Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect and TCP/IP Ping Command Error


  • This topic is locked This topic is locked
62 replies to this topic

#1 quaddro21

quaddro21

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 15 December 2011 - 03:39 PM

Hi all, I appreciate your attention to this.

Been about 2 says that I have been having this issue. Computer also seems to start making alot of noise, like the fans going really fast for about 2 minutes then calms down...it does this about twice per hour.

I have tried running Windows Update, but it fails everytime.


xXxXxXxXxXxXxXxXxXxXxX-- Below is the DDS log --XxXxXxXxXxXxXxXxXxXxXx


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Marco at 13:33:51 on 2011-12-15
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3322.1563 [GMT -5:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Windows\System32\mobsync.exe
C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\ping.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.espn.com
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GM5632E
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GM5632E
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GM5632E
BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: pdfMachine: {56cf4856-ecb4-4e46-a897-a378821f97b9} - c:\windows\system32\spool\drivers\w32x86\3\bgstb.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No File
TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: pdfMachine: {56cf4856-ecb4-4e46-a897-a378821f97b9} - c:\windows\system32\spool\drivers\w32x86\3\bgstb.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Akamai NetSession Interface] c:\users\marco\appdata\local\akamai\netsession_win.exe
mRun: [NMSSupport] "c:\program files\common files\intel\inteldh\nms\support\IntelHCTAgent.exe" /startup
mRun: [CCUTRAYICON] c:\program files\intel\inteldh\ccu\CCU_TrayIcon.exe
mRun: [USB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController
mRun: [USBToolTip] "c:\program files\pinnacle\shared files\\programs\usbtip\USBTip.exe"
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [IAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [ArcSoft MediaImpression Monitor] c:\program files\kodak\mediaimpression\ArcMonitor.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "c:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mic273~1\office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: intuit.com\ttlc
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://webvpn-bw03.jpmorganchase.com/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 192.168.1.1 167.206.251.129 167.206.251.130
TCP: Interfaces\{A535EE2E-27D4-4B2C-B842-F9FCB3F88871} : DhcpNameServer = 192.168.1.1 167.206.251.129 167.206.251.130
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 relog_ap
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\marco\appdata\roaming\mozilla\firefox\profiles\zytm8pbw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.startup.homepage - hxxp://espn.com
FF - prefs.js: keyword.URL - hxxp://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z059&partner_id=308&product_id=435&affiliate_id=&channel=rjddr&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110531&user_guid=2D717DC707484B088D2A2755324681FC&machine_id=ea722989a36f3628c3983b74b5bde7bb&browser=FF&os=win&os_version=6.0-x86-SP2&q=
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPVISTAEE.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\users\marco\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 19329472;19329472 Boot Guard Driver;c:\windows\system32\drivers\19329472.sys [2011-6-1 37392]
R0 84126872;84126872 Boot Guard Driver;c:\windows\system32\drivers\84126872.sys [2011-6-1 37392]
R0 oodrvled;oodrvled;c:\windows\system32\drivers\OODrvled.sys [2011-3-2 25680]
R1 19329471;19329471;c:\windows\system32\drivers\19329471.sys [2011-6-1 128016]
R1 84126871;84126871;c:\windows\system32\drivers\84126871.sys [2011-6-1 128016]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-6-6 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-6-6 29712]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-2-10 243152]
R1 Kaspersky Virus Removal Installdrv;Kaspersky Virus Removal Installdrv;c:\windows\system32\drivers\8412687.sys [2011-6-1 311312]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKslcf1e95b8;MpKslcf1e95b8;c:\programdata\microsoft\microsoft antimalware\definition updates\{e299d165-9ecc-4dba-aac0-7e6ad477c9f3}\MpKslcf1e95b8.sys [2011-12-15 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R1 setup_9.0.0.722_02.06.2011_04-41drv;setup_9.0.0.722_02.06.2011_04-41drv;c:\windows\system32\drivers\1932947.sys [2011-6-1 311312]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-5-4 116608]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 AHDDC2;Ashampoo HDD Control 2 Service;c:\program files\ashampoo\ashampoo hdd control 2\AHDDC2_Service.exe [2011-2-28 1515864]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-6-22 21504]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-16 308136]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2007-2-12 208896]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-22 21504]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2010-7-7 13336]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-4-27 366152]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\nitro pdf\reader\NitroPDFReaderDriverService.exe [2011-1-14 196912]
R2 NMSCore;Intel® NMSCore;c:\program files\common files\intel\inteldh\nms\nmscore\NMSCore.exe [2007-4-6 313816]
R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2007-2-18 5376]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-12-10 2214504]
R2 QualityManager;Intel® Quality Manager;c:\program files\intel\inteldh\intel media server\media server\bin\QualityManager.exe [2007-4-6 272856]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-4-8 24652]
R3 IntelDH;IntelDH Driver;c:\windows\system32\drivers\IntelDH.sys [2007-12-6 5504]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-4-11 22216]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-24 135664]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2008-6-22 21504]
S2 MCLServiceATL;Intel® Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2007-4-6 158168]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2009-1-30 84832]
S3 DfSdkS;Defragmentation-Service;c:\program files\ashampoo\ashampoo hdd control 2\DfSdkS.exe [2011-2-28 406016]
S3 DHTRACE;Intel® DHTrace Controller;c:\program files\common files\intel\inteldh\bin\DHTraceController.exe [2007-4-6 39896]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-24 135664]
S3 HSXHWBS3;HSXHWBS3;c:\windows\system32\drivers\HSXHWBS3.sys [2008-10-15 205824]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;c:\windows\system32\drivers\MarvinAVS.sys [2009-5-28 434176]
S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [2011-12-15 24416]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;"c:\program files\roxio creator 2009\digital home 11\roxioupnprenderer11.exe" --> c:\program files\roxio creator 2009\digital home 11\RoxioUPnPRenderer11.exe [?]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 xcbdaNtsc;ViXS Tuner Card (NTSC);c:\windows\system32\drivers\xcbda.sys [2007-12-6 156672]
.
=============== Created Last 30 ================
.
2011-12-15 17:13:03 476904 ----a-w- c:\program files\mozilla firefox\plugins\RENF2B6.tmp
2011-12-15 16:25:47 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e299d165-9ecc-4dba-aac0-7e6ad477c9f3}\MpKslcf1e95b8.sys
2011-12-15 16:25:37 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e299d165-9ecc-4dba-aac0-7e6ad477c9f3}\offreg.dll
2011-12-15 16:12:17 24416 ----a-w- c:\windows\system32\drivers\regguard.sys
2011-12-15 16:07:06 39192 ----a-w- c:\windows\system32\Partizan.exe
2011-12-15 16:07:06 35816 ----a-w- c:\windows\system32\drivers\Partizan.sys
2011-12-15 16:07:04 2 --shatr- c:\windows\winstart.bat
2011-12-15 16:06:42 12800 ----a-w- c:\windows\system32\drivers\UnHackMeDrv.sys
2011-12-15 16:06:28 -------- d-----w- c:\program files\UnHackMe
2011-12-15 05:46:14 703824 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll
2011-12-15 05:46:14 703824 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a44a5309-3e28-4cae-a38a-ab874cdbad24}\gapaengine.dll
2011-12-15 05:45:53 6823496 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e299d165-9ecc-4dba-aac0-7e6ad477c9f3}\mpengine.dll
2011-12-15 05:41:54 -------- d-----w- c:\program files\Microsoft Security Client
2011-12-15 03:09:51 -------- d-----w- c:\users\marco\appdata\local\ElevatedDiagnostics
2011-12-15 03:07:11 -------- d-----w- c:\programdata\ErrorEND
2011-12-15 03:07:05 -------- d-----w- c:\program files\ErrorEND
2011-12-14 05:59:45 98816 ----a-w- c:\windows\sed.exe
2011-12-14 05:59:45 518144 ----a-w- c:\windows\SWREG.exe
2011-12-14 05:59:45 256000 ----a-w- c:\windows\PEV.exe
2011-12-14 05:59:45 208896 ----a-w- c:\windows\MBR.exe
2011-12-14 05:59:36 -------- d-s---w- C:\ComboFix
2011-12-13 19:55:38 -------- d-----w- c:\programdata\Symantec
2011-12-10 19:05:34 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-12-10 19:05:33 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-12-10 19:05:32 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-12-08 16:51:09 466944 ----a-w- c:\program files\mozilla firefox\plugins\NPcol400.dll
2011-12-08 16:51:08 -------- d-----w- c:\users\marco\appdata\roaming\Catalina Marketing Corp
2011-12-08 16:51:06 485576 ----a-w- c:\users\marco\appdata\roaming\microsoft\windows\start menu\programs\catalina marketing corp\UninstallCouponActivator.exe
2011-11-17 05:03:29 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-11-17 05:03:28 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-17 05:03:27 707584 ----a-w- c:\program files\common files\system\wab32.dll
.
==================== Find3M ====================
.
2011-12-15 17:12:55 472808 ----a-w- c:\windows\system32\deployJava1.dll
2002-07-26 21:02:06 153088 ----a-w- c:\program files\UNWISE.EXE
.
============= FINISH: 13:34:58.22 ===============


