50 replies to this topic

[teehee]

Hi guys,

My issue is that my desktop now appears completely blank whenever I load up my pc, the issue also occurs with my external hardrive although im pretty sure the files are still there. My pc also bsod´s continously 5 minutes or so after opening most programs including firefox. All of the above also happen in safe-mode. Pleas find below the logs requested. I have been unable to produce the final logs from step 4 as when I run the dds program they are not opened.

Ive been checking around the internet for the last 2 weeks for answers but as yet to no avail so any help would be greatly appreciated.


aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-06-11 11:48:18
-----------------------------
11:48:18.138 OS Version: Windows 5.1.2600 Service Pack 3
11:48:18.138 Number of processors: 1 586 0x4C02
11:48:18.138 ComputerName: ACER-1424F82190 UserName: Alistair Ankrah
11:48:18.919 Initialize success
11:48:37.855 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-a
11:48:37.871 Disk 0 Vendor: TOSHIBA_MK6034GAX AC101A Size: 57231MB BusType: 3
11:48:37.871 Disk 0 MBR read error 0
11:48:37.871 Disk 0 MBR scan
11:48:37.887 Disk 0 unknown MBR code
11:48:37.887 MBR BIOS signature not found 0
11:48:37.902 Disk 0 scanning sectors +117210240
11:48:37.902 Disk 0 scanning C:\WINDOWS\system32\drivers
11:48:43.261 Service scanning
11:48:45.246 Disk 0 trace - called modules:
11:48:45.261 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spuj.sys >>UNKNOWN [0x8378f944]<<
11:48:45.277 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8371c318]
11:48:45.277 3 CLASSPNP.SYS[f773efd7] -> nt!IofCallDriver -> \Device\000000ba[0x836f88f0]
11:48:45.293 5 ACPI.sys[f743f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-a[0x836f85c0]
11:48:45.714 Scan finished successfully
11:49:07.932 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Alistair Ankrah\Desktop\MBR.dat"
11:49:07.947 The log file has been saved successfully to "C:\Documents and Settings\Alistair Ankrah\Desktop\aswMBR.txt"


aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-06-13 08:44:31
-----------------------------
08:44:31.607 OS Version: Windows 5.1.2600 Service Pack 3
08:44:31.607 Number of processors: 1 586 0x4C02
08:44:31.607 ComputerName: ACER-1424F82190 UserName: Alistair Ankrah
08:44:32.966 Initialize success
08:44:35.576 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-a
08:44:35.576 Disk 0 Vendor: TOSHIBA_MK6034GAX AC101A Size: 57231MB BusType: 3
08:44:35.591 Disk 0 MBR read error 0
08:44:35.607 Disk 0 MBR scan
08:44:35.607 Disk 0 unknown MBR code
08:44:35.623 MBR BIOS signature not found 0
08:44:35.638 Disk 0 scanning sectors +117210240
08:44:35.670 Disk 0 scanning C:\WINDOWS\system32\drivers
08:44:43.732 Service scanning
08:44:47.092 Disk 0 trace - called modules:
08:44:47.123 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spbp.sys >>UNKNOWN [0x8378f944]<<
08:44:47.139 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8371c318]
08:44:47.154 3 CLASSPNP.SYS[f773efd7] -> nt!IofCallDriver -> \Device\000000ba[0x836f88f0]
08:44:47.186 5 ACPI.sys[f743f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-a[0x836f85c0]
08:44:47.561 Scan finished successfully
08:45:02.202 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Alistair Ankrah\Desktop\MBR.dat"
08:45:02.217 The log file has been saved successfully to "C:\Documents and Settings\Alistair Ankrah\Desktop\aswMBR.txt"


GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-11 11:11:42
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort2 TOSHIBA_MK6034GAX rev.AC101A
Running: jpx35ili.exe; Driver: C:\DOCUME~1\ALISTA~1\LOCALS~1\Temp\pwpdypod.sys


---- System - GMER 1.0.15 ----

SSDT spxx.sys ZwCreateKey [0xF76730E0]
SSDT spxx.sys ZwEnumerateKey [0xF7690CA2]
SSDT spxx.sys ZwEnumerateValueKey [0xF7691030]
SSDT spxx.sys ZwOpenKey [0xF76730C0]
SSDT spxx.sys ZwQueryKey [0xF7691108]
SSDT spxx.sys ZwQueryValueKey [0xF7690F88]
SSDT spxx.sys ZwSetValueKey [0xF769119A]

INT 0x62 ? 83BDABF8
INT 0x63 ? 83A35BF8
INT 0x63 ? 83A35BF8
INT 0x63 ? 83A35BF8
INT 0x63 ? 83A35BF8
INT 0x83 ? 83BDABF8
INT 0x83 ? 83BDABF8
INT 0x83 ? 83BDABF8

---- Kernel code sections - GMER 1.0.15 ----

? spxx.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload F742B8AC 5 Bytes JMP 83A351D8
.text awbru2dm.SYS F7280384 1 Byte [20]
.text awbru2dm.SYS F7280384 37 Bytes [20, 00, 00, 68, 00, 00, 00, ...]
.text awbru2dm.SYS F72803AA 24 Bytes [00, 00, 20, 00, 00, E0, 00, ...]
.text awbru2dm.SYS F72803C4 3 Bytes [00, 00, 00]
.text awbru2dm.SYS F72803C9 1 Byte [00]
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 83BDD2D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F76996D0] spxx.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F769D708] spxx.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7674046] spxx.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7674142] spxx.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F76740C4] spxx.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F76747CE] spxx.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F76746A4] spxx.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 83A352D8
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F767FD7A] spxx.sys
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlInitUnicodeString] 000000A5
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!swprintf] 000000E5
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeSetEvent] 000000F1
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 00000071
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 000000D8
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] 00000031
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmFreeMappingAddress] 00000015
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 00000004
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 000000C7
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmUnmapIoSpace] 00000023
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 000000C3
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IofCompleteRequest] 00000018
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 00000096
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IofCallDriver] 00000005
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 0000009A
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 00000007
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoConnectInterrupt] 00000012
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoDetachDevice] 00000080
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeWaitForSingleObject] 000000E2
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeInitializeEvent] 000000EB
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeCancelTimer] 00000027
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 000000B2
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlInitAnsiString] 00000075
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 00000009
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoQueueWorkItem] 00000083
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmMapIoSpace] 0000002C
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 0000001A
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoReportDetectedDevice] 0000001B
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoReportResourceForDetection] 0000006E
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 0000005A
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!NlsMbCodePageTag] 000000A0
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!PoRequestPowerIrp] 00000052
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 0000003B
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] 000000D6
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!sprintf] 000000B3
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] 00000029
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!ObfDereferenceObject] 000000E3
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 0000002F
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 00000084
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!ZwClose] 00000053
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] 000000D1
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 00000000
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 000000ED
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!PoStartNextPowerIrp] 00000020
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoCreateDevice] 000000FC
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 000000B1
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 0000005B
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 0000006A
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!ZwOpenKey] 000000CB
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlFreeUnicodeString] 000000BE
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoStartTimer] 00000039
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeInitializeTimer] 0000004A
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoInitializeTimer] 0000004C
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeInitializeDpc] 00000058
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeInitializeSpinLock] 000000CF
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoInitializeIrp] 000000D0
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!ZwCreateKey] 000000EF
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 000000AA
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 000000FB
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!ZwSetValueKey] 00000043
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeInsertQueueDpc] 0000004D
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 00000033
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoStartPacket] 00000085
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 00000045
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 000000F9
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoFreeMdl] 00000002
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmUnlockPages] 0000007F
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 00000050
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 0000003C
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 0000009F
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 000000A8
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeSynchronizeExecution] 00000051
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoStartNextPacket] 000000A3
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeBugCheckEx] 00000040
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 0000008F
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeSetTimer] 00000092
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!_allmul] 0000009D
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmProbeAndLockPages] 00000038
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!_except_handler3] 000000F5
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!PoSetPowerState] 000000BC
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 000000B6
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlWriteRegistryValue] 000000DA
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlDeleteRegistryValue] 00000021
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!_aulldiv] 00000010
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!strstr] 000000FF
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!_strupr] 000000F3
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeQuerySystemTime] 000000D2
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 000000CD
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!KeTickCount] 0000000C
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 00000013
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoDeleteDevice] 000000EC
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 0000005F
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoAllocateWorkItem] 00000097
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoAllocateIrp] 00000044
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoAllocateMdl] 00000017
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 000000C4
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmLockPagableDataSection] 000000A7
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 0000007E
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 0000003D
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!ExFreePoolWithTag] 00000064
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoFreeIrp] 0000005D
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!IoFreeWorkItem] 00000019
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!InitSafeBootMode] 00000073
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!RtlCompareMemory] 00000060
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!PoCallDriver] 00000081
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!memmove] 0000004F
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[ntoskrnl.exe!MmHighestUserAddress] 000000DC
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!KfAcquireSpinLock] 000000AD
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!READ_PORT_UCHAR] 000000D4
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!KeGetCurrentIrql] 000000A2
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!KfRaiseIrql] 000000AF
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!KfLowerIrql] 0000009C
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!HalGetInterruptVector] 000000A4
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!HalTranslateBusAddress] 00000072
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!KeStallExecutionProcessor] 000000C0
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!KfReleaseSpinLock] 000000B7
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 000000FD
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!READ_PORT_USHORT] 00000093
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 00000026
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[HAL.dll!WRITE_PORT_UCHAR] 00000036
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[WMILIB.SYS!WmiSystemControl] 000000F7
IAT \SystemRoot\System32\Drivers\awbru2dm.SYS[WMILIB.SYS!WmiCompleteRequest] 000000CC

