Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirects after virus removal


  • Please log in to reply
7 replies to this topic

#1 jerex

jerex

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:07 PM

Posted 12 March 2012 - 07:13 PM

Hello Bleeping Computer!

I have to first say that I am a fan of every single contributor on these forums and have been for quite some time. I have dealt with quite a few different viruses on many different computers, usually when helping friends or family members, and nearly every time I have returned to these forums and found an answer to my questions. This is, however, the first time I have posted.

I recently removed a virus which most of the vital problems were fixed, however, Internet Explorer, Google Chrome, and Mozilla Firefox are all suffering from random sporadic redirects when clicking on links. Malwarebytes shows no more infections and I have also performed some other steps that were found in similar posts found here on Bleepingcomputer.com and despite my best efforts I have exhausted my limited knowledge and am in need of some help!

Window 7 64bit

Thank you for the help!

Edited by jerex, 12 March 2012 - 07:14 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:07 AM

Posted 12 March 2012 - 07:42 PM

Hello jerex, Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?

Have you run RKill?

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jerex

jerex
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:07 PM

Posted 12 March 2012 - 10:29 PM

Thank you for responding boopme!

To answer your questions..

Yes I am on a router. I have a laptop that is also on the network and it was the initial machine that was infected. It does not see much use so I am unsure if it is redirecting or not. I was using Firefox when the problem started, since then I have reinstalled Firefox, and when the problem persisted Firefox was removed and Google Chrome is the current browser being used. Chrome is experiencing the same redirects. I have used Rkill when I was removing the initial infection.


Minitoolbox Report:


MiniToolBox by Farbar Version: 18-01-2012
Ran by Rex (administrator) on 12-03-2012 at 20:08:56
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost








































































































































































































69.72.252.254 www.google-analytics.com.
69.72.252.254 ad-emea.doubleclick.net.
69.72.252.254 www.statcounter.com.
184.95.41.155 www.google-analytics.com.
184.95.41.155 ad-emea.doubleclick.net.
184.95.41.155 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : BlackComp
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : socal.rr.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : socal.rr.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : BC-AE-C5-C0-EE-DF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c5ed:1a82:7467:aedb%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.195(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, March 11, 2012 11:39:53 AM
Lease Expires . . . . . . . . . . : Tuesday, March 13, 2012 4:39:12 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 247246533
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-2C-06-F1-BC-AE-C5-C0-EE-DF
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.socal.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : socal.rr.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:30ec:2338:b3a4:14ea(Preferred)
Link-local IPv6 Address . . . . . : fe80::30ec:2338:b3a4:14ea%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 74.125.239.9
74.125.239.14
74.125.239.0
74.125.239.1
74.125.239.2
74.125.239.3
74.125.239.4
74.125.239.5
74.125.239.6
74.125.239.7
74.125.239.8


Pinging google.com [74.125.239.14] with 32 bytes of data:
Reply from 74.125.239.14: bytes=32 time=30ms TTL=55
Reply from 74.125.239.14: bytes=32 time=12ms TTL=55

Ping statistics for 74.125.239.14:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 30ms, Average = 21ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.127.62
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=62ms TTL=52
Reply from 209.191.122.70: bytes=32 time=78ms TTL=51

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 62ms, Maximum = 78ms, Average = 70ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...bc ae c5 c0 ee df ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.195 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.195 266
192.168.0.195 255.255.255.255 On-link 192.168.0.195 266
192.168.0.255 255.255.255.255 On-link 192.168.0.195 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.195 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.195 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:4137:9e76:30ec:2338:b3a4:14ea/128
On-link
10 266 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::30ec:2338:b3a4:14ea/128
On-link
10 266 fe80::c5ed:1a82:7467:aedb/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 26 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 27 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/12/2012 05:48:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: LCore.exe, version: 1.0.57.0, time stamp: 0x4ce2f342
Faulting module name: LCDMon.dll, version: 1.0.0.0, time stamp: 0x4ce32d8a
Exception code: 0xc0000005
Fault offset: 0x0000000000030433
Faulting process id: 0xc2c
Faulting application start time: 0xLCore.exe0
Faulting application path: LCore.exe1
Faulting module path: LCore.exe2
Report Id: LCore.exe3

Error: (03/11/2012 02:09:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/11/2012 02:09:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/11/2012 11:45:59 AM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (03/10/2012 05:34:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7052

Error: (03/10/2012 05:34:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7052

Error: (03/10/2012 05:34:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/10/2012 05:34:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6053

Error: (03/10/2012 05:34:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6053

Error: (03/10/2012 05:34:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/11/2012 11:40:57 AM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/10/2012 03:32:03 AM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/09/2012 11:30:08 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (03/08/2012 11:33:58 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (03/06/2012 00:23:34 AM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/03/2012 00:16:58 AM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/03/2012 00:16:03 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (03/03/2012 00:14:57 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

Error: (03/03/2012 00:14:27 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (03/03/2012 00:14:23 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.


Microsoft Office Sessions:
=========================
Error: (03/12/2012 05:48:50 PM) (Source: Application Error)(User: )
Description: LCore.exe1.0.57.04ce2f342LCDMon.dll1.0.0.04ce32d8ac00000050000000000030433c2c01ccffb6625cc9c7C:\Program Files\Logitech Gaming Software\LCore.exeC:\Program Files\Logitech Gaming Software\plugins\LCDMon-1.00.059\LCDMon.dll4c5b28f1-6ca6-11e1-ab66-bcaec5c0eedf

Error: (03/11/2012 02:09:16 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\innovative solutions\drivermax\DPInst\ia64\dpinst.exe

Error: (03/11/2012 02:09:00 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe

Error: (03/11/2012 11:45:59 AM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: 1600000000872B0000872B0000980B0000

Error: (03/10/2012 05:34:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7052

Error: (03/10/2012 05:34:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7052

Error: (03/10/2012 05:34:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/10/2012 05:34:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6053

Error: (03/10/2012 05:34:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6053