xXxXxXxXxXxXxXxXxXxXxX-- Below is the GMER log --XxXxXxXxXxXxXxXxXxXxXx


Tried running GMER in normal mode and Safe mode and all 4 times it would give me the blue screen and reboot the PC.

Attached Files


Edited by quaddro21, 15 December 2011 - 03:40 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:42 AM

Posted 18 December 2011 - 03:50 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 quaddro21

quaddro21
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 19 December 2011 - 11:28 AM

Thank you for the assistance:

I deleted AVG from my PC and disabled MSE and then ran ComboFix and while the instructions said it would take 10 minutes, it never finished. I left it on all night (7 hours) and still did not finish.

Any other tips to help with my issue. It actually seems that the rate at which the re-directs were happening has cut down, but still happening occasionally.

Thanks.

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:42 AM

Posted 19 December 2011 - 02:44 PM

Hello

Ok lets try this, I want you to run combofix in safe mode but it is very important that when combofix reboots the computer for you to direct it back into safe mode so it can finish the scan.

Boot into Safe Mode

Reboot your computer in Safe Mode.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.

after combofix has finished its scan please post the report back here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:42 AM

Posted 22 December 2011 - 12:47 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 quaddro21

quaddro21
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 22 December 2011 - 08:16 AM

Ive tried the last 2 days to run ComboFix even in Safe Mode and it never completes.

When I start it, I get the warning that AVG is running, but its not, I deleted it off my system.

Im still getting the redirects, but the TCP/IP Ping Command hasnt happened in a few days.

Any other suggestions?

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:42 AM

Posted 22 December 2011 - 02:38 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 quaddro21

quaddro21
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 23 December 2011 - 01:17 AM