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Fastfat \FatCdrom 83B5D1F8

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\usbohci \Device\USBPDO-0 83A341F8
Device \Driver\sptd \Device\1198615846 spxx.sys
Device \Driver\usbohci \Device\USBPDO-1 83A341F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 83BDB1F8
Device \Driver\dmio \Device\DmControl\DmConfig 83BDB1F8
Device \Driver\dmio \Device\DmControl\DmPnP 83BDB1F8
Device \Driver\dmio \Device\DmControl\DmInfo 83BDB1F8
Device \Driver\usbehci \Device\USBPDO-2 83A1D1F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 83B701F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 83B701F8
Device \Driver\Cdrom \Device\CdRom0 83A101F8
Device \Driver\Ftdisk \Device\HarddiskVolume3 83B701F8
Device \Driver\atapi \Device\Ide\IdePort0 [F75A9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F75A9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [F75A9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [F75A9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-12 [F75A9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-a [F75A9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom1 83A101F8
Device \Driver\usbohci \Device\USBFDO-0 83A341F8
Device \Driver\usbohci \Device\USBFDO-1 83A341F8
Device \Driver\usbehci \Device\USBFDO-2 83A1D1F8
Device \Driver\Ftdisk \Device\FtControl 83B701F8
Device \Driver\PCI_PNP8346 \Device\0000008c spxx.sys
Device \Driver\awbru2dm \Device\Scsi\awbru2dm1 839D41F8
Device \Driver\awbru2dm \Device\Scsi\awbru2dm1Port4Path0Target0Lun0 839D41F8
Device \FileSystem\Fastfat \Fat 83B5D1F8
Device \FileSystem\Cdfs \Cdfs 838FE1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000ea1350d0e
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0016cedff850
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x37 0x00 0xC9 0x6E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x3C 0xA2 0x07 0x1B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xF5 0x4D 0x45 0x78 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000ea1350d0e (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0016cedff850 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x37 0x00 0xC9 0x6E ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x3C 0xA2 0x07 0x1B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xF5 0x4D 0x45 0x78 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x37 0x00 0xC9 0x6E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x3C 0xA2 0x07 0x1B ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xF5 0x4D 0x45 0x78 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\05DCB47581D507F40B831560F622E970\Usage@Main 1053032616

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 MBR read error
Disk \Device\Harddisk0\DR0 MBR BIOS signature not found 0

---- EOF - GMER 1.0.15 ----


Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6832

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 7.0.5730.11

11/06/2011 00:32:33
mbam-log-2011-06-11 (00-32-33).txt

Scan type: Quick scan
Objects scanned: 205696
Time elapsed: 29 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 9
Registry Values Infected: 6
Registry Data Items Infected: 3
Folders Infected: 43
Files Infected: 60

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{B03A4BE6-5E5A-B9B3-483E-C484D4B20B72} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D9882035-7745-47c7-8D5E-C11178F9C553} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C875948-9C60-4381-9248-0DF180542D53} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109FD3D-D891-4f80-8339-50A4913ACE6F} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90B5A95A-AFD5-4d11-B9BD-A69D53D22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\NOD32KVBIT (Trojan.Frethog) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SSSInst (Adware.Comet) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72} (Trojan.Agent) -> Value: {B03A4BE6-5E5A-483E-B9B3-C484D4B20B72} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72} (Trojan.Agent) -> Value: {B03A4BE6-5E5A-483E-B9B3-C484D4B20B72} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdVantage (Adware.Vomba) -> Value: AdVantage -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\Client\Extensions\Spam Blocker for MS Outlook (Adware.Hotbar) -> Value: Spam Blocker for MS Outlook -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SpamBlockerUtility 4.8.4 (Adware.Hotbar) -> Value: SpamBlockerUtility 4.8.4 -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDesktop (PUM.Hidden.Desktop) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen.A) -> Bad: (explorer.exe "C:\Documents and Settings\Alistair Ankrah\Application Data\anx1t13vsgknwrlveazeliwnq21w1ak2\csrss.exe") Good: (Explorer.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:
c:\documents and settings\alistair ankrah\application data\starware316 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensavers (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensavers\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensavers\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensavers\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Games (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensaversmarketingsitepager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensaversmarketingsitepager\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensaversmarketingsitepager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensaversmarketingsitepager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Movies (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\contexts (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\simpleupdate (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\screensavers (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Games (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\screensaversmarketingsitepager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\screensaversmarketingsitepager\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\screensaversmarketingsitepager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\screensaversmarketingsitepager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Movies (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\bin (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\temp (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\Ready (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\Upload (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\wallpaper (Adware.Comet) -> Quarantined and deleted successfully.

Files Infected:
c:\WINDOWS\AhnRpta.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Tem121.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Tem51A.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensavers\screensaversoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensavers\screensaversoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Games\gamesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Games\gamesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\screensaversmarketingsitepager\images\active\screensaversmarketingsitepager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Movies\moviesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Movies\moviesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\alistair ankrah\application data\starware316\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\Tem50.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\Tem8.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\Tem240.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\Tem17D.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\findithot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\highlighthot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\referencexp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\referencehotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\reference.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\referencehot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\weatherxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\weatherhotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\Weather.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\screensaver.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\screensavers0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\simpleupdate\simpleupdateconfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\simpleupdate\simpleupdateconfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\simpleupdate\timermanagerconfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\simpleupdate\productmessagingconfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\simpleupdate\productmessagingconfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\simpleupdate\timermanagerconfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\images\walertXP.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\screensavers\screensaversoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\screensavers\screensaversoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Games\gamesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Games\gamesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\screensaversmarketingsitepager\images\active\screensaversmarketingsitepager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Movies\moviesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Movies\moviesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\delores archer\application data\starware316\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\bin\sssuninst.exe (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\bin\iebyterange.xml.backup (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\bin\iebyterange.xml (Adware.Comet) -> Quarantined and deleted successfully.


Thanks in advance

Teehee

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  
• Please refrain from running tools or applying updates other than those I suggest.
  
• Never run more than one scan at a time.
  
• Keep updating me regarding your computer behavior, good, or bad.
  
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=========================================================================================================

Download TDSSKiller and save it to your desktop.

• Extract (unzip) its contents to your desktop.
  
• Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

[teehee]

As requested:

2011/06/13 19:01:42.0769 0700 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48
2011/06/13 19:01:43.0660 0700 ================================================================================
2011/06/13 19:01:43.0660 0700 SystemInfo:
2011/06/13 19:01:43.0660 0700
2011/06/13 19:01:43.0660 0700 OS Version: 5.1.2600 ServicePack: 3.0
2011/06/13 19:01:43.0660 0700 Product type: Workstation
2011/06/13 19:01:43.0660 0700 ComputerName: ACER-1424F82190
2011/06/13 19:01:43.0660 0700 UserName: Alistair Ankrah
2011/06/13 19:01:43.0660 0700 Windows directory: C:\WINDOWS
2011/06/13 19:01:43.0660 0700 System windows directory: C:\WINDOWS
2011/06/13 19:01:43.0660 0700 Processor architecture: Intel x86
2011/06/13 19:01:43.0660 0700 Number of processors: 1
2011/06/13 19:01:43.0660 0700 Page size: 0x1000
2011/06/13 19:01:43.0660 0700 Boot type: Normal boot
2011/06/13 19:01:43.0660 0700 ================================================================================
2011/06/13 19:01:46.0348 0700 Initialize success
2011/06/13 19:01:50.0692 3700 ================================================================================
2011/06/13 19:01:50.0692 3700 Scan started
2011/06/13 19:01:50.0692 3700 Mode: Manual;
2011/06/13 19:01:50.0692 3700 ================================================================================
2011/06/13 19:01:51.0380 3700 Aavmker4 (3f6884eff406238d39aaa892218f1df7) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/06/13 19:01:51.0927 3700 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/06/13 19:01:52.0146 3700 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/13 19:01:52.0224 3700 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/06/13 19:01:52.0505 3700 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/06/13 19:01:52.0724 3700 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/06/13 19:01:52.0927 3700 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/06/13 19:01:53.0130 3700 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/06/13 19:01:53.0334 3700 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/06/13 19:01:53.0505 3700 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/06/13 19:01:53.0756 3700 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/06/13 19:01:53.0912 3700 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/06/13 19:01:53.0990 3700 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/06/13 19:01:54.0162 3700 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/06/13 19:01:54.0256 3700 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/06/13 19:01:54.0443 3700 AmdK8 (0a4d13b388c814560bd69c3a496ecfa8) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/06/13 19:01:54.0631 3700 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/06/13 19:01:54.0818 3700 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/06/13 19:01:54.0990 3700 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/06/13 19:01:55.0162 3700 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/06/13 19:01:55.0522 3700 aswFsBlk (7f08d9c504b015d81a8abd75c80028c5) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/06/13 19:01:55.0693 3700 aswMon2 (c2181ef6b54752273a0759a968c59279) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/06/13 19:01:55.0990 3700 aswRdr (ac48bdd4cd5d44af33087c06d6e9511c) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/06/13 19:01:56.0256 3700 aswSnx (b64134316fcd1f20e0f10ef3e65bd522) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/06/13 19:01:56.0631 3700 aswSP (d6788e3211afa9951ed7a4d617f68a4f) C:\WINDOWS\system32\drivers\aswSP.sys
2011/06/13 19:01:56.0928 3700 aswTdi (4d100c45517809439c7b6dd98997fa00) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/06/13 19:01:57.0225 3700 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/13 19:01:57.0397 3700 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/13 19:01:58.0022 3700 ati2mtag (b1fa8f1dc0a49618e544287a92ac266e) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/06/13 19:01:58.0303 3700 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/13 19:01:58.0538 3700 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/13 19:01:58.0788 3700 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/06/13 19:01:58.0850 3700 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/13 19:01:59.0194 3700 btaudio (5d0ba6d229996a5f640f571ad478e532) C:\WINDOWS\system32\drivers\btaudio.sys
2011/06/13 19:01:59.0507 3700 BTDriver (0cd9a9aadabe621b3872e54283cd4bee) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/06/13 19:01:59.0741 3700 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/06/13 19:01:59.0851 3700 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/06/13 19:02:00.0085 3700 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/06/13 19:02:00.0413 3700 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/06/13 19:02:00.0788 3700 BTKRNL (b637f1d425e13c206ef3c2028dd72e6a) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/06/13 19:02:01.0054 3700 BTSERIAL (ca33ae514a49105f2b6b9bd48c49d4de) C:\WINDOWS\system32\drivers\btserial.sys
2011/06/13 19:02:01.0335 3700 BTSLBCSP (2718bb436b801b32b3bce8b1ee23968d) C:\WINDOWS\system32\drivers\btslbcsp.sys
2011/06/13 19:02:01.0695 3700 BTWDNDIS (59a6c89408366364ad3d8ab66c771bd5) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/06/13 19:02:02.0070 3700 btwhid (2d27d43d8de59ce87d17a3712e4519e8) C:\WINDOWS\system32\DRIVERS\btwhid.sys
2011/06/13 19:02:02.0398 3700 btwmodem (cb66cd60bd2e82507d9ec84d683d39ce) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
2011/06/13 19:02:02.0664 3700 BTWUSB (a93097a2962b14809939ff3259684327) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/06/13 19:02:02.0789 3700 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/06/13 19:02:02.0883 3700 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/13 19:02:03.0039 3700 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/06/13 19:02:03.0289 3700 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/06/13 19:02:03.0461 3700 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/06/13 19:02:03.0602 3700 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/13 19:02:03.0727 3700 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/13 19:02:04.0227 3700 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/06/13 19:02:04.0399 3700 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/06/13 19:02:04.0555 3700 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/06/13 19:02:04.0742 3700 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/06/13 19:02:04.0930 3700 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/06/13 19:02:05.0149 3700 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/06/13 19:02:05.0258 3700 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/13 19:02:05.0477 3700 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
2011/06/13 19:02:05.0618 3700 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/06/13 19:02:05.0789 3700 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/13 19:02:05.0836 3700 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/13 19:02:05.0993 3700 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/13 19:02:06.0243 3700 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/06/13 19:02:06.0368 3700 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/13 19:02:06.0587 3700 EMSCR (66029e6c4b19223c24d8710eed3aaeab) C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
2011/06/13 19:02:06.0712 3700 emusba10 (0407b78faaa9437ffccd6c393d483309) C:\WINDOWS\system32\DRIVERS\emusba10.sys
2011/06/13 19:02:06.0852 3700 ESDCR (9f0fa60836e1d1148cc0c1b6e67aa6f7) C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
2011/06/13 19:02:06.0993 3700 ESMCR (d9da881be71b74b328471ccf28b5f0a9) C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
2011/06/13 19:02:07.0102 3700 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/13 19:02:07.0243 3700 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/06/13 19:02:07.0337 3700 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/13 19:02:07.0446 3700 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/06/13 19:02:07.0649 3700 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/06/13 19:02:07.0712 3700 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/13 19:02:07.0790 3700 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/13 19:02:07.0962 3700 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2011/06/13 19:02:08.0118 3700 ggflt (9ae4cd2acdf58325fd38b416c1decf1d) C:\WINDOWS\system32\DRIVERS\ggflt.sys
2011/06/13 19:02:08.0212 3700 ggsemc (4b0bd44af495fc5b89477328f22f36ec) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
2011/06/13 19:02:08.0384 3700 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/13 19:02:08.0571 3700 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/06/13 19:02:08.0790 3700 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/13 19:02:09.0009 3700 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/06/13 19:02:09.0150 3700 HSFHWAZL (448c0fd272fe1b80046f4767db21eb8d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2011/06/13 19:02:09.0337 3700 HSF_DPV (2715a27de9c17bdbaf6d6c79989a7b12) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/06/13 19:02:09.0603 3700 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/13 19:02:09.0790 3700 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/06/13 19:02:09.0994 3700 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/06/13 19:02:10.0119 3700 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/06/13 19:02:10.0384 3700 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/13 19:02:10.0556 3700 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/06/13 19:02:10.0775 3700 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\WINDOWS\system32\drivers\int15.sys
2011/06/13 19:02:11.0119 3700 IntcAzAudAddService (909d03b3b7fb7c830b74f74f4d0ea7ce) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/06/13 19:02:11.0463 3700 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/06/13 19:02:11.0556 3700 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/06/13 19:02:11.0650 3700 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/06/13 19:02:11.0853 3700 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/13 19:02:11.0963 3700 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/13 19:02:12.0088 3700 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/13 19:02:12.0213 3700 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/13 19:02:12.0369 3700 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/13 19:02:12.0682 3700 k510bus (b1fe6feac5a501c89057a69c9f5e9d1f) C:\WINDOWS\system32\DRIVERS\k510bus.sys
2011/06/13 19:02:12.0963 3700 k510mdfl (7a4ecca08560e8ff330acaa4128af7b0) C:\WINDOWS\system32\DRIVERS\k510mdfl.sys
2011/06/13 19:02:13.0276 3700 k510mdm (094d532b727030c3b8b6bd3b743d9526) C:\WINDOWS\system32\DRIVERS\k510mdm.sys
2011/06/13 19:02:13.0604 3700 k510mgmt (ad67bfa00ba39c65551338ee001cdddd) C:\WINDOWS\system32\DRIVERS\k510mgmt.sys
2011/06/13 19:02:13.0916 3700 k510obex (7d5094b00a47d871a48d035beb3a0922) C:\WINDOWS\system32\DRIVERS\k510obex.sys
2011/06/13 19:02:14.0213 3700 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/13 19:02:14.0479 3700 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/06/13 19:02:14.0682 3700 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/13 19:02:14.0854 3700 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/13 19:02:15.0542 3700 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\WINDOWS\system32\drivers\mbam.sys
2011/06/13 19:02:15.0917 3700 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011/06/13 19:02:16.0136 3700 mdmxsdk (74f4372af97a587ecec527ec34955712) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/06/13 19:02:16.0354 3700 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/06/13 19:02:16.0495 3700 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/13 19:02:16.0651 3700 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/13 19:02:16.0729 3700 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/13 19:02:17.0042 3700 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/13 19:02:17.0292 3700 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/13 19:02:17.0526 3700 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/06/13 19:02:17.0667 3700 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/13 19:02:17.0823 3700 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/13 19:02:18.0027 3700 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/13 19:02:18.0199 3700 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/13 19:02:18.0308 3700 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/13 19:02:18.0511 3700 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/13 19:02:18.0714 3700 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/13 19:02:18.0792 3700 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/06/13 19:02:18.0964 3700 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/13 19:02:19.0042 3700 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/06/13 19:02:19.0199 3700 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/13 19:02:19.0402 3700 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/06/13 19:02:19.0589 3700 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/13 19:02:19.0699 3700 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/13 19:02:20.0058 3700 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/13 19:02:20.0168 3700 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/13 19:02:20.0277 3700 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/13 19:02:20.0465 3700 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/13 19:02:21.0090 3700 Nokia USB Generic (b99ad22982b2e91bad9298d1752780da) C:\WINDOWS\system32\drivers\nmwcdc.sys
2011/06/13 19:02:21.0309 3700 Nokia USB Modem (ca2cdbf430ff21d2dfc3daaf05d95f86) C:\WINDOWS\system32\drivers\nmwcdcm.sys
2011/06/13 19:02:21.0559 3700 Nokia USB Phone Parent (62bc81da6cb2d17b0593fd42fa17f329) C:\WINDOWS\system32\drivers\nmwcd.sys
2011/06/13 19:02:21.0762 3700 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/13 19:02:21.0965 3700 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/13 19:02:22.0168 3700 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
2011/06/13 19:02:22.0278 3700 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/13 19:02:22.0371 3700 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/13 19:02:22.0512 3700 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/13 19:02:22.0590 3700 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/06/13 19:02:22.0793 3700 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/13 19:02:22.0856 3700 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/13 19:02:23.0028 3700 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/13 19:02:23.0387 3700 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/06/13 19:02:23.0528 3700 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/06/13 19:02:24.0716 3700 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/06/13 19:02:24.0919 3700 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/06/13 19:02:25.0216 3700 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/13 19:02:25.0356 3700 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/06/13 19:02:25.0450 3700 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/06/13 19:02:25.0622 3700 psdfilter (00b670d8a36c7134cfc66b446a18cc92) C:\WINDOWS\system32\Drivers\psdfilter.sys
2011/06/13 19:02:25.0778 3700 psdvdisk (e9a60343cb7c39090638b1dd574f26eb) C:\WINDOWS\system32\Drivers\psdvdisk.sys
2011/06/13 19:02:25.0841 3700 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/13 19:02:26.0091 3700 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/06/13 19:02:26.0247 3700 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/06/13 19:02:26.0435 3700 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/06/13 19:02:26.0591 3700 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/06/13 19:02:26.0763 3700 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/06/13 19:02:26.0935 3700 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/06/13 19:02:27.0232 3700 RapportBuka (e2aa111b00f5205ffd52a57f48b4f642) C:\WINDOWS\system32\drivers\RapportBuka.sys
2011/06/13 19:02:27.0560 3700 RapportCerberus_26169 (df1f468a6016c4950cfc169ae77d84cd) C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\26169\RapportCerberus_26169.sys
2011/06/13 19:02:27.0779 3700 RapportEI (1602ff4aec5c2246ac387e49e474dd7b) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
2011/06/13 19:02:28.0044 3700 RapportKELL (12031844f5ad4126eab4c410623f7789) C:\WINDOWS\system32\Drivers\RapportKELL.sys
2011/06/13 19:02:28.0201 3700 RapportPG (1c303f85986c3dfcb01cc67f185c32e5) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
2011/06/13 19:02:28.0295 3700 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/13 19:02:28.0482 3700 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/13 19:02:28.0591 3700 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/13 19:02:28.0654 3700 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/13 19:02:28.0779 3700 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/13 19:02:28.0826 3700 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/13 19:02:29.0029 3700 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/13 19:02:29.0248 3700 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/13 19:02:29.0389 3700 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/13 19:02:29.0639 3700 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/06/13 19:02:29.0857 3700 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
2011/06/13 19:02:30.0076 3700 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2011/06/13 19:02:30.0170 3700 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/06/13 19:02:30.0373 3700 RTL8023xp (7988bfe882bcd94199225b5c3482f1bd) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2011/06/13 19:02:30.0576 3700 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/06/13 19:02:30.0889 3700 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/13 19:02:30.0998 3700 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/06/13 19:02:31.0248 3700 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/06/13 19:02:31.0733 3700 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/06/13 19:02:31.0905 3700 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/06/13 19:02:32.0280 3700 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/06/13 19:02:32.0420 3700 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/13 19:02:32.0889 3700 sptd (0c1dad75274cb6e31f053ce3e08bf9c3) C:\WINDOWS\system32\Drivers\sptd.sys
2011/06/13 19:02:32.0889 3700 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 0c1dad75274cb6e31f053ce3e08bf9c3
2011/06/13 19:02:32.0905 3700 sptd - detected LockedFile.Multi.Generic (1)
2011/06/13 19:02:33.0499 3700 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/13 19:02:33.0968 3700 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/13 19:02:34.0655 3700 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/06/13 19:02:34.0968 3700 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/13 19:02:35.0515 3700 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/13 19:02:36.0312 3700 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/06/13 19:02:37.0062 3700 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/06/13 19:02:37.0672 3700 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/06/13 19:02:38.0156 3700 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/06/13 19:02:38.0797 3700 SynasUSB (418bd80a7fefaa3fcbd3dcfc021cb294) C:\WINDOWS\system32\drivers\SynasUSB.sys
2011/06/13 19:02:39.0844 3700 SynTP (9d3611fa3bcca8090fdd1a45bd1ea586) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/06/13 19:02:40.0235 3700 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/13 19:02:40.0594 3700 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/13 19:02:41.0157 3700 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
2011/06/13 19:02:41.0813 3700 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/13 19:02:42.0423 3700 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/13 19:02:42.0813 3700 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/13 19:02:43.0173 3700 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/06/13 19:02:43.0986 3700 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
2011/06/13 19:02:44.0486 3700 tvicport (97dd70feca64fb4f63de7bb7e66a80b1) C:\WINDOWS\system32\drivers\tvicport.sys
2011/06/13 19:02:45.0064 3700 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
2011/06/13 19:02:45.0595 3700 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/13 19:02:47.0361 3700 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/06/13 19:02:48.0330 3700 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/13 19:02:48.0830 3700 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/06/13 19:02:49.0330 3700 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/13 19:02:50.0034 3700 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/13 19:02:50.0456 3700 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/13 19:02:50.0971 3700 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/06/13 19:02:51.0222 3700 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/13 19:02:52.0097 3700 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/06/13 19:02:52.0941 3700 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/06/13 19:02:53.0410 3700 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/06/13 19:02:53.0878 3700 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/13 19:02:54.0441 3700 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/13 19:02:54.0988 3700 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/06/13 19:02:56.0379 3700 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/13 19:02:56.0942 3700 winachsf (7fe372b1ab60736cc67e8eb6f1fb1f5b) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/06/13 19:02:57.0770 3700 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/06/13 19:02:58.0161 3700 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/06/13 19:02:58.0364 3700 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/06/13 19:02:59.0380 3700 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/13 19:03:00.0286 3700 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/13 19:03:00.0802 3700 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\WINDOWS\system32\drivers\zntport.sys
2011/06/13 19:03:00.0880 3700 MBR (0x1B8) (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0
2011/06/13 19:03:00.0989 3700 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4
2011/06/13 19:03:01.0005 3700 ================================================================================
2011/06/13 19:03:01.0005 3700 Scan finished
2011/06/13 19:03:01.0005 3700 ================================================================================
2011/06/13 19:03:01.0036 3532 Detected object count: 1
2011/06/13 19:03:01.0036 3532 Actual detected object count: 1
2011/06/13 19:03:06.0209 3532 LockedFile.Multi.Generic(sptd) - User select action: Skip

