Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Undetected Rootkit/trojan issue - web browser keeps opening


  • Please log in to reply
9 replies to this topic

#1 Boryon

Boryon

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 18 October 2011 - 04:02 AM

Hi,

I'm fairly sure my poor home PC has a trojan/rootkit. The symptoms I see are:
  • If I have focus in something other than my default browser, a new instance of the default browser is opened to my homepage.
  • If I have focus on the default browser, my current tab is changed to my homepage.
This happens randomly. Sometimes I will not have an issue for several hours. Sometimes I have it occur several times in a minute. I kill these browsers as soon as they pop up.

It does not seem to matter what I am running at the time. I have had this happen while running nothing else. I have had this happen while running games.

I had not performed any unusual activity on the net immediately prior to first noticing this problem.

Thus far, scans with the following products have failed to fix the problem:
* MalwareBytes Anti-Malware
* Microsoft Security Essentials (found 3 exploits, a trojan and 1 adware)
* Dr Web (found 1 other issue)
* Avast
* TDSSKiller (scan only, no alterations done)

My machine appears to be working fine (perhaps a little more sluggish than normal) apart from these browsers popping up/changing tabs.

Cheers,
Chris

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:37 PM

Posted 18 October 2011 - 10:55 AM

Which browser is affected?

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Boryon

Boryon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 18 October 2011 - 11:55 AM

Hi,

I have seen both Firefox and Chrome exhibit this problem. It depends on which is set to be the default.

Here is the Security Check log:

Results of screen317's Security Check version 0.99.7
Windows 7 Service Pack 1 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
HijackThis 2.0.2
CCleaner
Java™ 6 Update 18
Out of date Java installed!
Adobe Flash Player 11.0.1.152
Adobe Reader 9.1
Adobe Reader 9.2
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-GB..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
``````````End of Log````````````

#4 Boryon

Boryon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 18 October 2011 - 11:57 AM

Mini Toolbox Report:

MiniToolBox by Farbar
Ran by cmb (administrator) on 18-10-2011 at 17:56:25
Windows 7 Home Premium Service Pack 1 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
========================= Hosts content: =================================



========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : rawr
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-22-FB-C7-C5-9E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 40-61-86-15-EC-DD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.2.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 18 October 2011 17:46:52
Lease Expires . . . . . . . . . . : 25 November 2147 00:24:40
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 209.85.229.104
209.85.229.105
209.85.229.147
209.85.229.99
209.85.229.103


Pinging google.com [209.85.169.147] with 32 bytes of data:
Reply from 209.85.169.147: bytes=32 time=16ms TTL=55
Reply from 209.85.169.147: bytes=32 time=16ms TTL=55

Ping statistics for 209.85.169.147:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 16ms, Average = 16ms
Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 67.195.160.76
72.30.2.43
98.137.149.56
98.139.180.149
209.191.122.70


Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=202ms TTL=46
Reply from 98.137.149.56: bytes=32 time=184ms TTL=45

Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 184ms, Maximum = 202ms, Average = 193ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 22 fb c7 c5 9e ......Intel® WiFi Link 5100 AGN
10...40 61 86 15 ec dd ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.4 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.4 276
192.168.2.4 255.255.255.255 On-link 192.168.2.4 276
192.168.2.255 255.255.255.255 On-link 192.168.2.4 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.4 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.4 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/17/2011 00:33:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/17/2011 00:33:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/17/2011 00:33:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/17/2011 00:33:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/17/2011 00:33:02 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/17/2011 00:32:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (10/16/2011 04:29:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2011 04:29:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2011 04:29:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2011 04:29:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (10/18/2011 05:47:10 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (10/18/2011 05:46:55 PM) (Source: Service Control Manager) (User: )
Description: The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.

Error: (10/18/2011 05:46:50 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/18/2011 05:46:50 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/18/2011 05:46:49 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/18/2011 05:46:49 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/18/2011 07:11:39 AM) (Source: Service Control Manager) (User: )
Description: The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.

Error: (10/18/2011 07:11:29 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/18/2011 07:11:29 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/18/2011 07:11:28 AM) (Source: atikmdag) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe Download Manager (Version: 1.6.2.91)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 11 Plugin (Version: 11.0.1.152)
Adobe Reader 9.1 (Version: 9.1.0)
Adobe Reader 9.2 (Version: 9.2.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Apple Application Support (Version: 1.1.0)
Apple Mobile Device Support (Version: 2.6.0.32)
Apple Software Update (Version: 2.1.1.116)
ATI Catalyst Install Manager (Version: 3.0.732.0)
BioShock 2 (Version: 1.0.0002.131)
BioShock 2 (Version: 1.00.0000)
Bonjour (Version: 1.0.106)
Catalyst Control Center Core Implementation (Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Full Existing (Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Full New (Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Light (Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0710.1127.18698)
Catalyst Control Center InstallProxy (Version: 2009.0710.1127.18698)
Catalyst Control Center Localization All (Version: 2009.0710.1127.18698)
ccc-core-static (Version: 2009.0710.1127.18698)
ccc-utility (Version: 2009.0710.1127.18698)
CCC Help Chinese Standard (Version: 2009.0710.1126.18698)
CCC Help Chinese Traditional (Version: 2009.0710.1126.18698)
CCC Help Czech (Version: 2009.0710.1126.18698)
CCC Help English (Version: 2009.0710.1126.18698)
CCC Help French (Version: 2009.0710.1126.18698)
CCC Help German (Version: 2009.0710.1126.18698)
CCC Help Hungarian (Version: 2009.0710.1126.18698)