01:14:04.0938 1548 TDSS rootkit removing tool 2.6.24.0 Dec 22 2011 18:21:27
01:14:05.0233 1548 ============================================================
01:14:05.0233 1548 Current date / time: 2011/12/23 01:14:05.0233
01:14:05.0233 1548 SystemInfo:
01:14:05.0233 1548
01:14:05.0233 1548 OS Version: 6.0.6002 ServicePack: 2.0
01:14:05.0233 1548 Product type: Workstation
01:14:05.0233 1548 ComputerName: MARCO-PC
01:14:05.0233 1548 UserName: Marco
01:14:05.0233 1548 Windows directory: C:\Windows
01:14:05.0233 1548 System windows directory: C:\Windows
01:14:05.0233 1548 Processor architecture: Intel x86
01:14:05.0233 1548 Number of processors: 4
01:14:05.0233 1548 Page size: 0x1000
01:14:05.0233 1548 Boot type: Normal boot
01:14:05.0233 1548 ============================================================
01:14:37.0815 1548 Initialize success
01:14:45.0086 4112 ============================================================
01:14:45.0086 4112 Scan started
01:14:45.0086 4112 Mode: Manual;
01:14:45.0086 4112 ============================================================
01:14:46.0768 4112 19329471 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\Windows\system32\DRIVERS\19329471.sys
01:14:46.0770 4112 19329471 - ok
01:14:46.0817 4112 19329472 (a305fad3719c5db0c13d1c2bfd08a04d) C:\Windows\system32\DRIVERS\19329472.sys
01:14:46.0818 4112 19329472 - ok
01:14:46.0853 4112 84126871 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\Windows\system32\DRIVERS\84126871.sys
01:14:46.0855 4112 84126871 - ok
01:14:46.0864 4112 84126872 (a305fad3719c5db0c13d1c2bfd08a04d) C:\Windows\system32\DRIVERS\84126872.sys
01:14:46.0866 4112 84126872 - ok
01:14:46.0920 4112 ac97intc (4b56caafed0b0b996341d74ce0e76565) C:\Windows\system32\drivers\ac97intc.sys
01:14:46.0923 4112 ac97intc - ok
01:14:46.0995 4112 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
01:14:47.0000 4112 ACPI - ok
01:14:47.0038 4112 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
01:14:47.0046 4112 adp94xx - ok
01:14:47.0072 4112 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
01:14:47.0077 4112 adpahci - ok
01:14:47.0101 4112 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
01:14:47.0104 4112 adpu160m - ok
01:14:47.0130 4112 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
01:14:47.0133 4112 adpu320 - ok
01:14:47.0187 4112 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
01:14:47.0188 4112 Afc - ok
01:14:47.0222 4112 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
01:14:47.0227 4112 AFD - ok
01:14:47.0251 4112 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
01:14:47.0253 4112 agp440 - ok
01:14:47.0316 4112 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
01:14:47.0318 4112 aic78xx - ok
01:14:47.0370 4112 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
01:14:47.0371 4112 aliide - ok
01:14:47.0389 4112 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
01:14:47.0396 4112 amdagp - ok
01:14:47.0413 4112 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
01:14:47.0415 4112 amdide - ok
01:14:47.0445 4112 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
01:14:47.0447 4112 AmdK7 - ok
01:14:47.0462 4112 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
01:14:47.0464 4112 AmdK8 - ok
01:14:47.0516 4112 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
01:14:47.0518 4112 arc - ok
01:14:47.0542 4112 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
01:14:47.0544 4112 arcsas - ok
01:14:47.0585 4112 ASPI (e54e27976e2c5a6465d44c10b1d87ac0) C:\Windows\System32\DRIVERS\ASPI32.sys
01:14:47.0610 4112 ASPI - ok
01:14:47.0647 4112 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
01:14:47.0648 4112 AsyncMac - ok
01:14:47.0666 4112 atapi (4f4fcb8b6ea06784fb6d475b7ec7300f) C:\Windows\system32\drivers\atapi.sys
01:14:47.0668 4112 atapi - ok
01:14:47.0727 4112 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
01:14:47.0735 4112 BCM43XV - ok
01:14:47.0771 4112 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
01:14:47.0773 4112 bcm4sbxp - ok
01:14:47.0797 4112 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
01:14:47.0799 4112 Beep - ok
01:14:47.0809 4112 blbdrive - ok
01:14:47.0836 4112 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
01:14:47.0838 4112 bowser - ok
01:14:47.0855 4112 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
01:14:47.0856 4112 BrFiltLo - ok
01:14:47.0875 4112 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
01:14:47.0876 4112 BrFiltUp - ok
01:14:47.0910 4112 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
01:14:47.0912 4112 Brserid - ok
01:14:47.0940 4112 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
01:14:47.0942 4112 BrSerWdm - ok
01:14:47.0966 4112 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
01:14:47.0967 4112 BrUsbMdm - ok
01:14:47.0979 4112 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
01:14:47.0980 4112 BrUsbSer - ok
01:14:48.0000 4112 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
01:14:48.0001 4112 BTHMODEM - ok
01:14:48.0065 4112 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
01:14:48.0067 4112 BVRPMPR5 - ok
01:14:48.0153 4112 catchme - ok
01:14:48.0191 4112 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
01:14:48.0193 4112 cdfs - ok
01:14:48.0244 4112 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
01:14:48.0246 4112 cdrom - ok
01:14:48.0267 4112 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
01:14:48.0267 4112 circlass - ok
01:14:48.0331 4112 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
01:14:48.0335 4112 CLFS - ok
01:14:48.0375 4112 CmBatt (0fed59edb4a83ff17f1778827b88ab1a) C:\Windows\system32\DRIVERS\CmBatt.sys
01:14:48.0376 4112 CmBatt - ok
01:14:48.0397 4112 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
01:14:48.0398 4112 cmdide - ok
01:14:48.0420 4112 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
01:14:48.0421 4112 Compbatt - ok
01:14:48.0464 4112 CO_Mon (740b36b2c45acc11b1085c2b27e42c1b) C:\Windows\system32\Drivers\CO_Mon.sys
01:14:48.0465 4112 CO_Mon - ok
01:14:48.0475 4112 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
01:14:48.0475 4112 crcdisk - ok
01:14:48.0489 4112 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
01:14:48.0490 4112 Crusoe - ok
01:14:48.0532 4112 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
01:14:48.0535 4112 DfsC - ok
01:14:48.0613 4112 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
01:14:48.0615 4112 disk - ok
01:14:48.0687 4112 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
01:14:48.0690 4112 Dot4 - ok
01:14:48.0709 4112 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
01:14:48.0710 4112 Dot4Print - ok
01:14:48.0725 4112 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
01:14:48.0726 4112 dot4usb - ok
01:14:48.0766 4112 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
01:14:48.0767 4112 drmkaud - ok