[Broni]

That looks good :)

Please download Rootkit Unhooker from one of the following links and save it to your desktop.

Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)

In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

• Double-click on RKUnhookerLE.exe to start the program.
  Vista/Windows 7 users right-click and select Run As Administrator.
  
• Click the Report tab, then click Scan.
  
• Check Drivers, Stealth, and uncheck the rest.
  
• Click OK.
  
• Wait until it's finished and then go to File > Save Report.
  
• Save the report to your Desktop.
  
• Copy and paste the contents of the report into your next reply.

-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

=============================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Please, never rename Combofix unless instructed.
  
• Close any open browsers.
  
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.
  
  • Close any open browsers.
    
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
• Double click on combofix.exe & follow the prompts.
  
• When finished, it will produce a report for you.
  
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: http://www.appremover.com/
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

• Double-click on the Rkill desktop icon to run the tool.
  
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  
• If not, delete the file, then download and use the one provided in Link 2.
  
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  
• Do not reboot until instructed.
  
• If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

[teehee]

Hi i have installed the program as you asked but I am unable to run it as my computer keeps crashing before it has a chance to finish the scan and produce the report. I have tried in safe mode but it the scan never seems to complete even after waiting for hours. Any suggestions?

Teehee

[Broni]

Are you talking about RKUnhooker, or Combofix?

[teehee]

combofix

[Broni]

You're supposed to run RKUnhooker first.
I'd like to see its log.

[teehee]

Hi mate im sorry. I totally forgot that i'd already run this scan. Here are the results:

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>Drivers
==============================================
0xEE4AD000 C:\WINDOWS\system32\drivers\RtkHDAud.sys 4464640 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)
0xBF0DF000 C:\WINDOWS\System32\ati3duag.dll 2375680 bytes (ATI Technologies Inc. , ati3duag.dll)
0xBF323000 C:\WINDOWS\System32\ativvaxx.dll 2359296 bytes (ATI Technologies Inc. , Radeon Video Acceleration Universal Driver)
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2069376 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2069376 bytes
0x804D7000 RAW 2069376 bytes
0x804D7000 WMIxWDM 2069376 bytes
0xBF800000 Win32k 1859584 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1859584 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF6FDC000 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 1744896 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Miniport Driver)
0xF6CDE000 C:\WINDOWS\system32\DRIVERS\btkrnl.sys 1323008 bytes (Broadcom Corporation., Bluetooth Bus Enumerator)
0xF747F000 PCI_PNP0628 1040384 bytes
0xF747F000 spfc.sys 1040384 bytes
0xF747F000 sptd 1040384 bytes
0xEE9A1000 C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 999424 bytes (Conexant Systems, Inc., HSF_DP driver)
0xEE8EF000 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 729088 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xEE0B2000 C:\WINDOWS\System32\Drivers\aswSnx.SYS 458752 bytes (AVAST Software, avast! Virtualization Driver)
0xEE16C000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF6E86000 C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 425984 bytes (Broadcom Corporation, Broadcom 802.11 Network Adapter wireless driver)
0xF6E21000 C:\WINDOWS\System32\Drivers\akeu3z3d.SYS 413696 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xEE1DC000 C:\WINDOWS\system32\drivers\RapportBuka.sys 393216 bytes (Trusteer Ltd., RapportBuka)
0xF6B60000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xEE3D5000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xEB102000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xEE122000 C:\WINDOWS\System32\Drivers\aswSP.SYS 303104 bytes (AVAST Software, avast! self protection module)
0xBF563000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xBF055000 C:\WINDOWS\System32\ati2cqag.dll 286720 bytes (ATI Technologies Inc., Central Memory Manager / Queue Server Module)
0xBF09B000 C:\WINDOWS\System32\atikvmag.dll 278528 bytes (ATI Technologies Inc., Virtual Command And Memory Manager)
0xBF012000 C:\WINDOWS\System32\ati2dvag.dll 274432 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Display Driver)
0xEB256000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xEE377000 C:\WINDOWS\system32\DRIVERS\tcpip6.sys 229376 bytes (Microsoft Corporation, IPv6 driver)
0xEEA95000 C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 208896 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0xEB387000 C:\WINDOWS\system32\drivers\btslbcsp.sys 204800 bytes (Broadcom Corporation., Bluetooth Serial Driver for Windows 2000)
0xF6BBE000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF6F29000 C:\WINDOWS\system32\DRIVERS\SynTP.sys 196608 bytes (Synaptics, Inc., Synaptics Touchpad Driver)
0xF7439000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xEB701000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF72CE000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xF7368000 dac2w2k.sys 180224 bytes (Mylex Corporation, Mylex Disk Array Controller Driver)
0xEE262000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF6F59000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows ® Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xEE34F000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF73C5000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xEE3AF000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xEE23C000 C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys 155648 bytes (Trusteer Ltd., RapportPG)
0xF7312000 Fastfat.sys 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xEE489000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF6FA4000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF6F81000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xEE32D000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806D1000 ACPI_HAL 131840 bytes
0x806D1000 C:\WINDOWS\system32\hal.dll 131840 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF7348000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF73EB000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF740A000 pcmcia.sys 122880 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0xF72B4000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF7394000 adpu160m.sys 102400 bytes (Microsoft Corporation, Adaptec Ultra160 SCSI miniport)
0xF73AD000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xEE072000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF7467000 C:\WINDOWS\System32\Drivers\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xEBC6B000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (AVAST Software, avast! File System Filter Driver for Windows XP)
0xF72FB000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF6C9F000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xEB9D6000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF6EEE000 C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 81920 bytes (Realtek Semiconductor Corporation , Realtek 10/100/1000 NDIS 5.1 Driver )
0xF6F15000 C:\WINDOWS\system32\DRIVERS\sdbus.sys 81920 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xF6FC8000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xF6F02000 C:\WINDOWS\system32\DRIVERS\ESM7SK.sys 77824 bytes (ENE Technology Inc., ENE PCI SmartMedia / XD Card Reader Driver)
0xEE42E000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBA283000 C:\WINDOWS\system32\Drivers\psdvdisk.sys 77824 bytes (HiTRUST, PSD Virtual Disk Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF7336000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xEB245000 C:\WINDOWS\system32\drivers\int15.sys 69632 bytes
0xF7428000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF6C8E000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF71B6000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF77DE000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF780E000 C:\WINDOWS\system32\DRIVERS\EMS7SK.sys 65536 bytes (ENE Technology Inc., ENE PCI Memory Stick Card Reader Driver)
0xF78BE000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF71F6000 C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys 61440 bytes (Trusteer Ltd., RapportEI)
0xF77EE000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xEBB4B000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF78AE000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF76DE000 aic78u2.sys 57344 bytes (Microsoft Corporation, Adaptec Ultra2 SCSI miniport)
0xF76AE000 aic78xx.sys 57344 bytes (Microsoft Corporation, Adaptec Ultra SCSI miniport)
0xF77BE000 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 57344 bytes (Advanced Micro Devices, AMD Processor Driver)
0xEBA6B000 C:\WINDOWS\system32\drivers\swmidi.sys 57344 bytes (Microsoft Corporation, Microsoft GS Wavetable Synthesizer)
0xF773E000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xEBA3B000 C:\WINDOWS\system32\drivers\DMusic.sys 53248 bytes (Microsoft Corporation, Microsoft Kernel DLS Synthesizer)
0xF77FE000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF71E6000 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\26169\RapportCerberus_26169.sys 53248 bytes (Trusteer Ltd., RapportCerberus)
0xF782E000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF769E000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF771E000 ql12160.sys 49152 bytes (QLogic Corporation, Miniport Driver for QLogic ISP PCI Adapters)
0xF770E000 ql1280.sys 49152 bytes (QLogic Corporation, Miniport Driver for QLogic ISP PCI Adapters)
0xF784E000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF779E000 agp440.sys 45056 bytes (Microsoft Corporation, 440 NT AGP Filter)
0xF77AE000 agpCPQ.sys 45056 bytes (Microsoft Corporation, CompatNT AGP Filter)
0xF777E000 alim1541.sys 45056 bytes (Microsoft Corporation, ALi M1541 NT AGP Filter)
0xF778E000 amdagp.sys 45056 bytes (Advanced Micro Devices, Inc., AMD Win2000 AGP Filter)
0xF71D6000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF77CE000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF768E000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF783E000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF776E000 viaagp.sys 45056 bytes (Microsoft Corporation, VIA NT AGP Filter)
0xF78CE000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (AVAST Software, avast! TDI Filter Driver)
0xF781E000 C:\WINDOWS\system32\DRIVERS\ESD7SK.sys 40960 bytes (ENE Technology Inc., ENE PCI Secure Digital / MMC Card Reader Driver)
0xF767E000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF787E000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF774E000 PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF76FE000 ql1080.sys 40960 bytes (QLogic Corporation, Miniport Driver for QLogic ISP PCI Adapters)
0xF76CE000 ql1240.sys 40960 bytes (Microsoft Corporation, QLogic ISP PCI Adapters)
0xF775E000 sisagp.sys 40960 bytes (Silicon Integrated Systems Corporation, SiS NT AGP Filter)
0xF786E000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xEB2EF000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0xF772E000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF78EE000 C:\WINDOWS\system32\drivers\ip6fw.sys 36864 bytes (Microsoft Corporation, IPv6 Windows Firewall Driver)
0xBA4AE000 C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 36864 bytes (Microsoft Corporation, IP FILTER DRIVER)
0xF785E000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF7216000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xF76BE000 ql10wnt.sys 36864 bytes (Microsoft Corporation, Miniport Driver for QLogic ISP PCI Adapters)
0xF76EE000 ultra.sys 36864 bytes (Promise Technology, Inc., Promise Ultra66 Miniport Driver)
0xF78DE000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF7A56000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF79BE000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7A46000 C:\WINDOWS\system32\Drivers\psdfilter.sys 32768 bytes (HiTRUST, PSD Filter Driver)
0xF792E000 symc8xx.sys 32768 bytes (LSI Logic, Symbios 8XX SCSI Miniport Driver)
0xF793E000 sym_u3.sys 32768 bytes (LSI Logic, Symbios Ultra3 SCSI Miniport Driver)
0xF79E6000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7916000 asc.sys 28672 bytes (Advanced System Products, Inc., AdvanSys SCSI Controller Driver)
0xF79A6000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF7966000 hpn.sys 28672 bytes (Microsoft Corporation, NetRAID-4M Miniport Driver)
0xF78FE000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF795E000 perc2.sys 28672 bytes (Microsoft Corporation, PERC 2 Miniport Driver)
0xF7A76000 C:\WINDOWS\system32\DRIVERS\RimSerial.sys 28672 bytes (Research in Motion Ltd, RIM Virtual Serial Driver)
0xF7936000 sym_hi.sys 28672 bytes (LSI Logic, Symbios Hi-Perf SCSI Miniport Driver)
0xF7A0E000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xF79D6000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (AVAST Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xF7946000 ABP480N5.SYS 24576 bytes (Microsoft Corporation, AdvanSys SCSI Controller Driver)
0xF794E000 asc3350p.sys 24576 bytes (Microsoft Corporation, AdvanSys SCSI Card Driver)
0xF7A26000 C:\WINDOWS\system32\drivers\btserial.sys 24576 bytes (Broadcom Corporation., Bluetooth Serial Driver for Windows 2000)
0xF79EE000 C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF79FE000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF7A06000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF79AE000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF79C6000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (AVAST Software, avast! TDI RDR Driver)
0xF79F6000 C:\WINDOWS\system32\DRIVERS\DKbFltr.sys 20480 bytes (Dritek System Inc., Dritek PS2 Keyboard Filter Driver)
0xF7956000 dpti2o.sys 20480 bytes (Microsoft Corporation, DPT SmartRAID miniport)
0xF7926000 i2omp.sys 20480 bytes (Microsoft Corporation, I2O Miniport Driver)
0xF791E000 mraid35x.sys 20480 bytes (American Megatrends Inc., MegaRAID RAID Controller Driver for Windows Whistler 32)
0xF79B6000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF7906000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7A66000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF7A6E000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF790E000 sparrow.sys 20480 bytes (Adaptec, Inc., Adaptec AIC-6x60 series SCSI miniport)
0xF7A5E000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF79DE000 C:\WINDOWS\system32\DRIVERS\usbohci.sys 20480 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0xF7A16000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF7AA6000 aha154x.sys 16384 bytes (Microsoft Corporation, Adaptec AHA-154x series SCSI miniport)
0xF7AB6000 asc3550.sys 16384 bytes (Advanced System Products, Inc., AdvanSys Ultra-Wide PCI SCSI Driver)
0xF7A96000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xF7ABE000 cbidf2k.sys 16384 bytes (Microsoft Corporation, CardBus/PCMCIA IDE Miniport Driver)
0xF7288000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xF7AA2000 cpqarray.sys 16384 bytes (Microsoft Corporation, Compaq Drive Array Controllers SCSI Miniport Driver)
0xF7AAE000 dac960nt.sys 16384 bytes (Microsoft Corporation, Mylex Disk Array Controller Driver)
0xF7ABA000 ini910u.sys 16384 bytes (Microsoft Corporation, INITIO ini910u SCSI miniport)
0xEE04E000 C:\WINDOWS\system32\drivers\mbam.sys 16384 bytes (Malwarebytes Corporation, Malwarebytes' Anti-Malware)
0xEB16A000 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0xF7268000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xEBEDA000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF7AAA000 symc810.sys 16384 bytes (Symbios Logic Inc., Symbios Logic Inc. SCSI Miniport Driver)
0xF7A9E000 UBHelper.sys 16384 bytes
0xF7A9A000 ACPIEC.sys 12288 bytes (Microsoft Corporation, ACPI Embedded Controller Driver)
0xF7AB2000 amsint.sys 12288 bytes (Microsoft Corporation, AMD SCSI/NET Controller)
0xEE04A000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (AVAST Software, avast! File System Access Blocking Driver)
0xF7A8E000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF7A92000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xF6AF4000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF7B5E000 C:\WINDOWS\System32\Drivers\i2omgmt.SYS 12288 bytes (Microsoft Corporation, I2O Utility Filter)
0xF7280000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF7B66000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7B46000 C:\WINDOWS\system32\DRIVERS\tunmp.sys 12288 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0xEB0FE000 C:\WINDOWS\system32\drivers\tvicport.sys 12288 bytes (EnTech Taiwan, TVicPort Driver for Windows NT/2000/XP)
0xF7284000 C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0xF7B82000 aliide.sys 8192 bytes (Acer Laboratories Inc., ALi mini IDE Driver)
0xF7BAC000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7B8E000 cd20xrnt.sys 8192 bytes (Microsoft Corporation, IBM Portable CD-ROM Drive Miniport)
0xF7B8A000 cmdide.sys 8192 bytes (CMD Technology, Inc., CMD PCI IDE Bus Driver)
0xF7B8C000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF7BB8000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7BAA000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7B84000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0xF7B7E000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7BAE000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7B94000 C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys 8192 bytes (NewTech Infosystems, Inc., NTI CD-ROM Filter Driver)
0xF7B90000 perc2hib.sys 8192 bytes (Microsoft Corporation, PERC 2 Hibernate Driver)
0xF7BB0000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7BA2000 C:\WINDOWS\System32\Drivers\RootMdm.sys 8192 bytes (Microsoft Corporation, Legacy Non-Pnp Modem Device Driver)
0xF7BBC000 C:\WINDOWS\system32\drivers\splitter.sys 8192 bytes (Microsoft Corporation, Microsoft Kernel Audio Splitter)
0xF7BA4000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7B86000 toside.sys 8192 bytes (Microsoft Corporation, Toshiba PCI IDE Controller)
0xF7B96000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7B88000 viaide.sys 8192 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xF7B80000 C:\WINDOWS\System32\Drivers\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7D6D000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7D93000 C:\WINDOWS\system32\drivers\drmkaud.sys 4096 bytes (Microsoft Corporation, Microsoft Kernel DRM Audio Descrambler Filter)
0xF7D26000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7228000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7C47000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
0xF7C46000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xF7C5B000 C:\WINDOWS\system32\drivers\zntport.sys 4096 bytes (Zeal SoftStudio, zntport)
0x837CE1F8 unknown_irp_handler 3592 bytes
0x837D11F8 unknown_irp_handler 3592 bytes
0x8376A1F8 unknown_irp_handler 3592 bytes
0x8375E1F8 unknown_irp_handler 3592 bytes
0x837671F8 unknown_irp_handler 3592 bytes
0x837D21F8 unknown_irp_handler 3592 bytes
0x837691F8 unknown_irp_handler 3592 bytes
0x837D51F8 unknown_irp_handler 3592 bytes
0x832C71F8 unknown_irp_handler 3592 bytes
0x837631F8 unknown_irp_handler 3592 bytes
0x837681F8 unknown_irp_handler 3592 bytes
0x8376E1F8 unknown_irp_handler 3592 bytes
0x832EA1F8 unknown_irp_handler 3592 bytes
0x837D71F8 unknown_irp_handler 3592 bytes
0x837D41F8 unknown_irp_handler 3592 bytes
0x837661F8 unknown_irp_handler 3592 bytes
0x837DC1F8 unknown_irp_handler 3592 bytes
0x832D31F8 unknown_irp_handler 3592 bytes
0x837E01F8 unknown_irp_handler 3592 bytes
0x835D21F8 unknown_irp_handler 3592 bytes
0x832821F8 unknown_irp_handler 3592 bytes
0x833601F8 unknown_irp_handler 3592 bytes
0x834B5408 unknown_irp_handler 3064 bytes
0x834C2500 unknown_irp_handler 2816 bytes
==============================================
>Stealth
==============================================
WARNING: File locked for read access [C:\WINDOWS\system32\drivers\sptd.sys]

[Broni]

That looks good.

Delete your Combofix file, download fresh one and try again.
Run rKill first, then Combofix.
If normal mode won't work, try the same from Safe Mode (rKill + Combofix)

[teehee]

Hi guys,

Im still not having any success with combofix. Ive been trying now for the past two days but to no avail. Any ideas?

[Broni]

OK, please update me on your current computer issues.

Then....

Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/

• Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  
• An icon will be created on your desktop. Double-click that icon to launch the program.
  
• If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superanti...efinitions.html.)
  
• Close SUPERAntiSpyware.

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

• Open SUPERAntiSpyware.
  
• Under "Configuration and Preferences", click the Preferences button.
  
• Click the Scanning Control tab.
  
• Under Scanner Options make sure the following are checked (leave all others unchecked):
  
  • Close browsers before scanning.
    
  • Terminate memory threats before quarantining.
• Click the "Close" button to leave the control center screen.
  
• Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  
• On the left, make sure you check C:\Fixed Drive.
  
• On the right, under "Complete Scan", choose Perform Complete Scan.
  
• Click "Next" to start the scan. Please be patient while it scans your computer.
  
• After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  
• Make sure everything has a checkmark next to it and click "Next".
  
• A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  
• If asked if you want to reboot, click "Yes".
  
• To retrieve the removal information after reboot, launch SUPERAntispyware again.
  