CCC Help Italian (Version: 2009.0710.1126.18698)
CCC Help Korean (Version: 2009.0710.1126.18698)
CCC Help Polish (Version: 2009.0710.1126.18698)
CCC Help Portuguese (Version: 2009.0710.1126.18698)
CCC Help Russian (Version: 2009.0710.1126.18698)
CCC Help Spanish (Version: 2009.0710.1126.18698)
CCC Help Turkish (Version: 2009.0710.1126.18698)
CCleaner (Version: 2.28)
Click to Call with Skype (Version: 5.6.8153)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
CyberLink Power2Go (Version: 6.0.3128)
CyberLink YouCam (Version: 3.0.1930)
Deus Ex
Dragon Age: Origins (Version: 1.00)
Dungeons of Dredmor
ENE CIR Receiver Driver (Version: 2.7.3.519)
Fallout 3 (Version: 1.00.0000)
HijackThis 2.0.2 (Version: 2.0.2)
Impulse (Version: 1.0)
IrfanView (remove only)
iTunes (Version: 9.0.2.25)
IZArc 4.1 (Version: 4.1)
Java Auto Updater (Version: 2.0.1.2)
Java™ 6 Update 18 (Version: 6.0.180)
JetBrains Omea Reader
LSI HDA Modem (Version: 2.1.95)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Mass Effect 2 (Version: 1.00)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 7.0.1 (x86 en-GB) (Version: 7.0.1)
Mumble 1.2.3 (Version: 1.2.3)
NVIDIA PhysX (Version: 9.09.0814)
O2Micro Flash Memory Card Reader Driver (Version: 3.31.02)
Oblivion (Version: 1.00.0000)
Pando Media Booster (Version: 2.3.6.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
QuickTime (Version: 7.65.17.80)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Realtek High Definition Audio Driver (Version: 6.0.1.5888)
Sid Meier's Civilization V
Skype™ 5.3 (Version: 5.3.120)
Spybot - Search & Destroy (Version: 1.6.2)
Steam (Version: 1.0.0.0)
System Control Manager (Version: 2.209.0805.005.02)
TextPad 5 (Version: 5.3.1)
The Lord of the Rings Online™ v03.03.05.8039 (Version: 03.03.05.8039)
Ventrilo Client (Version: 3.0.5)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
World of Warcraft (Version: 0.0.0.0)
World of Warcraft Public Test (Version: 0.0.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 3071.16 MB
Available physical RAM: 2143.24 MB
Total Pagefile: 6140.6 MB
Available Pagefile: 5166.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.34 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:456.48 GB) (Free:288.12 GB) NTFS
2 Drive d: (DeusEx_v1002f) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\RAWR

Administrator ASPNET cmb
Guest


**** End of log ****

#5 Boryon

Boryon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 18 October 2011 - 12:06 PM

MBAM log (just to taunt me, Chrome started up on its own twice just as MBAM completed its scan):

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7974

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

18/10/2011 18:05:03
mbam-log-2011-10-18 (18-05-03).txt

Scan type: Quick scan
Objects scanned: 164436
Time elapsed: 4 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#6 Boryon

Boryon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 18 October 2011 - 12:33 PM

GMER log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-18 18:30:39
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000BEVT-22ZAT0 rev.01.01A01
Running: ddf6ixnm.exe; Driver: C:\Users\cmb\AppData\Local\Temp\pgldrpob.sys


---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKey + 13D1 82E44349 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E7DD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x91625000, 0x2D51C8, 0xE8000020]

---- Devices - GMER 1.0.15 ----

Device \Driver\ACPI_HAL \Device\00000044 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:37 PM

Posted 18 October 2011 - 12:40 PM

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 Boryon

Boryon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 18 October 2011 - 01:00 PM

TDSSKiller Report:

18:59:14.0449 2560 TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23
18:59:14.0515 2560 ============================================================
18:59:14.0515 2560 Current date / time: 2011/10/18 18:59:14.0515
18:59:14.0515 2560 SystemInfo:
18:59:14.0515 2560
18:59:14.0515 2560 OS Version: 6.1.7601 ServicePack: 1.0
18:59:14.0515 2560 Product type: Workstation
18:59:14.0515 2560 ComputerName: RAWR
18:59:14.0515 2560 UserName: cmb
18:59:14.0515 2560 Windows directory: C:\Windows
18:59:14.0515 2560 System windows directory: C:\Windows
18:59:14.0515 2560 Processor architecture: Intel x86
18:59:14.0515 2560 Number of processors: 4
18:59:14.0515 2560 Page size: 0x1000
18:59:14.0515 2560 Boot type: Normal boot
18:59:14.0515 2560 ============================================================
18:59:15.0655 2560 Initialize success
18:59:16.0527 2656 ============================================================
18:59:16.0527 2656 Scan started
18:59:16.0527 2656 Mode: Manual;
18:59:16.0527 2656 ============================================================
18:59:17.0310 2656 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:59:17.0311 2656 1394ohci - ok
18:59:17.0363 2656 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:59:17.0365 2656 ACPI - ok
18:59:17.0403 2656 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:59:17.0404 2656 AcpiPmi - ok
18:59:17.0455 2656 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:59:17.0458 2656 adp94xx - ok
18:59:17.0497 2656 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:59:17.0500 2656 adpahci - ok
18:59:17.0521 2656 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:59:17.0523 2656 adpu320 - ok