01:14:48.0793 4112 dsNcAdpt - ok
01:14:48.0839 4112 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
01:14:48.0855 4112 DXGKrnl - ok
01:14:48.0895 4112 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
01:14:48.0899 4112 e1express - ok
01:14:48.0937 4112 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
01:14:48.0939 4112 E1G60 - ok
01:14:49.0015 4112 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
01:14:49.0017 4112 Ecache - ok
01:14:49.0057 4112 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
01:14:49.0063 4112 elxstor - ok
01:14:49.0119 4112 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
01:14:49.0122 4112 exfat - ok
01:14:49.0177 4112 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
01:14:49.0180 4112 fastfat - ok
01:14:49.0203 4112 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
01:14:49.0205 4112 fdc - ok
01:14:49.0238 4112 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
01:14:49.0240 4112 FileInfo - ok
01:14:49.0267 4112 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
01:14:49.0269 4112 Filetrace - ok
01:14:49.0290 4112 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
01:14:49.0291 4112 flpydisk - ok
01:14:49.0340 4112 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
01:14:49.0344 4112 FltMgr - ok
01:14:49.0371 4112 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
01:14:49.0373 4112 Fs_Rec - ok
01:14:49.0392 4112 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
01:14:49.0394 4112 gagp30kx - ok
01:14:49.0443 4112 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
01:14:49.0444 4112 GEARAspiWDM - ok
01:14:49.0476 4112 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
01:14:49.0478 4112 giveio - ok
01:14:49.0611 4112 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
01:14:49.0616 4112 HdAudAddService - ok
01:14:49.0680 4112 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
01:14:49.0698 4112 HDAudBus - ok
01:14:49.0722 4112 HECI (cc2c8c23417cc7ddf5eddb17e60a14db) C:\Windows\system32\DRIVERS\HECI.sys
01:14:49.0723 4112 HECI - ok
01:14:49.0745 4112 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
01:14:49.0746 4112 HidBth - ok
01:14:49.0768 4112 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
01:14:49.0770 4112 HidIr - ok
01:14:49.0834 4112 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
01:14:49.0835 4112 HidUsb - ok
01:14:49.0867 4112 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
01:14:49.0868 4112 HpCISSs - ok
01:14:49.0932 4112 HSF_DPV (efed6bd9b9d5f407adca918bbe2d410d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
01:14:49.0958 4112 HSF_DPV - ok
01:14:49.0989 4112 HSXHWBS3 (d26586a57c703d30c658d715262e2418) C:\Windows\system32\DRIVERS\HSXHWBS3.sys
01:14:49.0993 4112 HSXHWBS3 - ok
01:14:50.0049 4112 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
01:14:50.0056 4112 HTTP - ok
01:14:50.0084 4112 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
01:14:50.0085 4112 i2omp - ok
01:14:50.0125 4112 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
01:14:50.0127 4112 i8042prt - ok
01:14:50.0174 4112 ialm (8318e04a6455ced1020bcc5039b62cfa) C:\Windows\system32\DRIVERS\ialmnt5.sys
01:14:50.0199 4112 ialm - ok
01:14:50.0229 4112 iaStor (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys
01:14:50.0232 4112 iaStor - ok
01:14:50.0266 4112 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
01:14:50.0270 4112 iaStorV - ok
01:14:50.0296 4112 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
01:14:50.0298 4112 iirsp - ok
01:14:50.0340 4112 IntelDH (b7a420e4b137176234272d5ca9d51a49) C:\Windows\system32\Drivers\IntelDH.sys
01:14:50.0341 4112 IntelDH - ok
01:14:50.0366 4112 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
01:14:50.0368 4112 intelide - ok
01:14:50.0394 4112 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
01:14:50.0396 4112 intelppm - ok
01:14:50.0427 4112 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:14:50.0428 4112 IpFilterDriver - ok
01:14:50.0437 4112 IpInIp - ok
01:14:50.0462 4112 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
01:14:50.0464 4112 IPMIDRV - ok
01:14:50.0496 4112 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
01:14:50.0498 4112 IPNAT - ok
01:14:50.0547 4112 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
01:14:50.0548 4112 IRENUM - ok
01:14:50.0586 4112 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
01:14:50.0588 4112 isapnp - ok
01:14:50.0634 4112 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
01:14:50.0637 4112 iScsiPrt - ok
01:14:50.0654 4112 iteatapi (6944a9ddabb124bde6ba3ca5430b0398) C:\Windows\system32\drivers\iteatapi.sys
01:14:50.0655 4112 iteatapi - ok
01:14:50.0689 4112 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
01:14:50.0690 4112 iteraid - ok
01:14:50.0700 4112 ivusb - ok
01:14:50.0746 4112 Kaspersky Virus Removal Installdrv (64d93ec1218765498c40619427a85a91) C:\Windows\system32\DRIVERS\8412687.sys
01:14:50.0753 4112 Kaspersky Virus Removal Installdrv - ok
01:14:50.0781 4112 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
01:14:50.0783 4112 kbdclass - ok
01:14:50.0808 4112 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
01:14:50.0810 4112 kbdhid - ok
01:14:50.0879 4112 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
01:14:50.0885 4112 KSecDD - ok
01:14:50.0911 4112 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
01:14:50.0913 4112 lltdio - ok
01:14:50.0943 4112 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
01:14:50.0946 4112 LSI_FC - ok
01:14:50.0968 4112 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
01:14:50.0970 4112 LSI_SAS - ok
01:14:50.0988 4112 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
01:14:50.0990 4112 LSI_SCSI - ok
01:14:51.0015 4112 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
01:14:51.0017 4112 luafv - ok
01:14:51.0053 4112 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
01:14:51.0057 4112 MarvinBus - ok
01:14:51.0093 4112 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
01:14:51.0093 4112 MBAMProtector - ok
01:14:51.0183 4112 mbmiodrvr (290fb01f7f51eff0960599404a09f8d6) C:\Windows\system32\mbmiodrvr.sys
01:14:51.0186 4112 mbmiodrvr - ok
01:14:51.0210 4112 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
01:14:51.0212 4112 mdmxsdk - ok
01:14:51.0243 4112 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
01:14:51.0244 4112 megasas - ok
01:14:51.0273 4112 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
01:14:51.0274 4112 Modem - ok
01:14:51.0322 4112 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
01:14:51.0324 4112 monitor - ok
01:14:51.0342 4112 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
01:14:51.0343 4112 mouclass - ok
01:14:51.0368 4112 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
01:14:51.0369 4112 mouhid - ok
01:14:51.0397 4112 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