  • Click Preferences, then click the Statistics/Logs tab.
    
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    
  • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    
  • Copy and paste the Scan Log results in your next reply.
• Click Close to exit the program.

Post SUPERAntiSpyware log.

[teehee]

Recently Ive been having alot of problems with my pc (viruses). I am pretty sure it started when i streamed some the nba playoffs. I downloaded spybot and managed to get rid of most of the problems, however recently my computer keeps producing the same bsod more or less 5 minutes after opening any program. All of my programs have dissapeared from my start menu as well as everything in my external hard drive which was connected at the time (this was also the case when starting my pc in safe mode). Im pretty sure the files are still there as the both my pc and hard drive still appear as containg files. Since then all the spyware programs I have installed from you reccomendations now appear in the start menu and on my desktop. I will attach the superantispyware log in my next post.

[teehee]

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/16/2011 at 05:24 PM

Application Version : 4.54.1000

Core Rules Database Version : 7274
Trace Rules Database Version: 5086

Scan type : Complete Scan
Total Scan Time : 06:43:24

Memory items scanned : 217
Memory threats detected : 0
Registry items scanned : 6826
Registry threats detected : 1
File items scanned : 104259
File threats detected : 0

System.BrokenFileAssociation
HKCR\.exe

[Broni]

May I assume, that your only issue at this moment are BSODs?

Download Bootkit Remover to your Desktop.

• You then need to extract the remover.exe file from the RAR using a program capable of extracing RAR compressed files. If you don't have an extraction program, you can use 7-Zip: http://www.7-zip.org/
  
• After extracing remover.exe to your Desktop, double-click on remover.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator).
  
• It will show a Black screen with some data on it.
  
• Right click on the screen and click Select All.
  
• Press CTRL+C
  
• Open a Notepad and press CTRL+V
  
• Post the output back here.

===============================================================================

Download BlueScreenView (in Zip file)
No installation required.
Unzip downloaded file and double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit>Select All.
Go File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

[teehee]