18:59:17.0601 2656 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:59:17.0604 2656 AFD - ok
18:59:17.0667 2656 AgereSoftModem (7c4297d354445ad0a3435889a2e4cac2) C:\Windows\system32\DRIVERS\AGRSM.sys
18:59:17.0676 2656 AgereSoftModem - ok
18:59:17.0735 2656 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:59:17.0736 2656 agp440 - ok
18:59:17.0797 2656 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:59:17.0797 2656 aic78xx - ok
18:59:17.0838 2656 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:59:17.0838 2656 aliide - ok
18:59:17.0903 2656 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:59:17.0903 2656 amdagp - ok
18:59:17.0922 2656 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:59:17.0923 2656 amdide - ok
18:59:17.0949 2656 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:59:17.0949 2656 AmdK8 - ok
18:59:17.0968 2656 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:59:17.0969 2656 AmdPPM - ok
18:59:18.0018 2656 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:59:18.0019 2656 amdsata - ok
18:59:18.0070 2656 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:59:18.0071 2656 amdsbs - ok
18:59:18.0101 2656 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:59:18.0102 2656 amdxata - ok
18:59:18.0152 2656 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:59:18.0154 2656 AppID - ok
18:59:18.0246 2656 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:59:18.0247 2656 arc - ok
18:59:18.0261 2656 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:59:18.0262 2656 arcsas - ok
18:59:18.0355 2656 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:59:18.0356 2656 AsyncMac - ok
18:59:18.0394 2656 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:59:18.0395 2656 atapi - ok
18:59:18.0581 2656 atikmdag (c17c77e84b11b5e01f32dd6b98930f36) C:\Windows\system32\DRIVERS\atikmdag.sys
18:59:18.0610 2656 atikmdag - ok
18:59:18.0669 2656 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:59:18.0672 2656 b06bdrv - ok
18:59:18.0699 2656 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:59:18.0702 2656 b57nd60x - ok
18:59:18.0729 2656 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:59:18.0730 2656 Beep - ok
18:59:18.0761 2656 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:59:18.0762 2656 blbdrive - ok
18:59:18.0819 2656 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:59:18.0820 2656 bowser - ok
18:59:18.0837 2656 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:59:18.0837 2656 BrFiltLo - ok
18:59:18.0859 2656 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:59:18.0859 2656 BrFiltUp - ok
18:59:18.0890 2656 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:59:18.0892 2656 Brserid - ok
18:59:18.0919 2656 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:59:18.0920 2656 BrSerWdm - ok
18:59:18.0951 2656 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:59:18.0952 2656 BrUsbMdm - ok
18:59:18.0966 2656 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:59:18.0966 2656 BrUsbSer - ok
18:59:18.0980 2656 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:59:18.0981 2656 BTHMODEM - ok
18:59:19.0037 2656 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:59:19.0038 2656 cdfs - ok
18:59:19.0101 2656 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
18:59:19.0102 2656 cdrom - ok
18:59:19.0137 2656 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:59:19.0138 2656 circlass - ok
18:59:19.0189 2656 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:59:19.0190 2656 CLFS - ok
18:59:19.0272 2656 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:59:19.0273 2656 CmBatt - ok
18:59:19.0316 2656 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:59:19.0316 2656 cmdide - ok
18:59:19.0357 2656 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
18:59:19.0359 2656 CNG - ok
18:59:19.0384 2656 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:59:19.0385 2656 Compbatt - ok
18:59:19.0444 2656 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:59:19.0445 2656 CompositeBus - ok
18:59:19.0467 2656 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:59:19.0468 2656 crcdisk - ok
18:59:19.0554 2656 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:59:19.0555 2656 DfsC - ok
18:59:19.0594 2656 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:59:19.0594 2656 discache - ok
18:59:19.0628 2656 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:59:19.0629 2656 Disk - ok
18:59:19.0680 2656 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:59:19.0680 2656 drmkaud - ok
18:59:19.0731 2656 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:59:19.0737 2656 DXGKrnl - ok
18:59:19.0839 2656 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:59:19.0862 2656 ebdrv - ok
18:59:19.0898 2656 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:59:19.0901 2656 elxstor - ok
18:59:19.0948 2656 enecir (70c764bfe0ec4b1b242e9626d3564443) C:\Windows\system32\DRIVERS\enecir.sys
18:59:19.0948 2656 enecir - ok
18:59:19.0961 2656 enecirhid (65bf24816c2814596253f312dd35f171) C:\Windows\system32\DRIVERS\enecirhid.sys
18:59:19.0962 2656 enecirhid - ok
18:59:19.0974 2656 enecirhidma (97d41e2831ac117af9bf8d0d9e9d027f) C:\Windows\system32\DRIVERS\enecirhidma.sys
18:59:19.0975 2656 enecirhidma - ok
18:59:20.0015 2656 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:59:20.0016 2656 ErrDev - ok