01:14:51.0399 4112 MountMgr - ok
01:14:51.0426 4112 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
01:14:51.0429 4112 MpFilter - ok
01:14:51.0459 4112 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
01:14:51.0462 4112 mpio - ok
01:14:51.0524 4112 MpKsle37ce2f4 (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D3CC70E9-8538-40ED-A921-ADD116701910}\MpKsle37ce2f4.sys
01:14:51.0525 4112 MpKsle37ce2f4 - ok
01:14:51.0550 4112 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
01:14:51.0552 4112 MpNWMon - ok
01:14:51.0572 4112 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
01:14:51.0575 4112 mpsdrv - ok
01:14:51.0601 4112 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
01:14:51.0603 4112 Mraid35x - ok
01:14:51.0634 4112 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
01:14:51.0637 4112 MRxDAV - ok
01:14:51.0675 4112 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:14:51.0679 4112 mrxsmb10 - ok
01:14:51.0704 4112 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:14:51.0707 4112 mrxsmb20 - ok
01:14:51.0731 4112 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
01:14:51.0733 4112 msahci - ok
01:14:51.0754 4112 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
01:14:51.0756 4112 msdsm - ok
01:14:51.0792 4112 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
01:14:51.0793 4112 Msfs - ok
01:14:51.0827 4112 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
01:14:51.0829 4112 msisadrv - ok
01:14:51.0866 4112 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
01:14:51.0867 4112 MSKSSRV - ok
01:14:51.0907 4112 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
01:14:51.0908 4112 MSPCLOCK - ok
01:14:51.0924 4112 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
01:14:51.0924 4112 MSPQM - ok
01:14:51.0982 4112 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
01:14:51.0986 4112 MsRPC - ok
01:14:51.0998 4112 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
01:14:51.0999 4112 mssmbios - ok
01:14:52.0024 4112 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
01:14:52.0026 4112 MSTEE - ok
01:14:52.0082 4112 MTDVC2 (cd3c06f56104bac9268587bf1c25a84c) C:\Windows\system32\DRIVERS\mtdv2ku2.sys
01:14:52.0084 4112 MTDVC2 - ok
01:14:52.0108 4112 MTDVC2_ENUM (a25b4cec85388f2e88567b4d629aa6e4) C:\Windows\system32\DRIVERS\mtdv2ks2.sys
01:14:52.0110 4112 MTDVC2_ENUM - ok
01:14:52.0141 4112 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
01:14:52.0142 4112 Mup - ok
01:14:52.0219 4112 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
01:14:52.0223 4112 NativeWifiP - ok
01:14:52.0247 4112 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
01:14:52.0262 4112 NDIS - ok
01:14:52.0296 4112 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
01:14:52.0298 4112 NdisTapi - ok
01:14:52.0326 4112 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
01:14:52.0327 4112 Ndisuio - ok
01:14:52.0381 4112 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
01:14:52.0384 4112 NdisWan - ok
01:14:52.0406 4112 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
01:14:52.0408 4112 NDProxy - ok
01:14:52.0447 4112 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
01:14:52.0448 4112 NetBIOS - ok
01:14:52.0503 4112 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
01:14:52.0506 4112 netbt - ok
01:14:52.0590 4112 NETw2v32 (6e9edc1020b319e7676387b8cdf2398c) C:\Windows\system32\DRIVERS\NETw2v32.sys
01:14:52.0641 4112 NETw2v32 - ok
01:14:52.0665 4112 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
01:14:52.0666 4112 nfrd960 - ok
01:14:52.0697 4112 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
01:14:52.0699 4112 NisDrv - ok
01:14:52.0737 4112 nmsunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\nmsunidr.sys
01:14:52.0738 4112 nmsunidr - ok
01:14:52.0791 4112 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
01:14:52.0793 4112 Npfs - ok
01:14:52.0809 4112 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
01:14:52.0811 4112 nsiproxy - ok
01:14:52.0888 4112 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
01:14:52.0912 4112 Ntfs - ok
01:14:52.0951 4112 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
01:14:52.0957 4112 ntrigdigi - ok
01:14:52.0974 4112 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
01:14:52.0976 4112 Null - ok
01:14:53.0191 4112 nvlddmkm (847b1755f7757f825305a1ffe6dac3e9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:14:53.0373 4112 nvlddmkm - ok
01:14:53.0398 4112 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
01:14:53.0401 4112 nvraid - ok
01:14:53.0424 4112 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
01:14:53.0425 4112 nvstor - ok
01:14:53.0473 4112 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
01:14:53.0476 4112 nv_agp - ok
01:14:53.0486 4112 NwlnkFlt - ok
01:14:53.0496 4112 NwlnkFwd - ok
01:14:53.0570 4112 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
01:14:53.0572 4112 ohci1394 - ok
01:14:53.0602 4112 oodrvled (56978dd4ed5c98e10c551d81470e067d) C:\Windows\system32\DRIVERS\oodrvled.sys
01:14:53.0604 4112 oodrvled - ok
01:14:53.0637 4112 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
01:14:53.0640 4112 Parport - ok
01:14:53.0664 4112 Partizan - ok
01:14:53.0723 4112 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
01:14:53.0725 4112 partmgr - ok
01:14:53.0749 4112 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
01:14:53.0750 4112 Parvdm - ok
01:14:53.0787 4112 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
01:14:53.0790 4112 pci - ok
01:14:53.0815 4112 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
01:14:53.0817 4112 pciide - ok
01:14:53.0865 4112 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
01:14:53.0868 4112 pcmcia - ok
01:14:53.0935 4112 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
01:14:53.0936 4112 pcouffin - ok
01:14:53.0977 4112 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
01:14:54.0002 4112 PEAUTH - ok
01:14:54.0054 4112 PinnacleMarvinAVS (c463f4e36e7a90bed38483939adab014) C:\Windows\system32\DRIVERS\MarvinAVS.sys
01:14:54.0062 4112 PinnacleMarvinAVS - ok
01:14:54.0122 4112 PinnacleMarvinUsb (33f059df48cfa585d0292017546f3bfb) C:\Windows\system32\DRIVERS\MarvinUsb.sys
01:14:54.0128 4112 PinnacleMarvinUsb - ok
01:14:54.0180 4112 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
01:14:54.0182 4112 PptpMiniport - ok
01:14:54.0209 4112 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
01:14:54.0210 4112 Processor - ok
01:14:54.0260 4112 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
01:14:54.0263 4112 PSched - ok
01:14:54.0307 4112 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
01:14:54.0332 4112 ql2300 - ok
01:14:54.0360 4112 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
01:14:54.0363 4112 ql40xx - ok
01:14:54.0402 4112 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
