [01:25 26/04/2012] [09:34 25/04/2012] D45D320418AD6C36CEFB59C34540257A
C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX0\Drivers\Win64\2\501\3719828drv.sys --a---- 532056 bytes [01:25 26/04/2012] [09:34 25/04/2012] FDDDB889E2BCE3578F42016D5328CB2B
C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX0\Drivers\Win64\2\600\3719828drv.sys --a---- 556632 bytes [01:25 26/04/2012] [09:34 25/04/2012] 8ACBB0D11A99EF06BFFD09C5B4DF0925

-= EOF =-

#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:21 AM

Posted 26 April 2012 - 06:13 PM

Hi artharpster,

Please do the following

1

Rename

C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX0

to

C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX0_old

2

Rename

C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX2

to

C:\Documents and Settings\Randy\Local Settings\Temp\RarSFX2_old

3

Try running Kaspersky again now. Do you still get the same problem or similar?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#13 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 27 April 2012 - 10:40 AM

These files do not exist in the C:\Documents and Settings\Randy\Local Settings\Temp directory.

Strange.

#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:21 AM

Posted 27 April 2012 - 11:49 AM

Hi artharpster,

Try these:

Step 1


Please set your system to show all hidden files, folders, and file extensions.

  • Please set your system to show all files.
  • Click Start, open My Computer, select the Tools menu and click Folder Options.
  • Select the View Tab. Under the Hidden files and folders heading:
    • Select Show hidden files and folders.
    • Uncheck: Hide file extensions for known file types
    • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.

Step 2

Please tell me the folders that are the following location now:

C:\Documents and Settings\Randy\Local Settings\Temp\

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 27 April 2012 - 01:16 PM

I had set up the computer to view all hidden files before.

These are the file names that were in the temp folder of C:\Documents and Settings\Randy\Local Settings\Temp\

Google Toolbar
Temporary Directory 1 for Master_Your_Metabolism.zip
Temporary Directory 1 for The_Leaders.zip
Temporary Directory 2 for The_Leaders.zip
WPDNSE
~DF10FA
~DF59E0
~DFA9D9
~DFB7B9
AdobeARM
AmazonMP3AlbumArt
AmazonMP3Logo
amt3
CFG77
CFG79
English
MSI8e5f5
Perflib_Perfdata_cf8
SkypeSetup
swtag
uniextract
WCESCOMM
WCESLog
WcesView

Thanks!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users