18:59:20.0058 2656 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:59:20.0060 2656 exfat - ok
18:59:20.0087 2656 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:59:20.0089 2656 fastfat - ok
18:59:20.0110 2656 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:59:20.0111 2656 fdc - ok
18:59:20.0146 2656 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:59:20.0146 2656 FileInfo - ok
18:59:20.0161 2656 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:59:20.0161 2656 Filetrace - ok
18:59:20.0181 2656 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:59:20.0182 2656 flpydisk - ok
18:59:20.0221 2656 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:59:20.0222 2656 FltMgr - ok
18:59:20.0246 2656 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:59:20.0247 2656 FsDepends - ok
18:59:20.0262 2656 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
18:59:20.0263 2656 Fs_Rec - ok
18:59:20.0305 2656 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:59:20.0306 2656 fvevol - ok
18:59:20.0352 2656 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:59:20.0353 2656 gagp30kx - ok
18:59:20.0402 2656 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:59:20.0403 2656 GEARAspiWDM - ok
18:59:20.0432 2656 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:59:20.0433 2656 hcw85cir - ok
18:59:20.0522 2656 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:59:20.0524 2656 HdAudAddService - ok
18:59:20.0569 2656 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:59:20.0570 2656 HDAudBus - ok
18:59:20.0589 2656 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:59:20.0589 2656 HidBatt - ok
18:59:20.0606 2656 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:59:20.0608 2656 HidBth - ok
18:59:20.0643 2656 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:59:20.0644 2656 HidIr - ok
18:59:20.0694 2656 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
18:59:20.0695 2656 HidUsb - ok
18:59:20.0730 2656 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:59:20.0731 2656 HpSAMD - ok
18:59:20.0796 2656 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:59:20.0800 2656 HTTP - ok
18:59:20.0832 2656 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:59:20.0832 2656 hwpolicy - ok
18:59:20.0885 2656 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:59:20.0887 2656 i8042prt - ok
18:59:20.0934 2656 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
18:59:20.0937 2656 iaStorV - ok
18:59:20.0980 2656 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:59:20.0981 2656 iirsp - ok
18:59:21.0101 2656 IntcAzAudAddService (f2baa4ff548f7f0317f7638951c1cd9c) C:\Windows\system32\drivers\RTKVHDA.sys
18:59:21.0120 2656 IntcAzAudAddService - ok
18:59:21.0168 2656 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:59:21.0169 2656 intelide - ok
18:59:21.0212 2656 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:59:21.0212 2656 intelppm - ok
18:59:21.0237 2656 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:59:21.0237 2656 IpFilterDriver - ok
18:59:21.0287 2656 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:59:21.0288 2656 IPMIDRV - ok
18:59:21.0303 2656 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:59:21.0305 2656 IPNAT - ok
18:59:21.0343 2656 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:59:21.0344 2656 IRENUM - ok
18:59:21.0410 2656 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:59:21.0411 2656 isapnp - ok
18:59:21.0455 2656 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:59:21.0457 2656 iScsiPrt - ok
18:59:21.0499 2656 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:59:21.0500 2656 kbdclass - ok
18:59:21.0514 2656 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
18:59:21.0515 2656 kbdhid - ok
18:59:21.0573 2656 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
18:59:21.0574 2656 KSecDD - ok
18:59:21.0607 2656 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
18:59:21.0609 2656 KSecPkg - ok
18:59:21.0653 2656 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:59:21.0654 2656 lltdio - ok
18:59:21.0687 2656 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:59:21.0688 2656 LSI_FC - ok
18:59:21.0717 2656 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:59:21.0718 2656 LSI_SAS - ok
18:59:21.0734 2656 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:59:21.0735 2656 LSI_SAS2 - ok
18:59:21.0755 2656 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:59:21.0756 2656 LSI_SCSI - ok
18:59:21.0775 2656 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:59:21.0775 2656 luafv - ok
18:59:21.0804 2656 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:59:21.0804 2656 megasas - ok
18:59:21.0838 2656 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:59:21.0840 2656 MegaSR - ok
18:59:21.0874 2656 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:59:21.0875 2656 Modem - ok
18:59:21.0898 2656 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:59:21.0899 2656 monitor - ok
18:59:21.0967 2656 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
18:59:21.0968 2656 mouclass - ok
18:59:21.0980 2656 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:59:21.0981 2656 mouhid - ok
18:59:22.0022 2656 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:59:22.0024 2656 mountmgr - ok
18:59:22.0097 2656 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
18:59:22.0098 2656 MpFilter - ok