01:14:54.0404 4112 QWAVEdrv - ok
01:14:54.0425 4112 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
01:14:54.0427 4112 RasAcd - ok
01:14:54.0449 4112 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:14:54.0451 4112 Rasl2tp - ok
01:14:54.0502 4112 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
01:14:54.0503 4112 RasPppoe - ok
01:14:54.0558 4112 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
01:14:54.0561 4112 RasSstp - ok
01:14:54.0613 4112 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
01:14:54.0618 4112 rdbss - ok
01:14:54.0638 4112 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:14:54.0640 4112 RDPCDD - ok
01:14:54.0667 4112 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
01:14:54.0671 4112 rdpdr - ok
01:14:54.0682 4112 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
01:14:54.0683 4112 RDPENCDD - ok
01:14:54.0734 4112 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
01:14:54.0738 4112 RDPWD - ok
01:14:54.0779 4112 RegGuard (37ecebdd930395a9c399fb18a3c236d3) C:\Windows\system32\Drivers\regguard.sys
01:14:54.0838 4112 RegGuard - ok
01:14:54.0871 4112 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
01:14:54.0873 4112 rspndr - ok
01:14:54.0899 4112 RTSTOR (59b8716084597c9d6d7165835c8479c1) C:\Windows\system32\drivers\RTSTOR.SYS
01:14:54.0899 4112 RTSTOR - ok
01:14:54.0952 4112 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
01:14:54.0953 4112 SASDIFSV - ok
01:14:54.0979 4112 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
01:14:54.0981 4112 SASKUTIL - ok
01:14:55.0007 4112 sbp2port (37ca203f8ccf732cd272a27e55b268c4) C:\Windows\system32\DRIVERS\sbp2port.sys
01:14:55.0010 4112 sbp2port - ok
01:14:55.0057 4112 SCDEmu (11d4171bd7f6776a85553ca1f83f7303) C:\Windows\system32\drivers\SCDEmu.sys
01:14:55.0058 4112 SCDEmu - ok
01:14:55.0102 4112 sdbus (4339a2585708c7d9b0c0ce5aad3dd6ff) C:\Windows\system32\DRIVERS\sdbus.sys
01:14:55.0104 4112 sdbus - ok
01:14:55.0141 4112 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
01:14:55.0142 4112 secdrv - ok
01:14:55.0166 4112 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
01:14:55.0168 4112 Serenum - ok
01:14:55.0182 4112 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
01:14:55.0184 4112 Serial - ok
01:14:55.0226 4112 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
01:14:55.0228 4112 sermouse - ok
01:14:55.0274 4112 setup_9.0.0.722_02.06.2011_04-41drv (64d93ec1218765498c40619427a85a91) C:\Windows\system32\DRIVERS\1932947.sys
01:14:55.0278 4112 setup_9.0.0.722_02.06.2011_04-41drv - ok
01:14:55.0307 4112 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
01:14:55.0308 4112 sffdisk - ok
01:14:55.0326 4112 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
01:14:55.0328 4112 sffp_mmc - ok
01:14:55.0341 4112 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
01:14:55.0343 4112 sffp_sd - ok
01:14:55.0361 4112 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
01:14:55.0362 4112 sfloppy - ok
01:14:55.0386 4112 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
01:14:55.0388 4112 sisagp - ok
01:14:55.0409 4112 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
01:14:55.0411 4112 SiSRaid2 - ok
01:14:55.0437 4112 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
01:14:55.0439 4112 SiSRaid4 - ok
01:14:55.0488 4112 snapman (68fc62a72bd6d8e9dfe3718440be94a0) C:\Windows\system32\DRIVERS\snapman.sys
01:14:55.0491 4112 snapman - ok
01:14:55.0521 4112 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) C:\Windows\system32\speedfan.sys
01:14:55.0524 4112 speedfan - ok
01:14:55.0544 4112 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
01:14:55.0546 4112 spldr - ok
01:14:55.0581 4112 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
01:14:55.0587 4112 srv - ok
01:14:55.0619 4112 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
01:14:55.0622 4112 srv2 - ok
01:14:55.0635 4112 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
01:14:55.0638 4112 srvnet - ok
01:14:55.0667 4112 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
01:14:55.0669 4112 sscdbus - ok
01:14:55.0717 4112 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
01:14:55.0718 4112 sscdmdfl - ok
01:14:55.0742 4112 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
01:14:55.0744 4112 sscdmdm - ok
01:14:55.0789 4112 sscdserd (751e66eb32efa80633b80f5d7ff0a1d8) C:\Windows\system32\DRIVERS\sscdserd.sys
01:14:55.0792 4112 sscdserd - ok
01:14:55.0816 4112 STHDA - ok
01:14:55.0870 4112 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
01:14:55.0872 4112 swenum - ok
01:14:55.0910 4112 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
01:14:55.0911 4112 Symc8xx - ok
01:14:55.0952 4112 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
01:14:55.0954 4112 Sym_hi - ok
01:14:55.0989 4112 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
01:14:55.0991 4112 Sym_u3 - ok
01:14:56.0044 4112 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
01:14:56.0070 4112 Tcpip - ok
01:14:56.0095 4112 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
01:14:56.0101 4112 Tcpip6 - ok
01:14:56.0153 4112 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
01:14:56.0155 4112 tcpipreg - ok
01:14:56.0178 4112 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
01:14:56.0180 4112 TDPIPE - ok
01:14:56.0235 4112 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\Windows\system32\DRIVERS\tdrpman.sys
01:14:56.0241 4112 tdrpman - ok
01:14:56.0265 4112 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
01:14:56.0267 4112 TDTCP - ok
01:14:56.0314 4112 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
01:14:56.0317 4112 tdx - ok
01:14:56.0366 4112 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
01:14:56.0368 4112 TermDD - ok
01:14:56.0421 4112 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\Windows\system32\DRIVERS\tifsfilt.sys
01:14:56.0423 4112 tifsfilter - ok
01:14:56.0468 4112 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\Windows\system32\DRIVERS\timntr.sys
01:14:56.0475 4112 timounter - ok
01:14:56.0542 4112 TSHWMDTCP (de8829c9da8fa4eda99948f1b78da80a) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
01:14:56.0561 4112 TSHWMDTCP - ok
01:14:56.0579 4112 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:14:56.0581 4112 tssecsrv - ok
01:14:56.0620 4112 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
01:14:56.0622 4112 tunmp - ok
01:14:56.0650 4112 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
01:14:56.0651 4112 tunnel - ok
01:14:56.0679 4112 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\Windows\system32\DRIVERS\TVICHW32.SYS
01:14:56.0680 4112 TVICHW32 - ok
01:14:56.0717 4112 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
01:14:56.0719 4112 uagp35 - ok
01:14:56.0769 4112 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
01:14:56.0774 4112 udfs - ok