Error: (03/10/2012 05:34:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.63)
Adobe Illustrator CS5.1 (Version: 15.1)
Adobe InDesign CS5.5 (Version: 7.5)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Advanced Combat Tracker (remove only)
AI War: Fleet Command
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2011.1205.2215.39827)
AMD Media Foundation Decoders (Version: 1.0.61205.2219)
AMD VISION Engine Control Center (Version: 2011.1205.2215.39827)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Atom Zombie Smasher
Bastion
Battlefield 3™ (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 1.104.0)
Beneath a Steel Sky
BitTorrent (Version: 7.5.0)
Bonjour (Version: 3.0.0.10)
Bunch Of Heroes
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2215.39827)
Catalyst Control Center InstallProxy (Version: 2011.1205.2215.39827)
Catalyst Control Center Localization All (Version: 2011.1205.2215.39827)
ccc-utility64 (Version: 2011.1205.2215.39827)
CCC Help Chinese Standard (Version: 2011.1205.2214.39827)
CCC Help Chinese Traditional (Version: 2011.1205.2214.39827)
CCC Help Czech (Version: 2011.1205.2214.39827)
CCC Help Danish (Version: 2011.1205.2214.39827)
CCC Help Dutch (Version: 2011.1205.2214.39827)
CCC Help English (Version: 2011.1205.2214.39827)
CCC Help Finnish (Version: 2011.1205.2214.39827)
CCC Help French (Version: 2011.1205.2214.39827)
CCC Help German (Version: 2011.1205.2214.39827)
CCC Help Greek (Version: 2011.1205.2214.39827)
CCC Help Hungarian (Version: 2011.1205.2214.39827)
CCC Help Italian (Version: 2011.1205.2214.39827)
CCC Help Japanese (Version: 2011.1205.2214.39827)
CCC Help Korean (Version: 2011.1205.2214.39827)
CCC Help Norwegian (Version: 2011.1205.2214.39827)
CCC Help Polish (Version: 2011.1205.2214.39827)
CCC Help Portuguese (Version: 2011.1205.2214.39827)
CCC Help Russian (Version: 2011.1205.2214.39827)
CCC Help Spanish (Version: 2011.1205.2214.39827)
CCC Help Swedish (Version: 2011.1205.2214.39827)
CCC Help Thai (Version: 2011.1205.2214.39827)
CCC Help Turkish (Version: 2011.1205.2214.39827)
Cogs
Crusader Kings II
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.41.3.0173)
Dawn of Discovery
Dear Esther
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Driver Sweeper 2.1.0
DriverMax 6 (Version: 6.1.0.163)
Dungeon Defenders
Dungeons of Dredmor
Epson Event Manager (Version: 2.30.01)
EPSON NX510 Series Printer Uninstall
EPSON Scan
EpsonNet Config V3 (Version: 3.5c)
EpsonNet Print (Version: 2.4j)
EpsonNet Setup (Version: 3.1c)
eReg (Version: 1.20.138.34)
ESN Sonar (Version: 0.70.0)
ESN Sonar (Version: 0.70.4)
Evil Genius
Fallout: New Vegas
Frozen Synapse
Google Chrome (Version: 17.0.963.79)
Google SketchUp 8 (Version: 3.0.4811)
iCloud (Version: 1.1.0.40)
Image to PDF Converter Free 5.0
Impulse® (Version: 3.30)
iTunes (Version: 10.6.0.40)
Java 3D 1.5.1 (x64) (Version: 1.5.1)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (64-bit) (Version: 6.0.260)
Java™ 6 Update 26 (Version: 6.0.260)
JMicron JMB36X Driver (Version: 1.00.0000)
Kingdoms of Amalur: Reckoning Demo
Logitech G930 (Version: 1.0.358)
Logitech Gaming Software 7.00 (Version: 7.00.291)
Logitech SetPoint 6.20 (Version: 6.20.64)
Magicka
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mirror's Edge
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 10.0.2 (x86 en-US) (Version: 10.0.2)
Mozilla Thunderbird 10.0.2 (x86 en-US) (Version: 10.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mumble 1.2.3 (Version: 1.2.3)
Nexus: The Jupiter Incident
NVIDIA PhysX (Version: 9.10.0129)
OpenAL
Orcs Must Die!
Origin (Version: 8.3.7.3619)
Overlord II
Pando Media Booster (Version: 2.3.5.4)
PDF Settings CS5 (Version: 10.0)
Picasa 3 (Version: 3.8)
Prince of Persia
PunkBuster Services (Version: 0.991)
Quicken 2011 (Version: 20.1.8.6)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6482)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0)
RIFT (Version: 1.0.0)
Sins of a Solar Empire
Sins of a Solar Empire (Version: 1.00.00)
StarCraft II (Version: 1.4.2.20141)
Steam (Version: 1.0.0.0)
SteelSeries USB Soundcard v1.20
Stronghold Kingdoms
Sweet Home 3D version 3.3
Sword of the Stars II
Team Fortress 2
TeamSpeak 3 Client
Terraria
The Complete Ultima VII
The Elder Scrolls V: Skyrim
The Lord of the Rings Online™ v03.03.00.8055 (Version: 03.03.00.8055)
Torchlight
TrackIR5
TurboV EVO (Version: 1.02.32)
Ubisoft Game Launcher (Version: 1.0.0.0)
Ultima Online Classic Client (Version: )
UO Auto-Map 9.0.0 (Version: 9.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Warhammer 40,000 Space Marine
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
Wurm Online 2.7.5g
X-Universe Plugin Manager 1.41 (Version: 1.41)
X3: Terran Conflict

========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 8190.18 MB
Available physical RAM: 6623.71 MB
Total Pagefile: 16378.55 MB
Available Pagefile: 13781 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.68 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:655.86 GB) NTFS

========================= Users: ========================================

User accounts for \\BLACKCOMP

Administrator ASPNET Guest
Rex


**** End of log ****



TDSSKiller Report:


20:13:46.0540 2908 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
20:13:46.0987 2908 ============================================================
20:13:46.0987 2908 Current date / time: 2012/03/12 20:13:46.0987
20:13:46.0987 2908 SystemInfo:
20:13:46.0987 2908
20:13:46.0988 2908 OS Version: 6.1.7601 ServicePack: 1.0
20:13:46.0988 2908 Product type: Workstation
20:13:46.0988 2908 ComputerName: BLACKCOMP
20:13:46.0988 2908 UserName: Rex
20:13:46.0988 2908 Windows directory: C:\Windows
20:13:46.0988 2908 System windows directory: C:\Windows
20:13:46.0988 2908 Running under WOW64
20:13:46.0988 2908 Processor architecture: Intel x64
20:13:46.0988 2908 Number of processors: 6
20:13:46.0988 2908 Page size: 0x1000
20:13:46.0988 2908 Boot type: Normal boot
20:13:46.0988 2908 ============================================================
20:13:47.0607 2908 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:13:57.0114 2908 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:13:57.0117 2908 \Device\Harddisk0\DR0:
20:13:57.0117 2908 MBR used
20:13:57.0117 2908 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:13:57.0117 2908 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
20:13:57.0117 2908 \Device\Harddisk1\DR1:
20:13:57.0118 2908 Invalid mbr signature
20:13:57.0135 2908 Initialize success
20:13:57.0135 2908 ============================================================
20:14:00.0051 3500 ============================================================
20:14:00.0051 3500 Scan started
20:14:00.0051 3500 Mode: Manual;
20:14:00.0051 3500 ============================================================
20:14:00.0545 3500 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:14:00.0546 3500 1394ohci - ok
20:14:00.0559 3500 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:14:00.0561 3500 ACPI - ok
20:14:00.0574 3500 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:14:00.0574 3500 AcpiPmi - ok
20:14:00.0606 3500 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:14:00.0608 3500 adp94xx - ok
20:14:00.0624 3500 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:14:00.0625 3500 adpahci - ok
20:14:00.0641 3500 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:14:00.0642 3500 adpu320 - ok
20:14:00.0673 3500 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:14:00.0675 3500 AFD - ok
20:14:00.0691 3500 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:14:00.0691 3500 agp440 - ok
20:14:00.0704 3500 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:14:00.0705 3500 aliide - ok
20:14:00.0746 3500 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:14:00.0746 3500 amdide - ok
20:14:00.0768 3500 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
20:14:00.0768 3500 amdiox64 - ok
20:14:00.0789 3500 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:14:00.0789 3500 AmdK8 - ok
20:14:00.0937 3500 amdkmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
20:14:00.0985 3500 amdkmdag - ok
20:14:01.0006 3500 amdkmdap (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
20:14:01.0007 3500 amdkmdap - ok
20:14:01.0028 3500 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:14:01.0029 3500 AmdPPM - ok
20:14:01.0042 3500 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:14:01.0043 3500 amdsata - ok
20:14:01.0058 3500 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:14:01.0059 3500 amdsbs - ok
20:14:01.0074 3500 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:14:01.0075 3500 amdxata - ok
20:14:01.0121 3500 AODDriver4.0 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:14:01.0121 3500 AODDriver4.0 - ok
20:14:01.0126 3500 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:14:01.0127 3500 AODDriver4.01 - ok
20:14:01.0148 3500 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:14:01.0149 3500 AppID - ok
20:14:01.0168 3500 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:14:01.0168 3500 arc - ok
20:14:01.0184 3500 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:14:01.0185 3500 arcsas - ok
20:14:01.0203 3500 AsIO - ok
20:14:01.0232 3500 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:14:01.0232 3500 AsyncMac - ok
20:14:01.0237 3500 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:14:01.0238 3500 atapi - ok
20:14:01.0269 3500 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys
20:14:01.0269 3500 AtiHDAudioService - ok
20:14:01.0284 3500 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
20:14:01.0286 3500 atksgt - ok
20:14:01.0309 3500 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:14:01.0311 3500 b06bdrv - ok
20:14:01.0321 3500 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:14:01.0322 3500 b57nd60a - ok
20:14:01.0335 3500 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:14:01.0335 3500 Beep - ok
20:14:01.0354 3500 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:14:01.0354 3500 blbdrive - ok
20:14:01.0374 3500 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:14:01.0375 3500 bowser - ok
20:14:01.0385 3500 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:14:01.0385 3500 BrFiltLo - ok
20:14:01.0396 3500 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:14:01.0396 3500 BrFiltUp - ok
20:14:01.0407 3500 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
20:14:01.0408 3500 BridgeMP - ok
20:14:01.0421 3500 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:14:01.0423 3500 Brserid - ok
20:14:01.0436 3500 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:14:01.0436 3500 BrSerWdm - ok
20:14:01.0441 3500 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:14:01.0441 3500 BrUsbMdm - ok
20:14:01.0448 3500 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:14:01.0448 3500 BrUsbSer - ok
20:14:01.0458 3500 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:14:01.0459 3500 BTHMODEM - ok
20:14:01.0464 3500 catchme - ok
20:14:01.0478 3500 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:14:01.0479 3500 cdfs - ok
20:14:01.0489 3500 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:14:01.0489 3500 cdrom - ok
20:14:01.0511 3500 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:14:01.0512 3500 circlass - ok
20:14:01.0536 3500 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:14:01.0537 3500 CLFS - ok
20:14:01.0559 3500 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:14:01.0560 3500 CmBatt - ok
20:14:01.0578 3500 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:14:01.0578 3500 cmdide - ok
20:14:01.0612 3500 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:14:01.0614 3500 CNG - ok
20:14:01.0620 3500 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:14:01.0621 3500 Compbatt - ok
20:14:01.0636 3500 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:14:01.0636 3500 CompositeBus - ok
20:14:01.0646 3500 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:14:01.0647 3500 crcdisk - ok
20:14:01.0674 3500 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
20:14:01.0676 3500 CSC - ok
20:14:01.0705 3500 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:14:01.0709 3500 DfsC - ok
20:14:01.0722 3500 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:14:01.0722 3500 discache - ok
20:14:01.0734 3500 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:14:01.0735 3500 Disk - ok
20:14:01.0762 3500 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:14:01.0763 3500 drmkaud - ok
20:14:01.0791 3500 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:14:01.0793 3500 dtsoftbus01 - ok
20:14:01.0815 3500 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:14:01.0819 3500 DXGKrnl - ok
20:14:01.0871 3500 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:14:01.0885 3500 ebdrv - ok
20:14:01.0913 3500 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:14:01.0915 3500 elxstor - ok
20:14:01.0932 3500 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:14:01.0933 3500 ErrDev - ok
20:14:01.0949 3500 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:14:01.0949 3500 exfat - ok
20:14:01.0965 3500 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:14:01.0966 3500 fastfat - ok
20:14:01.0976 3500 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:14:01.0977 3500 fdc - ok
20:14:01.0997 3500 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:14:01.0997 3500 FileInfo - ok
20:14:02.0008 3500 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:14:02.0008 3500 Filetrace - ok
20:14:02.0022 3500 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:14:02.0022 3500 flpydisk - ok
20:14:02.0044 3500 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:14:02.0046 3500 FltMgr - ok
20:14:02.0059 3500 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:14:02.0060 3500 FsDepends - ok
20:14:02.0069 3500 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:14:02.0069 3500 Fs_Rec - ok
20:14:02.0095 3500 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:14:02.0096 3500 fvevol - ok
20:14:02.0116 3500 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:14:02.0116 3500 gagp30kx - ok
20:14:02.0137 3500 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:14:02.0137 3500 GEARAspiWDM - ok
20:14:02.0152 3500 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:14:02.0153 3500 hcw85cir - ok
20:14:02.0174 3500 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:14:02.0175 3500 HdAudAddService - ok
20:14:02.0203 3500 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:14:02.0203 3500 HDAudBus - ok
20:14:02.0209 3500 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:14:02.0209 3500 HidBatt - ok
20:14:02.0221 3500 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:14:02.0221 3500 HidBth - ok
20:14:02.0235 3500 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:14:02.0236 3500 HidIr - ok
20:14:02.0256 3500 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:14:02.0256 3500 HidUsb - ok
20:14:02.0273 3500 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:14:02.0273 3500 HpSAMD - ok
20:14:02.0298 3500 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:14:02.0301 3500 HTTP - ok
20:14:02.0311 3500 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:14:02.0311 3500 hwpolicy - ok
20:14:02.0330 3500 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:14:02.0331 3500 i8042prt - ok
20:14:02.0358 3500 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:14:02.0360 3500 iaStorV - ok
20:14:02.0415 3500 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:14:02.0416 3500 iirsp - ok