18:59:22.0135 2656 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:59:22.0137 2656 mpio - ok
18:59:22.0249 2656 MpKsl976315b7 - ok
18:59:22.0339 2656 MpKsld2daa4c1 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{49166737-DC5A-4A6B-A2F6-368F8B265FF0}\MpKsld2daa4c1.sys
18:59:22.0340 2656 MpKsld2daa4c1 - ok
18:59:22.0443 2656 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
18:59:22.0444 2656 MpNWMon - ok
18:59:22.0480 2656 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:59:22.0481 2656 mpsdrv - ok
18:59:22.0528 2656 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:59:22.0529 2656 MRxDAV - ok
18:59:22.0579 2656 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:59:22.0580 2656 mrxsmb - ok
18:59:22.0627 2656 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:59:22.0629 2656 mrxsmb10 - ok
18:59:22.0653 2656 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:59:22.0654 2656 mrxsmb20 - ok
18:59:22.0697 2656 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
18:59:22.0697 2656 msahci - ok
18:59:22.0753 2656 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
18:59:22.0755 2656 msdsm - ok
18:59:22.0805 2656 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:59:22.0806 2656 Msfs - ok
18:59:22.0816 2656 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:59:22.0816 2656 mshidkmdf - ok
18:59:22.0868 2656 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:59:22.0868 2656 msisadrv - ok
18:59:22.0908 2656 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:59:22.0908 2656 MSKSSRV - ok
18:59:22.0962 2656 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:59:22.0963 2656 MSPCLOCK - ok
18:59:22.0986 2656 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:59:22.0987 2656 MSPQM - ok
18:59:23.0004 2656 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:59:23.0006 2656 MsRPC - ok
18:59:23.0050 2656 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:59:23.0051 2656 mssmbios - ok
18:59:23.0071 2656 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:59:23.0072 2656 MSTEE - ok
18:59:23.0084 2656 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:59:23.0085 2656 MTConfig - ok
18:59:23.0105 2656 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:59:23.0106 2656 Mup - ok
18:59:23.0158 2656 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:59:23.0160 2656 NativeWifiP - ok
18:59:23.0237 2656 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:59:23.0242 2656 NDIS - ok
18:59:23.0260 2656 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:59:23.0261 2656 NdisCap - ok
18:59:23.0295 2656 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:59:23.0296 2656 NdisTapi - ok
18:59:23.0346 2656 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:59:23.0346 2656 Ndisuio - ok
18:59:23.0397 2656 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:59:23.0398 2656 NdisWan - ok
18:59:23.0433 2656 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:59:23.0434 2656 NDProxy - ok
18:59:23.0476 2656 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:59:23.0477 2656 NetBIOS - ok
18:59:23.0530 2656 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:59:23.0532 2656 NetBT - ok
18:59:23.0708 2656 netw5v32 (af1ae2e42b03395560b1cde03230205c) C:\Windows\system32\DRIVERS\netw5v32.sys
18:59:23.0731 2656 netw5v32 - ok
18:59:23.0800 2656 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:59:23.0801 2656 nfrd960 - ok
18:59:23.0851 2656 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:59:23.0852 2656 NisDrv - ok
18:59:23.0936 2656 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:59:23.0937 2656 Npfs - ok
18:59:23.0952 2656 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:59:23.0953 2656 nsiproxy - ok
18:59:24.0036 2656 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
18:59:24.0045 2656 Ntfs - ok
18:59:24.0068 2656 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:59:24.0068 2656 Null - ok
18:59:24.0118 2656 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
18:59:24.0120 2656 nvraid - ok
18:59:24.0150 2656 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
18:59:24.0151 2656 nvstor - ok
18:59:24.0209 2656 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:59:24.0211 2656 nv_agp - ok
18:59:24.0261 2656 O2MDRDR (922046f114ac0c1b2484bcdd5ca43c07) C:\Windows\system32\DRIVERS\o2media.sys
18:59:24.0262 2656 O2MDRDR - ok
18:59:24.0296 2656 O2SDRDR (51c368f577513feb59ed70b45e930076) C:\Windows\system32\DRIVERS\o2sd.sys
18:59:24.0297 2656 O2SDRDR - ok
18:59:24.0364 2656 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:59:24.0365 2656 ohci1394 - ok
18:59:24.0413 2656 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:59:24.0414 2656 Parport - ok
18:59:24.0456 2656 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:59:24.0457 2656 partmgr - ok
18:59:24.0479 2656 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:59:24.0480 2656 Parvdm - ok
18:59:24.0544 2656 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:59:24.0546 2656 pci - ok
18:59:24.0569 2656 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:59:24.0570 2656 pciide - ok
18:59:24.0600 2656 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:59:24.0602 2656 pcmcia - ok
18:59:24.0621 2656 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:59:24.0622 2656 pcw - ok
18:59:24.0651 2656 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:59:24.0656 2656 PEAUTH - ok