01:14:56.0814 4112 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
01:14:56.0815 4112 uliagpkx - ok
01:14:56.0838 4112 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
01:14:56.0843 4112 uliahci - ok
01:14:56.0867 4112 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
01:14:56.0869 4112 UlSata - ok
01:14:56.0897 4112 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
01:14:56.0899 4112 ulsata2 - ok
01:14:56.0939 4112 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
01:14:56.0941 4112 umbus - ok
01:14:56.0994 4112 UnlockerDriver5 (4847639d852763ee39415c929470f672) C:\Program Files\Unlocker\UnlockerDriver5.sys
01:14:56.0995 4112 UnlockerDriver5 - ok
01:14:57.0029 4112 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
01:14:57.0031 4112 USBAAPL - ok
01:14:57.0079 4112 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
01:14:57.0081 4112 usbaudio - ok
01:14:57.0114 4112 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
01:14:57.0117 4112 usbccgp - ok
01:14:57.0137 4112 usbcir (47b9770ea21436de4ad5aea7926e0900) C:\Windows\system32\DRIVERS\usbcir.sys
01:14:57.0139 4112 usbcir - ok
01:14:57.0165 4112 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
01:14:57.0168 4112 usbehci - ok
01:14:57.0222 4112 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
01:14:57.0227 4112 usbhub - ok
01:14:57.0243 4112 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
01:14:57.0243 4112 usbohci - ok
01:14:57.0266 4112 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
01:14:57.0267 4112 usbprint - ok
01:14:57.0299 4112 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
01:14:57.0301 4112 usbscan - ok
01:14:57.0322 4112 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:14:57.0324 4112 USBSTOR - ok
01:14:57.0341 4112 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
01:14:57.0343 4112 usbuhci - ok
01:14:57.0376 4112 utm3njex - ok
01:14:57.0415 4112 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
01:14:57.0417 4112 vga - ok
01:14:57.0453 4112 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
01:14:57.0455 4112 VgaSave - ok
01:14:57.0477 4112 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
01:14:57.0479 4112 viaagp - ok
01:14:57.0497 4112 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
01:14:57.0499 4112 ViaC7 - ok
01:14:57.0523 4112 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
01:14:57.0524 4112 viaide - ok
01:14:57.0547 4112 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
01:14:57.0549 4112 volmgr - ok
01:14:57.0604 4112 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
01:14:57.0610 4112 volmgrx - ok
01:14:57.0662 4112 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
01:14:57.0666 4112 volsnap - ok
01:14:57.0695 4112 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
01:14:57.0697 4112 vsmraid - ok
01:14:57.0728 4112 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
01:14:57.0729 4112 WacomPen - ok
01:14:57.0760 4112 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
01:14:57.0762 4112 Wanarp - ok
01:14:57.0766 4112 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
01:14:57.0767 4112 Wanarpv6 - ok
01:14:57.0791 4112 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
01:14:57.0793 4112 wanatw - ok
01:14:57.0815 4112 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
01:14:57.0817 4112 Wd - ok
01:14:57.0838 4112 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
01:14:57.0840 4112 WDC_SAM - ok
01:14:57.0884 4112 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
01:14:57.0891 4112 Wdf01000 - ok
01:14:57.0951 4112 winachsf (d0116c473ef3c381a42bb55036a1adb1) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
01:14:57.0969 4112 winachsf - ok
01:14:58.0010 4112 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
01:14:58.0011 4112 WmiAcpi - ok
01:14:58.0088 4112 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
01:14:58.0090 4112 WpdUsb - ok
01:14:58.0116 4112 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
01:14:58.0117 4112 ws2ifsl - ok
01:14:58.0153 4112 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:14:58.0156 4112 WUDFRd - ok
01:14:58.0192 4112 XAudio (22a08b9faecd6a306868f59b7f03f188) C:\Windows\system32\DRIVERS\XAudio32.sys
01:14:58.0193 4112 XAudio - ok
01:14:58.0237 4112 xcbdaNtsc (028bffb728a2203b9fa7e4e90c531513) C:\Windows\system32\DRIVERS\xcbda.sys
01:14:58.0240 4112 xcbdaNtsc - ok
01:14:58.0268 4112 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
01:14:58.0273 4112 \Device\Harddisk0\DR0 - ok
01:14:58.0275 4112 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
01:14:58.0279 4112 \Device\Harddisk1\DR1 - ok
01:14:58.0745 4112 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk6\DR6
01:14:58.0752 4112 \Device\Harddisk6\DR6 - ok
01:14:59.0218 4112 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk7\DR7
01:14:59.0223 4112 \Device\Harddisk7\DR7 - ok
01:14:59.0227 4112 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk8\DR8
01:14:59.0232 4112 \Device\Harddisk8\DR8 - ok
01:14:59.0793 4112 MBR (0x1B8) (8ff255184f078c9c04e6a2ce66117c5c) \Device\Harddisk9\DR9
01:14:59.0799 4112 \Device\Harddisk9\DR9 - ok
01:14:59.0802 4112 Boot (0x1200) (ea0b0a0ad5ad0cabacceebc22c3c490c) \Device\Harddisk0\DR0\Partition0
01:14:59.0803 4112 \Device\Harddisk0\DR0\Partition0 - ok
01:14:59.0805 4112 Boot (0x1200) (0d08e20dfa2e57bdda8a457605ea8b38) \Device\Harddisk0\DR0\Partition1
01:14:59.0806 4112 \Device\Harddisk0\DR0\Partition1 - ok
01:14:59.0808 4112 Boot (0x1200) (29770b5287f6bfbe37c83f6a69b3fe16) \Device\Harddisk1\DR1\Partition0
01:14:59.0809 4112 \Device\Harddisk1\DR1\Partition0 - ok
01:14:59.0811 4112 Boot (0x1200) (6cfe8eca39729b0099f2c6d0ff9e2509) \Device\Harddisk1\DR1\Partition1
01:14:59.0812 4112 \Device\Harddisk1\DR1\Partition1 - ok
01:14:59.0814 4112 Boot (0x1200) (e707d246c6022f87b291c3d659a8cf1e) \Device\Harddisk1\DR1\Partition2
01:14:59.0815 4112 \Device\Harddisk1\DR1\Partition2 - ok
01:14:59.0818 4112 Boot (0x1200) (96daf14e53b318d5e840aa812deeeb31) \Device\Harddisk6\DR6\Partition0
01:14:59.0819 4112 \Device\Harddisk6\DR6\Partition0 - ok
01:14:59.0821 4112 Boot (0x1200) (7a4690538d3267439d22c6953ba3c167) \Device\Harddisk7\DR7\Partition0
01:14:59.0823 4112 \Device\Harddisk7\DR7\Partition0 - ok
01:14:59.0826 4112 Boot (0x1200) (d23fb574f19ea5971d90588d89815187) \Device\Harddisk8\DR8\Partition0
01:14:59.0827 4112 \Device\Harddisk8\DR8\Partition0 - ok
01:14:59.0829 4112 Boot (0x1200) (ffe23ad0a7a5de7f7c662acb4ad2484f) \Device\Harddisk9\DR9\Partition0
01:14:59.0831 4112 \Device\Harddisk9\DR9\Partition0 - ok
01:14:59.0831 4112 ============================================================
01:14:59.0831 4112 Scan finished
01:14:59.0831 4112 ============================================================
01:14:59.0838 5772 Detected object count: 0
01:14:59.0838 5772 Actual detected object count: 0