.\debug.cpp(238) : Debug log started at 17.06.2011 - 08:24:12
.\boot_cleaner.cpp(527) : Bootkit Remover
.\boot_cleaner.cpp(528) : © 2009 eSage Lab
.\boot_cleaner.cpp(529) : www.esagelab.com
.\boot_cleaner.cpp(533) : Program version: 1.2.0.0
.\boot_cleaner.cpp(540) : OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)
.\debug.cpp(248) : **********************************************
.\debug.cpp(249) : *** [ LOADED MODULES INFORMATION ] ***********
.\debug.cpp(250) : **********************************************
.\debug.cpp(256) : 0x804d7000 0x001f9380 "\WINDOWS\system32\ntkrnlpa.exe"
.\debug.cpp(256) : 0x806d1000 0x00020300 "\WINDOWS\system32\hal.dll"
.\debug.cpp(256) : 0xf7b7e000 0x00002000 "\WINDOWS\system32\KDCOM.DLL"
.\debug.cpp(256) : 0xf7a8e000 0x00003000 "\WINDOWS\system32\BOOTVID.dll"
.\debug.cpp(256) : 0xf767e000 0x00009000 "BlackBox.sys"
.\debug.cpp(256) : 0xf747f000 0x000fe000 "spey.sys"
.\debug.cpp(256) : 0xf7b80000 0x00002000 "\WINDOWS\System32\Drivers\WMILIB.SYS"
.\debug.cpp(256) : 0xf7467000 0x00018000 "\WINDOWS\System32\Drivers\SCSIPORT.SYS"
.\debug.cpp(256) : 0xf7439000 0x0002e000 "ACPI.sys"
.\debug.cpp(256) : 0xf7428000 0x00011000 "pci.sys"
.\debug.cpp(256) : 0xf768e000 0x0000a000 "isapnp.sys"
.\debug.cpp(256) : 0xf7a92000 0x00003000 "compbatt.sys"
.\debug.cpp(256) : 0xf7a96000 0x00004000 "\WINDOWS\system32\DRIVERS\BATTC.SYS"
.\debug.cpp(256) : 0xf7c46000 0x00001000 "pciide.sys"
.\debug.cpp(256) : 0xf78fe000 0x00007000 "\WINDOWS\system32\DRIVERS\PCIIDEX.SYS"
.\debug.cpp(256) : 0xf7b82000 0x00002000 "aliide.sys"
.\debug.cpp(256) : 0xf7b84000 0x00002000 "intelide.sys"
.\debug.cpp(256) : 0xf7b86000 0x00002000 "toside.sys"
.\debug.cpp(256) : 0xf7b88000 0x00002000 "viaide.sys"
.\debug.cpp(256) : 0xf7b8a000 0x00002000 "cmdide.sys"
.\debug.cpp(256) : 0xf740a000 0x0001e000 "pcmcia.sys"
.\debug.cpp(256) : 0xf769e000 0x0000b000 "MountMgr.sys"
.\debug.cpp(256) : 0xf73eb000 0x0001f000 "ftdisk.sys"
.\debug.cpp(256) : 0xf7b8c000 0x00002000 "dmload.sys"
.\debug.cpp(256) : 0xf73c5000 0x00026000 "dmio.sys"
.\debug.cpp(256) : 0xf7a9a000 0x00003000 "ACPIEC.sys"
.\debug.cpp(256) : 0xf7c47000 0x00001000 "\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS"
.\debug.cpp(256) : 0xf7906000 0x00005000 "PartMgr.sys"
.\debug.cpp(256) : 0xf7a9e000 0x00004000 "UBHelper.sys"
.\debug.cpp(256) : 0xf76ae000 0x0000d000 "VolSnap.sys"
.\debug.cpp(256) : 0xf7aa2000 0x00004000 "cpqarray.sys"
.\debug.cpp(256) : 0xf73ad000 0x00018000 "atapi.sys"
.\debug.cpp(256) : 0xf7aa6000 0x00004000 "aha154x.sys"
.\debug.cpp(256) : 0xf790e000 0x00005000 "sparrow.sys"
.\debug.cpp(256) : 0xf7aaa000 0x00004000 "symc810.sys"
.\debug.cpp(256) : 0xf76be000 0x0000e000 "aic78xx.sys"
.\debug.cpp(256) : 0xf7aae000 0x00004000 "dac960nt.sys"
.\debug.cpp(256) : 0xf76ce000 0x00009000 "ql10wnt.sys"
.\debug.cpp(256) : 0xf7ab2000 0x00003000 "amsint.sys"
.\debug.cpp(256) : 0xf7916000 0x00007000 "asc.sys"
.\debug.cpp(256) : 0xf7ab6000 0x00004000 "asc3550.sys"
.\debug.cpp(256) : 0xf791e000 0x00005000 "mraid35x.sys"
.\debug.cpp(256) : 0xf7926000 0x00005000 "i2omp.sys"
.\debug.cpp(256) : 0xf7aba000 0x00004000 "ini910u.sys"
.\debug.cpp(256) : 0xf76de000 0x0000a000 "ql1240.sys"
.\debug.cpp(256) : 0xf76ee000 0x0000e000 "aic78u2.sys"
.\debug.cpp(256) : 0xf792e000 0x00008000 "symc8xx.sys"
.\debug.cpp(256) : 0xf7936000 0x00007000 "sym_hi.sys"
.\debug.cpp(256) : 0xf793e000 0x00008000 "sym_u3.sys"
.\debug.cpp(256) : 0xf7946000 0x00006000 "ABP480N5.SYS"
.\debug.cpp(256) : 0xf794e000 0x00006000 "asc3350p.sys"
.\debug.cpp(256) : 0xf7b8e000 0x00002000 "cd20xrnt.sys"
.\debug.cpp(256) : 0xf76fe000 0x00009000 "ultra.sys"
.\debug.cpp(256) : 0xf7394000 0x00019000 "adpu160m.sys"
.\debug.cpp(256) : 0xf7956000 0x00005000 "dpti2o.sys"
.\debug.cpp(256) : 0xf770e000 0x0000a000 "ql1080.sys"
.\debug.cpp(256) : 0xf771e000 0x0000c000 "ql1280.sys"
.\debug.cpp(256) : 0xf772e000 0x0000c000 "ql12160.sys"
.\debug.cpp(256) : 0xf795e000 0x00007000 "perc2.sys"
.\debug.cpp(256) : 0xf7b90000 0x00002000 "perc2hib.sys"
.\debug.cpp(256) : 0xf7966000 0x00007000 "hpn.sys"
.\debug.cpp(256) : 0xf7abe000 0x00004000 "cbidf2k.sys"
.\debug.cpp(256) : 0xf7368000 0x0002c000 "dac2w2k.sys"
.\debug.cpp(256) : 0xf773e000 0x00009000 "disk.sys"
.\debug.cpp(256) : 0xf774e000 0x0000d000 "\WINDOWS\system32\DRIVERS\CLASSPNP.SYS"
.\debug.cpp(256) : 0xf7348000 0x00020000 "fltmgr.sys"
.\debug.cpp(256) : 0xf7336000 0x00012000 "sr.sys"
.\debug.cpp(256) : 0xf775e000 0x0000a000 "PxHelp20.sys"
.\debug.cpp(256) : 0xf7312000 0x00024000 "Fastfat.sys"
.\debug.cpp(256) : 0xf72fb000 0x00017000 "KSecDD.sys"
.\debug.cpp(256) : 0xf72ce000 0x0002d000 "NDIS.sys"
.\debug.cpp(256) : 0xf776e000 0x0000a000 "sisagp.sys"
.\debug.cpp(256) : 0xf777e000 0x0000b000 "viaagp.sys"
.\debug.cpp(256) : 0xf72b4000 0x0001a000 "Mup.sys"
.\debug.cpp(256) : 0xf778e000 0x0000b000 "alim1541.sys"
.\debug.cpp(256) : 0xf779e000 0x0000b000 "amdagp.sys"
.\debug.cpp(256) : 0xf77ae000 0x0000b000 "agp440.sys"
.\debug.cpp(256) : 0xf77be000 0x0000b000 "agpCPQ.sys"
.\debug.cpp(256) : 0xf7b46000 0x00003000 "\SystemRoot\system32\DRIVERS\tunmp.sys"
.\debug.cpp(256) : 0xf77ce000 0x0000e000 "\SystemRoot\system32\DRIVERS\AmdK8.sys"
.\debug.cpp(256) : 0xf6fdc000 0x001aa000 "\SystemRoot\system32\DRIVERS\ati2mtag.sys"
.\debug.cpp(256) : 0xf6fc8000 0x00014000 "\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS"
.\debug.cpp(256) : 0xf79de000 0x00005000 "\SystemRoot\system32\DRIVERS\usbohci.sys"
.\debug.cpp(256) : 0xf6fa4000 0x00024000 "\SystemRoot\system32\DRIVERS\USBPORT.SYS"
.\debug.cpp(256) : 0xf79e6000 0x00008000 "\SystemRoot\system32\DRIVERS\usbehci.sys"
.\debug.cpp(256) : 0xf77de000 0x0000b000 "\SystemRoot\system32\DRIVERS\imapi.sys"
.\debug.cpp(256) : 0xf77ee000 0x00010000 "\SystemRoot\system32\DRIVERS\cdrom.sys"
.\debug.cpp(256) : 0xf77fe000 0x0000f000 "\SystemRoot\system32\DRIVERS\redbook.sys"
.\debug.cpp(256) : 0xf6f81000 0x00023000 "\SystemRoot\system32\DRIVERS\ks.sys"
.\debug.cpp(256) : 0xf7b94000 0x00002000 "\SystemRoot\system32\DRIVERS\NTIDrvr.sys"
.\debug.cpp(256) : 0xf79ee000 0x00006000 "\SystemRoot\System32\Drivers\GEARAspiWDM.sys"
.\debug.cpp(256) : 0xf6f59000 0x00028000 "\SystemRoot\system32\DRIVERS\HDAudBus.sys"
.\debug.cpp(256) : 0xf780e000 0x0000d000 "\SystemRoot\system32\DRIVERS\i8042prt.sys"
.\debug.cpp(256) : 0xf79f6000 0x00005000 "\SystemRoot\system32\DRIVERS\DKbFltr.sys"
.\debug.cpp(256) : 0xf79fe000 0x00006000 "\SystemRoot\system32\DRIVERS\kbdclass.sys"
.\debug.cpp(256) : 0xf6f29000 0x00030000 "\SystemRoot\system32\DRIVERS\SynTP.sys"
.\debug.cpp(256) : 0xf7b96000 0x00002000 "\SystemRoot\system32\DRIVERS\USBD.SYS"
.\debug.cpp(256) : 0xf7a06000 0x00006000 "\SystemRoot\system32\DRIVERS\mouclass.sys"
.\debug.cpp(256) : 0xf781e000 0x00010000 "\SystemRoot\system32\DRIVERS\EMS7SK.sys"
.\debug.cpp(256) : 0xf6f15000 0x00014000 "\SystemRoot\system32\DRIVERS\sdbus.sys"
.\debug.cpp(256) : 0xf6f02000 0x00013000 "\SystemRoot\system32\DRIVERS\ESM7SK.sys"
.\debug.cpp(256) : 0xf782e000 0x0000a000 "\SystemRoot\system32\DRIVERS\ESD7SK.sys"
.\debug.cpp(256) : 0xf6eee000 0x00014000 "\SystemRoot\system32\DRIVERS\Rtnicxp.sys"
.\debug.cpp(256) : 0xf6e86000 0x00068000 "\SystemRoot\system32\DRIVERS\bcmwl5.sys"
.\debug.cpp(256) : 0xf6e21000 0x00065000 "\SystemRoot\System32\Drivers\a05f55yu.SYS"
.\debug.cpp(256) : 0xf71e8000 0x00004000 "\SystemRoot\system32\DRIVERS\CmBatt.sys"
.\debug.cpp(256) : 0xf71e4000 0x00003000 "\SystemRoot\system32\DRIVERS\wmiacpi.sys"
.\debug.cpp(256) : 0xf6cde000 0x00143000 "\SystemRoot\system32\DRIVERS\btkrnl.sys"
.\debug.cpp(256) : 0xf7d6d000 0x00001000 "\SystemRoot\system32\DRIVERS\audstub.sys"
.\debug.cpp(256) : 0xf7ba2000 0x00002000 "\SystemRoot\System32\Drivers\RootMdm.sys"
.\debug.cpp(256) : 0xf7a56000 0x00008000 "\SystemRoot\System32\Drivers\Modem.SYS"
.\debug.cpp(256) : 0xf783e000 0x0000d000 "\SystemRoot\system32\DRIVERS\rasl2tp.sys"
.\debug.cpp(256) : 0xf71e0000 0x00003000 "\SystemRoot\system32\DRIVERS\ndistapi.sys"
.\debug.cpp(256) : 0xf6c9f000 0x00017000 "\SystemRoot\system32\DRIVERS\ndiswan.sys"
.\debug.cpp(256) : 0xf784e000 0x0000b000 "\SystemRoot\system32\DRIVERS\raspppoe.sys"
.\debug.cpp(256) : 0xf785e000 0x0000c000 "\SystemRoot\system32\DRIVERS\raspptp.sys"
.\debug.cpp(256) : 0xf7a5e000 0x00005000 "\SystemRoot\system32\DRIVERS\TDI.SYS"
.\debug.cpp(256) : 0xf6bee000 0x00011000 "\SystemRoot\system32\DRIVERS\psched.sys"
.\debug.cpp(256) : 0xf786e000 0x00009000 "\SystemRoot\system32\DRIVERS\msgpc.sys"
.\debug.cpp(256) : 0xf7a66000 0x00005000 "\SystemRoot\system32\DRIVERS\ptilink.sys"
.\debug.cpp(256) : 0xf7a6e000 0x00005000 "\SystemRoot\system32\DRIVERS\raspti.sys"
.\debug.cpp(256) : 0xf7a76000 0x00007000 "\SystemRoot\system32\DRIVERS\RimSerial.sys"
.\debug.cpp(256) : 0xf6bbe000 0x00030000 "\SystemRoot\system32\DRIVERS\rdpdr.sys"
.\debug.cpp(256) : 0xf787e000 0x0000a000 "\SystemRoot\system32\DRIVERS\termdd.sys"
.\debug.cpp(256) : 0xf7ba4000 0x00002000 "\SystemRoot\system32\DRIVERS\swenum.sys"
.\debug.cpp(256) : 0xf6b60000 0x0005e000 "\SystemRoot\system32\DRIVERS\update.sys"
.\debug.cpp(256) : 0xf71c8000 0x00004000 "\SystemRoot\system32\DRIVERS\mssmbios.sys"
.\debug.cpp(256) : 0xf788e000 0x0000a000 "\SystemRoot\System32\Drivers\NDProxy.SYS"
.\debug.cpp(256) : 0xf78be000 0x0000f000 "\SystemRoot\system32\DRIVERS\usbhub.sys"
.\debug.cpp(256) : 0xeea95000 0x00033000 "\SystemRoot\system32\DRIVERS\HSFHWAZL.sys"
.\debug.cpp(256) : 0xee9a1000 0x000f4000 "\SystemRoot\system32\DRIVERS\HSF_DPV.sys"
.\debug.cpp(256) : 0xee8ef000 0x000b2000 "\SystemRoot\system32\DRIVERS\HSF_CNXT.sys"
.\debug.cpp(256) : 0xee4ad000 0x00442000 "\SystemRoot\system32\drivers\RtkHDAud.sys"
.\debug.cpp(256) : 0xee489000 0x00024000 "\SystemRoot\system32\drivers\portcls.sys"
.\debug.cpp(256) : 0xf78ce000 0x0000f000 "\SystemRoot\system32\drivers\drmk.sys"
.\debug.cpp(256) : 0xf7b62000 0x00003000 "\SystemRoot\System32\Drivers\i2omgmt.SYS"
.\debug.cpp(256) : 0xf7baa000 0x00002000 "\SystemRoot\System32\Drivers\Fs_Rec.SYS"
.\debug.cpp(256) : 0xf7189000 0x00001000 "\SystemRoot\System32\Drivers\Null.SYS"
.\debug.cpp(256) : 0xf7bac000 0x00002000 "\SystemRoot\System32\Drivers\Beep.SYS"
.\debug.cpp(256) : 0xf79a6000 0x00007000 "\SystemRoot\system32\DRIVERS\HIDPARSE.SYS"
.\debug.cpp(256) : 0xf79ae000 0x00006000 "\SystemRoot\System32\drivers\vga.sys"
.\debug.cpp(256) : 0xf7bae000 0x00002000 "\SystemRoot\System32\Drivers\mnmdd.SYS"
.\debug.cpp(256) : 0xf7bb0000 0x00002000 "\SystemRoot\System32\DRIVERS\RDPCDD.sys"
.\debug.cpp(256) : 0xf79b6000 0x00005000 "\SystemRoot\System32\Drivers\Msfs.SYS"
.\debug.cpp(256) : 0xf79be000 0x00008000 "\SystemRoot\System32\Drivers\Npfs.SYS"
.\debug.cpp(256) : 0xf7b6a000 0x00003000 "\SystemRoot\system32\DRIVERS\rasacd.sys"
.\debug.cpp(256) : 0xee42e000 0x00013000 "\SystemRoot\system32\DRIVERS\ipsec.sys"