18:59:24.0710 2656 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:59:24.0711 2656 PptpMiniport - ok
18:59:24.0733 2656 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:59:24.0733 2656 Processor - ok
18:59:24.0762 2656 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:59:24.0763 2656 Psched - ok
18:59:24.0829 2656 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:59:24.0839 2656 ql2300 - ok
18:59:24.0863 2656 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:59:24.0864 2656 ql40xx - ok
18:59:24.0889 2656 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:59:24.0890 2656 QWAVEdrv - ok
18:59:24.0908 2656 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:59:24.0908 2656 RasAcd - ok
18:59:24.0949 2656 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:59:24.0950 2656 RasAgileVpn - ok
18:59:24.0972 2656 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:59:24.0973 2656 Rasl2tp - ok
18:59:24.0999 2656 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:59:25.0000 2656 RasPppoe - ok
18:59:25.0020 2656 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:59:25.0021 2656 RasSstp - ok
18:59:25.0060 2656 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:59:25.0062 2656 rdbss - ok
18:59:25.0090 2656 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:59:25.0091 2656 rdpbus - ok
18:59:25.0127 2656 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:59:25.0128 2656 RDPCDD - ok
18:59:25.0158 2656 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:59:25.0158 2656 RDPENCDD - ok
18:59:25.0169 2656 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:59:25.0170 2656 RDPREFMP - ok
18:59:25.0215 2656 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
18:59:25.0217 2656 RDPWD - ok
18:59:25.0279 2656 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:59:25.0280 2656 rdyboost - ok
18:59:25.0330 2656 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:59:25.0331 2656 rspndr - ok
18:59:25.0373 2656 RTHDMIAzAudService (87407b31ea6ff0dc4765258164b98bea) C:\Windows\system32\drivers\RtHDMIV.sys
18:59:25.0375 2656 RTHDMIAzAudService - ok
18:59:25.0433 2656 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys
18:59:25.0435 2656 RTL8167 - ok
18:59:25.0491 2656 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:59:25.0492 2656 sbp2port - ok
18:59:25.0554 2656 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:59:25.0555 2656 scfilter - ok
18:59:25.0614 2656 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
18:59:25.0615 2656 sdbus - ok
18:59:25.0664 2656 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:59:25.0665 2656 secdrv - ok
18:59:25.0715 2656 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:59:25.0716 2656 Serenum - ok
18:59:25.0761 2656 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:59:25.0762 2656 Serial - ok
18:59:25.0812 2656 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:59:25.0813 2656 sermouse - ok
18:59:25.0859 2656 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:59:25.0860 2656 sffdisk - ok
18:59:25.0873 2656 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:59:25.0874 2656 sffp_mmc - ok
18:59:25.0894 2656 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
18:59:25.0895 2656 sffp_sd - ok
18:59:25.0921 2656 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:59:25.0922 2656 sfloppy - ok
18:59:25.0986 2656 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:59:25.0987 2656 sisagp - ok
18:59:26.0017 2656 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:59:26.0018 2656 SiSRaid2 - ok
18:59:26.0060 2656 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:59:26.0061 2656 SiSRaid4 - ok
18:59:26.0094 2656 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:59:26.0095 2656 Smb - ok
18:59:26.0153 2656 smserial (19301c27f3425dc39f6c599f527e507d) C:\Windows\system32\DRIVERS\smserial.sys
18:59:26.0162 2656 smserial - ok
18:59:26.0207 2656 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:59:26.0208 2656 spldr - ok
18:59:26.0263 2656 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:59:26.0266 2656 srv - ok
18:59:26.0293 2656 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:59:26.0296 2656 srv2 - ok
18:59:26.0311 2656 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:59:26.0312 2656 srvnet - ok
18:59:26.0384 2656 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:59:26.0385 2656 stexstor - ok
18:59:26.0444 2656 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:59:26.0445 2656 swenum - ok
18:59:26.0532 2656 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys
18:59:26.0542 2656 Tcpip - ok
18:59:26.0599 2656 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys
18:59:26.0609 2656 TCPIP6 - ok
18:59:26.0645 2656 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:59:26.0646 2656 tcpipreg - ok
18:59:26.0691 2656 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:59:26.0692 2656 TDPIPE - ok
18:59:26.0712 2656 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
18:59:26.0713 2656 TDTCP - ok
18:59:26.0750 2656 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:59:26.0751 2656 tdx - ok
18:59:26.0798 2656 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:59:26.0799 2656 TermDD - ok
18:59:26.0859 2656 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:59:26.0860 2656 tssecsrv - ok
18:59:26.0923 2656 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:59:26.0924 2656 TsUsbFlt - ok