20:14:02.0485 3500 IntcAzAudAddService (f2744fd54be1580be05916d1c755c92a) C:\Windows\system32\drivers\RTKVHD64.sys
20:14:02.0498 3500 IntcAzAudAddService - ok
20:14:02.0515 3500 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:14:02.0515 3500 intelide - ok
20:14:02.0525 3500 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:14:02.0526 3500 intelppm - ok
20:14:02.0550 3500 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:14:02.0550 3500 IpFilterDriver - ok
20:14:02.0581 3500 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:14:02.0582 3500 IPMIDRV - ok
20:14:02.0599 3500 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:14:02.0599 3500 IPNAT - ok
20:14:02.0623 3500 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:14:02.0624 3500 IRENUM - ok
20:14:02.0640 3500 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:14:02.0640 3500 isapnp - ok
20:14:02.0655 3500 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:14:02.0656 3500 iScsiPrt - ok
20:14:02.0672 3500 JRAID (4a8a242fda43765f4f73ecde2ba0d62a) C:\Windows\system32\DRIVERS\jraid.sys
20:14:02.0672 3500 JRAID - ok
20:14:02.0687 3500 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:14:02.0687 3500 kbdclass - ok
20:14:02.0703 3500 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:14:02.0703 3500 kbdhid - ok
20:14:02.0717 3500 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:14:02.0718 3500 KSecDD - ok
20:14:02.0752 3500 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:14:02.0752 3500 KSecPkg - ok
20:14:02.0766 3500 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:14:02.0766 3500 ksthunk - ok
20:14:02.0805 3500 LADF_BakerCOnly (914d4abec530cc4e082ebf04ac4a0d17) C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys
20:14:02.0807 3500 LADF_BakerCOnly - ok
20:14:02.0823 3500 LADF_BakerROnly (ebc7b720acb68957bcf79b1fc0959aba) C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys
20:14:02.0825 3500 LADF_BakerROnly - ok
20:14:02.0848 3500 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
20:14:02.0848 3500 LGBusEnum - ok
20:14:02.0876 3500 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
20:14:02.0877 3500 LGVirHid - ok
20:14:02.0890 3500 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:14:02.0891 3500 LHidFilt - ok
20:14:02.0926 3500 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
20:14:02.0926 3500 lirsgt - ok
20:14:02.0927 3500 Scan interrupted by user!
20:14:02.0927 3500 Scan interrupted by user!
20:14:02.0927 3500 Scan interrupted by user!
20:14:02.0927 3500 ============================================================
20:14:02.0927 3500 Scan finished
20:14:02.0927 3500 ============================================================
20:14:02.0933 2976 Detected object count: 0
20:14:02.0933 2976 Actual detected object count: 0
20:14:08.0115 5876 ============================================================
20:14:08.0115 5876 Scan started
20:14:08.0115 5876 Mode: Manual; TDLFS;
20:14:08.0115 5876 ============================================================
20:14:08.0320 5876 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:14:08.0321 5876 1394ohci - ok
20:14:08.0334 5876 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:14:08.0335 5876 ACPI - ok
20:14:08.0348 5876 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:14:08.0349 5876 AcpiPmi - ok
20:14:08.0364 5876 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:14:08.0366 5876 adp94xx - ok
20:14:08.0382 5876 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:14:08.0383 5876 adpahci - ok
20:14:08.0399 5876 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:14:08.0400 5876 adpu320 - ok
20:14:08.0431 5876 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:14:08.0433 5876 AFD - ok
20:14:08.0438 5876 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:14:08.0439 5876 agp440 - ok
20:14:08.0454 5876 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:14:08.0454 5876 aliide - ok
20:14:08.0470 5876 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:14:08.0471 5876 amdide - ok
20:14:08.0484 5876 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
20:14:08.0485 5876 amdiox64 - ok
20:14:08.0497 5876 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:14:08.0497 5876 AmdK8 - ok
20:14:08.0637 5876 amdkmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
20:14:08.0681 5876 amdkmdag - ok
20:14:08.0697 5876 amdkmdap (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
20:14:08.0698 5876 amdkmdap - ok
20:14:08.0711 5876 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:14:08.0712 5876 AmdPPM - ok
20:14:08.0725 5876 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:14:08.0726 5876 amdsata - ok
20:14:08.0740 5876 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:14:08.0741 5876 amdsbs - ok
20:14:08.0757 5876 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:14:08.0758 5876 amdxata - ok
20:14:08.0812 5876 AODDriver4.0 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:14:08.0813 5876 AODDriver4.0 - ok
20:14:08.0815 5876 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:14:08.0816 5876 AODDriver4.01 - ok
20:14:08.0831 5876 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:14:08.0832 5876 AppID - ok
20:14:08.0851 5876 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:14:08.0851 5876 arc - ok
20:14:08.0867 5876 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:14:08.0868 5876 arcsas - ok
20:14:08.0870 5876 AsIO - ok
20:14:08.0890 5876 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:14:08.0890 5876 AsyncMac - ok
20:14:08.0895 5876 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:14:08.0895 5876 atapi - ok
20:14:08.0927 5876 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys
20:14:08.0927 5876 AtiHDAudioService - ok
20:14:08.0942 5876 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
20:14:08.0944 5876 atksgt - ok
20:14:08.0957 5876 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:14:08.0959 5876 b06bdrv - ok
20:14:08.0971 5876 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:14:08.0972 5876 b57nd60a - ok
20:14:08.0984 5876 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:14:08.0985 5876 Beep - ok
20:14:08.0995 5876 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:14:08.0995 5876 blbdrive - ok
20:14:09.0016 5876 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:14:09.0016 5876 bowser - ok
20:14:09.0026 5876 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:14:09.0026 5876 BrFiltLo - ok
20:14:09.0037 5876 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:14:09.0037 5876 BrFiltUp - ok
20:14:09.0048 5876 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
20:14:09.0049 5876 BridgeMP - ok
20:14:09.0063 5876 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:14:09.0064 5876 Brserid - ok
20:14:09.0077 5876 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:14:09.0077 5876 BrSerWdm - ok
20:14:09.0082 5876 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:14:09.0083 5876 BrUsbMdm - ok
20:14:09.0089 5876 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:14:09.0089 5876 BrUsbSer - ok
20:14:09.0099 5876 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:14:09.0100 5876 BTHMODEM - ok
20:14:09.0105 5876 catchme - ok
20:14:09.0120 5876 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:14:09.0120 5876 cdfs - ok
20:14:09.0130 5876 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:14:09.0131 5876 cdrom - ok
20:14:09.0144 5876 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:14:09.0145 5876 circlass - ok
20:14:09.0169 5876 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:14:09.0170 5876 CLFS - ok
20:14:09.0192 5876 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:14:09.0193 5876 CmBatt - ok
20:14:09.0210 5876 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:14:09.0211 5876 cmdide - ok
20:14:09.0245 5876 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:14:09.0247 5876 CNG - ok
20:14:09.0253 5876 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:14:09.0253 5876 Compbatt - ok
20:14:09.0269 5876 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:14:09.0269 5876 CompositeBus - ok
20:14:09.0279 5876 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:14:09.0280 5876 crcdisk - ok
20:14:09.0307 5876 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
20:14:09.0309 5876 CSC - ok
20:14:09.0338 5876 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:14:09.0338 5876 DfsC - ok
20:14:09.0355 5876 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:14:09.0355 5876 discache - ok
20:14:09.0367 5876 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:14:09.0368 5876 Disk - ok
20:14:09.0387 5876 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:14:09.0387 5876 drmkaud - ok
20:14:09.0416 5876 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:14:09.0417 5876 dtsoftbus01 - ok
20:14:09.0440 5876 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:14:09.0444 5876 DXGKrnl - ok
20:14:09.0496 5876 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:14:09.0510 5876 ebdrv - ok
20:14:09.0524 5876 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:14:09.0526 5876 elxstor - ok
20:14:09.0540 5876 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:14:09.0541 5876 ErrDev - ok
20:14:09.0565 5876 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:14:09.0566 5876 exfat - ok
20:14:09.0582 5876 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:14:09.0583 5876 fastfat - ok
20:14:09.0593 5876 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:14:09.0593 5876 fdc - ok
20:14:09.0613 5876 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:14:09.0614 5876 FileInfo - ok
20:14:09.0624 5876 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:14:09.0624 5876 Filetrace - ok
20:14:09.0638 5876 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:14:09.0638 5876 flpydisk - ok
20:14:09.0661 5876 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:14:09.0662 5876 FltMgr - ok
20:14:09.0676 5876 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:14:09.0676 5876 FsDepends - ok
20:14:09.0685 5876 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:14:09.0685 5876 Fs_Rec - ok
20:14:09.0703 5876 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:14:09.0704 5876 fvevol - ok
20:14:09.0715 5876 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:14:09.0716 5876 gagp30kx - ok