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:42 AM

Posted 23 December 2011 - 09:51 AM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 quaddro21

quaddro21
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 23 December 2011 - 12:11 PM

Hi Gringo - Ran this new tool and after about 30 mins, my computer got the Blue Screen and rebooted. Tried it again and got the same thing.

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:42 AM

Posted 23 December 2011 - 06:32 PM

Hello

I would like you to run this tool for me - fixTDSS

download it to your desktop and start the program

Follow the prompts and Ok any security prompts

when it is complete it will say the infection was cleared or no infection was found - let me know what it says

after it is complete I want you to restart the computer and try to rerun ASWMbr for me and send me the report

  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 quaddro21

quaddro21
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 23 December 2011 - 11:07 PM

When i ran fixTDSS, the result at the end was that "Backdoor.Tidserv" was located, but didnt mention anything bout it being cleaned.

I then ran aswMBR and was able to complete it. Log below:

aswMBR version 0.9.9.1116 Copyright© 2011 AVAST Software
Run date: 2011-12-23 21:47:03
-----------------------------
21:47:03.352 OS Version: Windows 6.0.6002 Service Pack 2
21:47:03.353 Number of processors: 4 586 0xF0B
21:47:03.354 ComputerName: MARCO-PC UserName: Marco
21:47:04.639 Initialize success
21:47:09.231 AVAST engine defs: 11122300
21:47:14.488 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:47:14.490 Disk 0 Vendor: WDC_WD50 12.0 Size: 476940MB BusType: 8
21:47:14.500 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
21:47:14.503 Disk 1 Vendor: WDC_WD20 01.0 Size: 1907729MB BusType: 8
21:47:14.516 Disk 0 MBR read successfully
21:47:14.519 Disk 0 MBR scan
21:47:14.524 Disk 0 Windows VISTA default MBR code
21:47:14.526 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 10472 MB offset 63
21:47:14.546 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 466465 MB offset 21446775
21:47:14.560 Disk 0 scanning sectors +976768065
21:47:14.624 Disk 0 scanning C:\Windows\system32\drivers
21:47:35.922 Service scanning
21:47:36.585 Service MpKsl62a77164 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D3CC70E9-8538-40ED-A921-ADD116701910}\MpKsl62a77164.sys **LOCKED** 32
21:47:36.590 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
21:47:37.249 Modules scanning
21:47:54.025 Disk 0 trace - called modules:
21:47:54.068 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:47:54.073 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x886fe500]
21:47:54.078 3 CLASSPNP.SYS[8bdb38b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85f7d028]
21:47:55.375 AVAST engine scan C:\Windows
21:48:06.782 AVAST engine scan C:\Windows\system32
21:51:29.424 AVAST engine scan C:\Windows\system32\drivers
21:51:47.130 AVAST engine scan C:\Users\Marco
22:47:53.225 AVAST engine scan C:\ProgramData
22:59:22.242 Scan finished successfully
23:05:14.260 Disk 0 MBR has been saved successfully to "C:\Users\Marco\Desktop\MBR.dat"
23:05:14.265 The log file has been saved successfully to "C:\Users\Marco\Desktop\aswMBR.txt"

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:42 AM

Posted 24 December 2011 - 12:01 PM

How are things running now?

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 quaddro21

quaddro21
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 25 December 2011 - 01:46 AM

Merry Christmas and thanks again for helping.

So the redirects dont seem to be happening.

But i am still unable to run my windows update or .Net 4 Framework.

I am getting the error 0x80096001. I have tried the errorEND program, but it crashes upon loading.

Any thoughts?

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:42 AM

Posted 25 December 2011 - 01:54 AM

Lets see if we can fix windows update


please go here Fix Windows Update and click on the Fix It Button
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users