18:59:26.0992 2656 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:59:26.0993 2656 tunnel - ok
18:59:27.0019 2656 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:59:27.0020 2656 uagp35 - ok
18:59:27.0058 2656 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:59:27.0060 2656 udfs - ok
18:59:27.0116 2656 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:59:27.0117 2656 uliagpkx - ok
18:59:27.0168 2656 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:59:27.0169 2656 umbus - ok
18:59:27.0191 2656 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:59:27.0192 2656 UmPass - ok
18:59:27.0249 2656 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
18:59:27.0250 2656 USBAAPL - ok
18:59:27.0269 2656 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
18:59:27.0270 2656 usbccgp - ok
18:59:27.0317 2656 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:59:27.0318 2656 usbcir - ok
18:59:27.0351 2656 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
18:59:27.0352 2656 usbehci - ok
18:59:27.0383 2656 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
18:59:27.0385 2656 usbhub - ok
18:59:27.0415 2656 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
18:59:27.0415 2656 usbohci - ok
18:59:27.0450 2656 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:59:27.0451 2656 usbprint - ok
18:59:27.0468 2656 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:59:27.0469 2656 USBSTOR - ok
18:59:27.0499 2656 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:59:27.0499 2656 usbuhci - ok
18:59:27.0567 2656 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
18:59:27.0569 2656 usbvideo - ok
18:59:27.0627 2656 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:59:27.0628 2656 vdrvroot - ok
18:59:27.0668 2656 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:59:27.0669 2656 vga - ok
18:59:27.0688 2656 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:59:27.0688 2656 VgaSave - ok
18:59:27.0719 2656 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:59:27.0720 2656 vhdmp - ok
18:59:27.0765 2656 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:59:27.0766 2656 viaagp - ok
18:59:27.0791 2656 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:59:27.0792 2656 ViaC7 - ok
18:59:27.0810 2656 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:59:27.0811 2656 viaide - ok
18:59:27.0834 2656 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:59:27.0835 2656 volmgr - ok
18:59:27.0856 2656 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:59:27.0859 2656 volmgrx - ok
18:59:27.0885 2656 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:59:27.0887 2656 volsnap - ok
18:59:27.0923 2656 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:59:27.0925 2656 vsmraid - ok
18:59:27.0958 2656 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
18:59:27.0959 2656 vwifibus - ok
18:59:27.0998 2656 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:59:27.0999 2656 WacomPen - ok
18:59:28.0043 2656 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:59:28.0044 2656 WANARP - ok
18:59:28.0048 2656 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:59:28.0049 2656 Wanarpv6 - ok
18:59:28.0106 2656 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:59:28.0107 2656 Wd - ok
18:59:28.0151 2656 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:59:28.0154 2656 Wdf01000 - ok
18:59:28.0208 2656 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:59:28.0208 2656 WfpLwf - ok
18:59:28.0218 2656 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:59:28.0219 2656 WIMMount - ok
18:59:28.0301 2656 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:59:28.0302 2656 WmiAcpi - ok
18:59:28.0361 2656 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:59:28.0361 2656 ws2ifsl - ok
18:59:28.0424 2656 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:59:28.0425 2656 WudfPf - ok
18:59:28.0479 2656 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:59:28.0480 2656 WUDFRd - ok
18:59:28.0522 2656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:59:28.0535 2656 \Device\Harddisk0\DR0 - ok
18:59:28.0539 2656 Boot (0x1200) (179a9ffa54289accaf2c2a116660d24b) \Device\Harddisk0\DR0\Partition0
18:59:28.0540 2656 \Device\Harddisk0\DR0\Partition0 - ok
18:59:28.0557 2656 Boot (0x1200) (45ab62479c3fcf3e1ab1524d12d19f13) \Device\Harddisk0\DR0\Partition1
18:59:28.0558 2656 \Device\Harddisk0\DR0\Partition1 - ok
18:59:28.0558 2656 ============================================================
18:59:28.0558 2656 Scan finished
18:59:28.0558 2656 ============================================================
18:59:28.0568 3192 Detected object count: 0
18:59:28.0568 3192 Actual detected object count: 0

#9 Boryon

Boryon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 18 October 2011 - 01:03 PM

Erm, I think I've found the problem.

I have multiple keyboards on this PC, I only normally use the big ergonomic one. I hadn't noticed that the mouse cable had wandered over the other keyboard that happens to have some touch sensitive macro keys that I never use. One of those was "start default browser". That gives you exactly the symptoms I experienced and accounts for the randomness.

Thank you for your help and excuse me while I go and blush extensively in the corner...

Chris

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:37 PM

Posted 18 October 2011 - 01:14 PM

LOOOOOL....

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users