20:14:09.0736 5876 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:14:09.0736 5876 GEARAspiWDM - ok
20:14:09.0752 5876 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:14:09.0752 5876 hcw85cir - ok
20:14:09.0765 5876 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:14:09.0766 5876 HdAudAddService - ok
20:14:09.0777 5876 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:14:09.0778 5876 HDAudBus - ok
20:14:09.0783 5876 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:14:09.0784 5876 HidBatt - ok
20:14:09.0795 5876 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:14:09.0796 5876 HidBth - ok
20:14:09.0810 5876 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:14:09.0810 5876 HidIr - ok
20:14:09.0822 5876 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:14:09.0823 5876 HidUsb - ok
20:14:09.0839 5876 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:14:09.0840 5876 HpSAMD - ok
20:14:09.0856 5876 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:14:09.0859 5876 HTTP - ok
20:14:09.0869 5876 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:14:09.0869 5876 hwpolicy - ok
20:14:09.0880 5876 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:14:09.0880 5876 i8042prt - ok
20:14:09.0950 5876 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:14:09.0951 5876 iaStorV - ok
20:14:09.0965 5876 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:14:09.0965 5876 iirsp - ok
20:14:10.0026 5876 IntcAzAudAddService (f2744fd54be1580be05916d1c755c92a) C:\Windows\system32\drivers\RTKVHD64.sys
20:14:10.0039 5876 IntcAzAudAddService - ok
20:14:10.0048 5876 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:14:10.0048 5876 intelide - ok
20:14:10.0058 5876 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:14:10.0058 5876 intelppm - ok
20:14:10.0074 5876 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:14:10.0075 5876 IpFilterDriver - ok
20:14:10.0089 5876 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:14:10.0090 5876 IPMIDRV - ok
20:14:10.0098 5876 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:14:10.0099 5876 IPNAT - ok
20:14:10.0115 5876 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:14:10.0115 5876 IRENUM - ok
20:14:10.0120 5876 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:14:10.0121 5876 isapnp - ok
20:14:10.0138 5876 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:14:10.0139 5876 iScsiPrt - ok
20:14:10.0155 5876 JRAID (4a8a242fda43765f4f73ecde2ba0d62a) C:\Windows\system32\DRIVERS\jraid.sys
20:14:10.0155 5876 JRAID - ok
20:14:10.0170 5876 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:14:10.0170 5876 kbdclass - ok
20:14:10.0177 5876 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:14:10.0178 5876 kbdhid - ok
20:14:10.0192 5876 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:14:10.0193 5876 KSecDD - ok
20:14:10.0201 5876 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:14:10.0202 5876 KSecPkg - ok
20:14:10.0216 5876 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:14:10.0216 5876 ksthunk - ok
20:14:10.0238 5876 LADF_BakerCOnly (914d4abec530cc4e082ebf04ac4a0d17) C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys
20:14:10.0240 5876 LADF_BakerCOnly - ok
20:14:10.0256 5876 LADF_BakerROnly (ebc7b720acb68957bcf79b1fc0959aba) C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys
20:14:10.0258 5876 LADF_BakerROnly - ok
20:14:10.0281 5876 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
20:14:10.0281 5876 LGBusEnum - ok
20:14:10.0309 5876 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
20:14:10.0310 5876 LGVirHid - ok
20:14:10.0323 5876 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:14:10.0324 5876 LHidFilt - ok
20:14:10.0342 5876 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
20:14:10.0342 5876 lirsgt - ok
20:14:10.0351 5876 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:14:10.0351 5876 lltdio - ok
20:14:10.0373 5876 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:14:10.0373 5876 LMouFilt - ok
20:14:10.0390 5876 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:14:10.0391 5876 LSI_FC - ok
20:14:10.0408 5876 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:14:10.0408 5876 LSI_SAS - ok
20:14:10.0419 5876 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:14:10.0419 5876 LSI_SAS2 - ok
20:14:10.0434 5876 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:14:10.0434 5876 LSI_SCSI - ok
20:14:10.0448 5876 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:14:10.0449 5876 luafv - ok
20:14:10.0456 5876 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:14:10.0456 5876 megasas - ok
20:14:10.0474 5876 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:14:10.0475 5876 MegaSR - ok
20:14:10.0497 5876 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:14:10.0497 5876 Modem - ok
20:14:10.0514 5876 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:14:10.0514 5876 monitor - ok
20:14:10.0527 5876 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:14:10.0528 5876 mouclass - ok
20:14:10.0542 5876 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:14:10.0542 5876 mouhid - ok
20:14:10.0558 5876 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:14:10.0558 5876 mountmgr - ok
20:14:10.0573 5876 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:14:10.0573 5876 mpio - ok
20:14:10.0587 5876 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:14:10.0587 5876 mpsdrv - ok
20:14:10.0612 5876 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:14:10.0613 5876 MRxDAV - ok
20:14:10.0638 5876 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:14:10.0639 5876 mrxsmb - ok
20:14:10.0664 5876 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:14:10.0665 5876 mrxsmb10 - ok
20:14:10.0675 5876 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:14:10.0675 5876 mrxsmb20 - ok
20:14:10.0712 5876 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:14:10.0712 5876 msahci - ok
20:14:10.0730 5876 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:14:10.0731 5876 msdsm - ok
20:14:10.0756 5876 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:14:10.0757 5876 Msfs - ok
20:14:10.0766 5876 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:14:10.0767 5876 mshidkmdf - ok
20:14:10.0777 5876 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:14:10.0777 5876 msisadrv - ok
20:14:10.0795 5876 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:14:10.0795 5876 MSKSSRV - ok
20:14:10.0806 5876 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:14:10.0806 5876 MSPCLOCK - ok
20:14:10.0821 5876 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:14:10.0821 5876 MSPQM - ok
20:14:10.0840 5876 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:14:10.0842 5876 MsRPC - ok
20:14:10.0855 5876 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:14:10.0855 5876 mssmbios - ok
20:14:10.0871 5876 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:14:10.0871 5876 MSTEE - ok
20:14:10.0885 5876 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:14:10.0885 5876 MTConfig - ok
20:14:10.0919 5876 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
20:14:10.0920 5876 MTsensor - ok
20:14:10.0935 5876 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:14:10.0936 5876 Mup - ok
20:14:10.0951 5876 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:14:10.0953 5876 NativeWifiP - ok
20:14:10.0973 5876 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:14:10.0977 5876 NDIS - ok
20:14:10.0991 5876 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:14:10.0992 5876 NdisCap - ok
20:14:11.0013 5876 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:14:11.0013 5876 NdisTapi - ok
20:14:11.0037 5876 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:14:11.0037 5876 Ndisuio - ok
20:14:11.0060 5876 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:14:11.0061 5876 NdisWan - ok
20:14:11.0082 5876 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:14:11.0083 5876 NDProxy - ok
20:14:11.0097 5876 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:14:11.0097 5876 NetBIOS - ok
20:14:11.0110 5876 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:14:11.0111 5876 NetBT - ok
20:14:11.0139 5876 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:14:11.0140 5876 nfrd960 - ok
20:14:11.0151 5876 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:14:11.0152 5876 Npfs - ok
20:14:11.0183 5876 npusbio (95a2ab418251a3b2a2571cde880b80d0) C:\Windows\system32\Drivers\npusbio_x64.sys
20:14:11.0184 5876 npusbio - ok
20:14:11.0199 5876 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:14:11.0200 5876 nsiproxy - ok
20:14:11.0232 5876 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:14:11.0239 5876 Ntfs - ok
20:14:11.0254 5876 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:14:11.0254 5876 Null - ok
20:14:11.0265 5876 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
20:14:11.0266 5876 nusb3hub - ok
20:14:11.0277 5876 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:14:11.0278 5876 nusb3xhc - ok
20:14:11.0306 5876 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:14:11.0307 5876 nvraid - ok
20:14:11.0330 5876 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:14:11.0331 5876 nvstor - ok
20:14:11.0347 5876 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:14:11.0347 5876 nv_agp - ok
20:14:11.0363 5876 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:14:11.0363 5876 ohci1394 - ok
20:14:11.0395 5876 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:14:11.0395 5876 Parport - ok
20:14:11.0416 5876 Partizan - ok
20:14:11.0432 5876 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:14:11.0432 5876 partmgr - ok
20:14:11.0444 5876 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:14:11.0445 5876 pci - ok
20:14:11.0452 5876 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:14:11.0452 5876 pciide - ok
20:14:11.0465 5876 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:14:11.0466 5876 pcmcia - ok
20:14:11.0472 5876 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:14:11.0472 5876 pcw - ok
20:14:11.0494 5876 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:14:11.0497 5876 PEAUTH - ok
20:14:11.0538 5876 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:14:11.0539 5876 PptpMiniport - ok
20:14:11.0555 5876 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:14:11.0556 5876 Processor - ok
20:14:11.0575 5876 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:14:11.0575 5876 Psched - ok
20:14:11.0604 5876 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:14:11.0611 5876 ql2300 - ok
20:14:11.0617 5876 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:14:11.0618 5876 ql40xx - ok
20:14:11.0634 5876 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:14:11.0634 5876 QWAVEdrv - ok
20:14:11.0649 5876 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:14:11.0650 5876 RasAcd - ok
20:14:11.0666 5876 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:14:11.0666 5876 RasAgileVpn - ok
20:14:11.0696 5876 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:14:11.0696 5876 Rasl2tp - ok
20:14:11.0717 5876 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:14:11.0717 5876 RasPppoe - ok
20:14:11.0729 5876 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:14:11.0730 5876 RasSstp - ok
20:14:11.0745 5876 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:14:11.0747 5876 rdbss - ok
20:14:11.0761 5876 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:14:11.0761 5876 rdpbus - ok
20:14:11.0771 5876 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:14:11.0771 5876 RDPCDD - ok
20:14:11.0792 5876 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
20:14:11.0793 5876 RDPDR - ok
20:14:11.0808 5876 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:14:11.0809 5876 RDPENCDD - ok
20:14:11.0822 5876 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:14:11.0823 5876 RDPREFMP - ok
20:14:11.0837 5876 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
20:14:11.0838 5876 RDPWD - ok
20:14:11.0862 5876 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:14:11.0863 5876 rdyboost - ok
20:14:11.0885 5876 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:14:11.0886 5876 rspndr - ok
20:14:11.0915 5876 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:14:11.0917 5876 RTL8167 - ok
20:14:11.0931 5876 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
20:14:11.0931 5876 s3cap - ok
20:14:11.0947 5876 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:14:11.0947 5876 sbp2port - ok
20:14:11.0969 5876 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:14:11.0969 5876 scfilter - ok
20:14:11.0980 5876 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:14:11.0980 5876 secdrv - ok
20:14:11.0997 5876 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:14:11.0997 5876 Serenum - ok
20:14:12.0009 5876 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:14:12.0010 5876 Serial - ok
20:14:12.0019 5876 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:14:12.0020 5876 sermouse - ok
20:14:12.0041 5876 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:14:12.0042 5876 sffdisk - ok
20:14:12.0051 5876 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:14:12.0051 5876 sffp_mmc - ok
20:14:12.0060 5876 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:14:12.0060 5876 sffp_sd - ok
20:14:12.0072 5876 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:14:12.0072 5876 sfloppy - ok
20:14:12.0090 5876 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:14:12.0091 5876 SiSRaid2 - ok
20:14:12.0096 5876 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:14:12.0097 5876 SiSRaid4 - ok
20:14:12.0114 5876 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:14:12.0115 5876 Smb - ok
20:14:12.0138 5876 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:14:12.0139 5876 spldr - ok
20:14:12.0160 5876 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:14:12.0162 5876 srv - ok
20:14:12.0184 5876 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:14:12.0185 5876 srv2 - ok
20:14:12.0197 5876 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:14:12.0198 5876 srvnet - ok
20:14:12.0225 5876 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:14:12.0225 5876 stexstor - ok
20:14:12.0245 5876 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
20:14:12.0245 5876 storflt - ok
20:14:12.0261 5876 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
20:14:12.0261 5876 storvsc - ok
20:14:12.0280 5876 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:14:12.0280 5876 swenum - ok
20:14:12.0341 5876 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:14:12.0349 5876 Tcpip - ok
20:14:12.0382 5876 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:14:12.0390 5876 TCPIP6 - ok
20:14:12.0422 5876 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:14:12.0422 5876 tcpipreg - ok
20:14:12.0434 5876 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:14:12.0434 5876 TDPIPE - ok
20:14:12.0442 5876 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
20:14:12.0442 5876 TDTCP - ok
20:14:12.0462 5876 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:14:12.0463 5876 tdx - ok
20:14:12.0474 5876 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:14:12.0474 5876 TermDD - ok
20:14:12.0498 5876 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:14:12.0498 5876 tssecsrv - ok
20:14:12.0515 5876 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:14:12.0516 5876 TsUsbFlt - ok
20:14:12.0538 5876 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:14:12.0539 5876 tunnel - ok
20:14:12.0557 5876 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:14:12.0557 5876 uagp35 - ok
20:14:12.0579 5876 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:14:12.0581 5876 udfs - ok
20:14:12.0600 5876 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:14:12.0601 5876 uliagpkx - ok
20:14:12.0610 5876 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:14:12.0610 5876 umbus - ok
20:14:12.0623 5876 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:14:12.0623 5876 UmPass - ok
20:14:12.0661 5876 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
20:14:12.0662 5876 USBAAPL64 - ok
20:14:12.0675 5876 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:14:12.0676 5876 usbaudio - ok
20:14:12.0689 5876 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:14:12.0690 5876 usbccgp - ok
20:14:12.0712 5876 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:14:12.0713 5876 usbcir - ok
20:14:12.0727 5876 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
20:14:12.0728 5876 usbehci - ok
20:14:12.0739 5876 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:14:12.0741 5876 usbhub - ok
20:14:12.0760 5876 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
20:14:12.0761 5876 usbohci - ok
20:14:12.0800 5876 USBPNPA (813bfe2de062a28cfe42c4eb8572a7f9) C:\Windows\system32\drivers\CM10864.sys
20:14:12.0805 5876 USBPNPA - ok
20:14:12.0815 5876 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:14:12.0816 5876 usbprint - ok
20:14:12.0828 5876 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:14:12.0828 5876 USBSTOR - ok
20:14:12.0837 5876 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
20:14:12.0838 5876 usbuhci - ok
20:14:12.0849 5876 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:14:12.0850 5876 vdrvroot - ok
20:14:12.0871 5876 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:14:12.0872 5876 vga - ok
20:14:12.0883 5876 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:14:12.0883 5876 VgaSave - ok
20:14:12.0896 5876 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:14:12.0897 5876 vhdmp - ok
20:14:12.0902 5876 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:14:12.0903 5876 viaide - ok
20:14:12.0916 5876 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
20:14:12.0917 5876 vmbus - ok
20:14:12.0931 5876 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
20:14:12.0931 5876 VMBusHID - ok
20:14:12.0948 5876 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:14:12.0948 5876 volmgr - ok
20:14:12.0974 5876 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:14:12.0975 5876 volmgrx - ok
20:14:12.0983 5876 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:14:12.0985 5876 volsnap - ok
20:14:13.0001 5876 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:14:13.0002 5876 vsmraid - ok
20:14:13.0019 5876 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
20:14:13.0020 5876 vwifibus - ok
20:14:13.0028 5876 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:14:13.0029 5876 WacomPen - ok
20:14:13.0035 5876 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:14:13.0035 5876 WANARP - ok
20:14:13.0042 5876 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:14:13.0043 5876 Wanarpv6 - ok
20:14:13.0065 5876 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:14:13.0066 5876 Wd - ok
20:14:13.0084 5876 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:14:13.0087 5876 Wdf01000 - ok
20:14:13.0114 5876 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:14:13.0114 5876 WfpLwf - ok
20:14:13.0121 5876 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:14:13.0121 5876 WIMMount - ok
20:14:13.0156 5876 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:14:13.0157 5876 WinUsb - ok
20:14:13.0174 5876 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:14:13.0174 5876 WmiAcpi - ok
20:14:13.0191 5876 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:14:13.0191 5876 ws2ifsl - ok
20:14:13.0215 5876 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
20:14:13.0215 5876 WSDPrintDevice - ok
20:14:13.0229 5876 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
20:14:13.0229 5876 WSDScan - ok
20:14:13.0253 5876 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:14:13.0253 5876 WudfPf - ok
20:14:13.0265 5876 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:14:13.0266 5876 WUDFRd - ok
20:14:13.0303 5876 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
20:14:13.0304 5876 xusb21 - ok
20:14:13.0315 5876 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:14:13.0410 5876 \Device\Harddisk0\DR0 - ok
20:14:13.0412 5876 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
20:14:13.0426 5876 \Device\Harddisk1\DR1 - ok
20:14:13.0428 5876 Boot (0x1200) (99d43c4e1bf43b3671a5cc6bccf31b61) \Device\Harddisk0\DR0\Partition0
20:14:13.0429 5876 \Device\Harddisk0\DR0\Partition0 - ok
20:14:13.0454 5876 Boot (0x1200) (6827d99f829ffde2977f30bd34126e9c) \Device\Harddisk0\DR0\Partition1
20:14:13.0455 5876 \Device\Harddisk0\DR0\Partition1 - ok
20:14:13.0455 5876 ============================================================
20:14:13.0455 5876 Scan finished
20:14:13.0455 5876 ============================================================
20:14:13.0462 4440 Detected object count: 0
20:14:13.0462 4440 Actual detected object count: 0



aswMBR report:


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-12 20:15:31
-----------------------------
20:15:31.295 OS Version: Windows x64 6.1.7601 Service Pack 1
20:15:31.295 Number of processors: 6 586 0xA00
20:15:31.296 ComputerName: BLACKCOMP UserName: Rex
20:15:32.427 Initialize success
20:15:48.762 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:15:48.763 Disk 0 Vendor: WDC_WD1002FAEX-007BA0 05.01D05 Size: 953869MB BusType: 3
20:15:48.764 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
20:15:48.766 Disk 1 Vendor: WDC_WD1002FAEX-007BA0 05.01D05 Size: 953869MB BusType: 3
20:15:48.775 Disk 0 MBR read successfully
20:15:48.776 Disk 0 MBR scan
20:15:48.778 Disk 0 Windows 7 default MBR code
20:15:48.781 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:15:48.783 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
20:15:48.793 Disk 0 scanning C:\Windows\system32\drivers
20:15:51.729 Service scanning
20:15:58.490 Modules scanning
20:15:58.495 Disk 0 trace - called modules:
20:15:58.507 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
20:15:58.511 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ca5060]
20:15:58.515 3 CLASSPNP.SYS[fffff88001b8643f] -> nt!IofCallDriver -> [0xfffffa80075e0520]
20:15:58.518 5 ACPI.sys[fffff88000e7d7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8006cce060]
20:15:58.521 Scan finished successfully
20:27:41.103 Disk 0 MBR has been saved successfully to "C:\Users\Rex\Desktop\MBR.dat"
20:27:41.107 The log file has been saved successfully to "C:\Users\Rex\Desktop\aswMBR.txt"

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:07 AM

Posted 13 March 2012 - 05:17 PM

You're welcome.
Do these and see if the redirecting stops.

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).



Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 jerex

jerex
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:07 PM

Posted 13 March 2012 - 05:44 PM

I closed all windows and rant GooredFix here are the results:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 15:35 on 13/03/2012 (Rex)
Firefox version 10.0.2 (en-US)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [19:35 26/02/2012]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
(none)

---------- Old Logs ----------
GooredFix[10.24.42_10-03-2012].txt
GooredFix[10.25.05_10-03-2012].txt

-=E.O.F=-



After running GooredFix I applied the Microsoft Fix and restarted. Once the computer restarted I tested the browser and the after ~14 clicks on different web links a redirect occurred. So the issue is still happening.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:07 AM

Posted 13 March 2012 - 05:58 PM

I was suspecting FF addons but you've removed it so ... The problem may be actually based in your router.
Open MBAM in normal mode and click Update tab, select Check for Updates
Next disconnect your system from the internet, and your router, then…
Open MBAM in normal mode and click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected,

Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you don’t know the router's default password, you can look it up HERE


However, if there are other infected machines using the same router, they will need to be cleared with the above steps before resetting the router. Otherwise, the malware will simply go back and change the router's DNS settings. You also need to reconfigure any security settings you had in place prior to the reset. Check out this site here for video tutorials on how to properly configure your router's encryption and security settings. You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.

Once you have ran Malwarebytes' Anti-Malware on the infected system, and reset the router to its default configuration you can reconnect to the internet, and router. Then return to this site to post your logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 jerex

jerex
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:07 PM

Posted 13 March 2012 - 06:41 PM

Looks like the router was the issue.. that would explain why I was having so many issues removing it. Sneaky bastards! I have reset it to defaults and set the security back up.

Thank you for the help!

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:07 AM

Posted 13 March 2012 - 07:43 PM

You're most welcome.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users