.\debug.cpp(256) : 0xee3d5000 0x00059000 "\SystemRoot\system32\DRIVERS\tcpip.sys"
.\debug.cpp(256) : 0xf78de000 0x0000a000 "\SystemRoot\System32\Drivers\aswTdi.SYS"
.\debug.cpp(256) : 0xee3af000 0x00026000 "\SystemRoot\system32\DRIVERS\ipnat.sys"
.\debug.cpp(256) : 0xf78ee000 0x00009000 "\SystemRoot\system32\DRIVERS\wanarp.sys"
.\debug.cpp(256) : 0xee377000 0x00038000 "\SystemRoot\system32\DRIVERS\tcpip6.sys"
.\debug.cpp(256) : 0xee34f000 0x00028000 "\SystemRoot\system32\DRIVERS\netbt.sys"
.\debug.cpp(256) : 0xf79c6000 0x00005000 "\SystemRoot\System32\Drivers\aswRdr.SYS"
.\debug.cpp(256) : 0xf72a4000 0x00009000 "\SystemRoot\system32\drivers\ip6fw.sys"
.\debug.cpp(256) : 0xee28d000 0x00022000 "\SystemRoot\System32\drivers\afd.sys"
.\debug.cpp(256) : 0xf7294000 0x00009000 "\SystemRoot\system32\DRIVERS\netbios.sys"
.\debug.cpp(256) : 0xee26b000 0x00022000 "\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS"
.\debug.cpp(256) : 0xf79ce000 0x00006000 "\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS"
.\debug.cpp(256) : 0xee240000 0x0002b000 "\SystemRoot\system32\DRIVERS\rdbss.sys"
.\debug.cpp(256) : 0xee21a000 0x00026000 "\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys"
.\debug.cpp(256) : 0xf7274000 0x0000f000 "\??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys"
.\debug.cpp(256) : 0xf7264000 0x0000d000 "\??\C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\26169\RapportCerberus_26169.sys"
.\debug.cpp(256) : 0xee1ba000 0x00060000 "\??\C:\WINDOWS\system32\drivers\RapportBuka.sys"
.\debug.cpp(256) : 0xee14a000 0x00070000 "\SystemRoot\system32\DRIVERS\mrxsmb.sys"
.\debug.cpp(256) : 0xf7254000 0x0000b000 "\SystemRoot\System32\Drivers\Fips.SYS"
.\debug.cpp(256) : 0xee100000 0x0004a000 "\SystemRoot\System32\Drivers\aswSP.SYS"
.\debug.cpp(256) : 0xee090000 0x00070000 "\SystemRoot\System32\Drivers\aswSnx.SYS"
.\debug.cpp(256) : 0xf7a0e000 0x00006000 "\SystemRoot\System32\Drivers\Aavmker4.SYS"
.\debug.cpp(256) : 0xf7234000 0x00010000 "\SystemRoot\System32\Drivers\Cdfs.SYS"
.\debug.cpp(256) : 0xee050000 0x00018000 "\SystemRoot\System32\Drivers\dump_atapi.sys"
.\debug.cpp(256) : 0xf7bb8000 0x00002000 "\SystemRoot\System32\Drivers\dump_WMILIB.SYS"
.\debug.cpp(256) : 0xbf800000 0x001c6000 "\SystemRoot\System32\win32k.sys"
.\debug.cpp(256) : 0xf6af0000 0x00003000 "\SystemRoot\System32\drivers\Dxapi.sys"
.\debug.cpp(256) : 0xf7a16000 0x00005000 "\SystemRoot\System32\watchdog.sys"
.\debug.cpp(256) : 0xbf000000 0x00012000 "\SystemRoot\System32\drivers\dxg.sys"
.\debug.cpp(256) : 0xf7d21000 0x00001000 "\SystemRoot\System32\drivers\dxgthk.sys"
.\debug.cpp(256) : 0xbf012000 0x00043000 "\SystemRoot\System32\ati2dvag.dll"
.\debug.cpp(256) : 0xbf055000 0x00046000 "\SystemRoot\System32\ati2cqag.dll"
.\debug.cpp(256) : 0xbf09b000 0x00044000 "\SystemRoot\System32\atikvmag.dll"
.\debug.cpp(256) : 0xbf0df000 0x00244000 "\SystemRoot\System32\ati3duag.dll"
.\debug.cpp(256) : 0xbf323000 0x00240000 "\SystemRoot\System32\ativvaxx.dll"
.\debug.cpp(256) : 0xbf563000 0x00047000 "\SystemRoot\System32\ATMFD.DLL"
.\debug.cpp(256) : 0xee481000 0x00004000 "\??\C:\WINDOWS\system32\drivers\mbam.sys"
.\debug.cpp(256) : 0xee471000 0x00003000 "\SystemRoot\System32\Drivers\aswFsBlk.SYS"
.\debug.cpp(256) : 0xee048000 0x00004000 "\SystemRoot\system32\DRIVERS\ndisuio.sys"
.\debug.cpp(256) : 0xebc49000 0x00017000 "\SystemRoot\System32\Drivers\aswMon2.SYS"
.\debug.cpp(256) : 0xeba2c000 0x00015000 "\SystemRoot\system32\drivers\wdmaud.sys"
.\debug.cpp(256) : 0xebbd1000 0x0000f000 "\SystemRoot\system32\drivers\sysaudio.sys"
.\debug.cpp(256) : 0xf7c3e000 0x00002000 "\SystemRoot\system32\drivers\splitter.sys"
.\debug.cpp(256) : 0xebbc1000 0x0000e000 "\SystemRoot\system32\drivers\swmidi.sys"
.\debug.cpp(256) : 0xebbb1000 0x0000d000 "\SystemRoot\system32\drivers\DMusic.sys"
.\debug.cpp(256) : 0xf7d1c000 0x00001000 "\SystemRoot\system32\drivers\drmkaud.sys"
.\debug.cpp(256) : 0xeb595000 0x0002d000 "\SystemRoot\system32\DRIVERS\mrxdav.sys"
.\debug.cpp(256) : 0xf7a26000 0x00006000 "\??\C:\WINDOWS\system32\drivers\btserial.sys"
.\debug.cpp(256) : 0xeb2e9000 0x00032000 "\??\C:\WINDOWS\system32\drivers\btslbcsp.sys"
.\debug.cpp(256) : 0xeb258000 0x00041000 "\SystemRoot\System32\Drivers\HTTP.sys"
.\debug.cpp(256) : 0xeb247000 0x00011000 "\??\C:\WINDOWS\system32\drivers\int15.sys"
.\debug.cpp(256) : 0xeb1c7000 0x00058000 "\SystemRoot\system32\DRIVERS\srv.sys"
.\debug.cpp(256) : 0xeb1a3000 0x00004000 "\SystemRoot\system32\DRIVERS\mdmxsdk.sys"
.\debug.cpp(256) : 0xeb2bd000 0x00003000 "\??\C:\WINDOWS\system32\drivers\tvicport.sys"
.\debug.cpp(256) : 0xf7cc9000 0x00001000 "\??\C:\WINDOWS\system32\drivers\zntport.sys"
.\debug.cpp(256) : 0xf7a46000 0x00008000 "\??\C:\WINDOWS\system32\Drivers\psdfilter.sys"
.\debug.cpp(256) : 0xba1f9000 0x00013000 "\??\C:\WINDOWS\system32\Drivers\psdvdisk.sys"
.\debug.cpp(256) : 0xba00c000 0x0002b000 "\SystemRoot\system32\drivers\kmixer.sys"
.\debug.cpp(256) : 0x7c900000 0x000b2000 "\WINDOWS\System32\ntdll.dll"
.\debug.cpp(256) : 0x10000000 0x000ec000 "\PROGRAM FILES\DAEMON TOOLS LITE\DAEMON.DLL"
.\debug.cpp(263) : **********************************************
.\debug.cpp(307) : *** [ DEVICE OBJECTS INFORMATION ] ***********
.\debug.cpp(308) : **********************************************
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\D:"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDIS"
.\debug.cpp(400) : Destination "\Device\Ndis"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomPIONEER_DVD-RW_DVR-K17RS________________1.00____#46_0444a304c323335345735204c202020202020#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP2T1L0-12"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi3:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{0224657F-192A-47C4-8087-88B841670DB2}"
.\debug.cpp(400) : Destination "\Device\{0224657F-192A-47C4-8087-88B841670DB2}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY1"
.\debug.cpp(400) : Destination "\Device\Video0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#PORTS#0001#{953ad796-1f97-4aac-b0c3-24ea46dfc091}"
.\debug.cpp(400) : Destination "\Device\0000007c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ffbb6e3f-ccfe-4d84-90d9-421418b03a8e}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWSP"
.\debug.cpp(400) : Destination "\Device\aswSP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY2"
.\debug.cpp(400) : Destination "\Device\Video1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{71985f4a-1ca1-11d3-9cc8-00c04f7971e0}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#PORTS#0000#{953ad796-1f97-4aac-b0c3-24ea46dfc091}"
.\debug.cpp(400) : Destination "\Device\0000007b"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{F0EE0843-71E4-47E2-8E77-4D3F48B90107}"
.\debug.cpp(400) : Destination "\Device\{F0EE0843-71E4-47E2-8E77-4D3F48B90107}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{6F80EA0D-4530-44CC-BAFC-A3FB4213172D}"
.\debug.cpp(400) : Destination "\Device\{6F80EA0D-4530-44CC-BAFC-A3FB4213172D}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmIoDaemon"
.\debug.cpp(400) : Destination "\Device\DmControl\DmIoDaemon"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0C#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\00000086"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ip"
.\debug.cpp(400) : Destination "\Device\Ip"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\COM14"
.\debug.cpp(400) : Destination "\??\Root#PORTS#0000#{86e0d1e0-8089-11d0-9ce4-08003e301f73}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PSDVDiskTemp"
.\debug.cpp(400) : Destination "\Device\PSDVDiskTemp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSP_Pot2"
.\debug.cpp(400) : Destination "\Device\aswSP_Pot2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY3"
.\debug.cpp(400) : Destination "\Device\Video2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskTOSHIBA_MK6034GAX_______________________AC101A__#5&112870c4&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP2T0L0-a"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPSECDev"
.\debug.cpp(400) : Destination "\Device\IPSEC"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\E:"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_10250000&REV_1000#4&104fd401&0&0101#{dda54a40-1e4c-11d1-a050-405705c10000}"
.\debug.cpp(400) : Destination "\Device\000000c9"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY4"
.\debug.cpp(400) : Destination "\Device\Video3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000073"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\COM15"
.\debug.cpp(400) : Destination "\??\Root#PORTS#0001#{86e0d1e0-8089-11d0-9ce4-08003e301f73}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0D#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000008a"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDPROXY"
.\debug.cpp(400) : Destination "\Device\NDProxy"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWMON"
.\debug.cpp(400) : Destination "\Device\aswMon"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi4:"
.\debug.cpp(400) : Destination "\Device\Scsi\a05f55yu1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY5"
.\debug.cpp(400) : Destination "\Device\Video4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9aa4a2cc-81e0-4cfd-802f-0f74526d2bd3}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Tun0"
.\debug.cpp(400) : Destination "\Device\Tun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CDR4_XP"
.\debug.cpp(400) : Destination "\Device\PxHelperDevice0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ip6"
.\debug.cpp(400) : Destination "\Device\Ip6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SCSI#CdRom&Ven_BU7120A&Prod_PUI121Z&Rev_1.01#5&36e5972&1&000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Scsi\a05f55yu1Port4Path0Target0Lun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3c0d501a-140b-11d1-b40f-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{fd0a5af4-b41d-11d2-9c95-00c04f7971e0}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MODEM#0000#{2c7089aa-2e0e-11d1-b114-00c04fc2aae4}"
.\debug.cpp(400) : Destination "\Device\00000071"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\RdpDrDvMgr"
.\debug.cpp(400) : Destination "\Device\RdpDrDvMgr"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0A#1#{72631e54-78a4-11d0-bcf7-00aa00b7b32a}"
.\debug.cpp(400) : Destination "\Device\00000089"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_1025010F&REV_0900#4&104fd401&0&0002#{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}"
.\debug.cpp(400) : Destination "\Device\000000c8"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{582D0E8C-5A18-4D00-951B-F7DDB04631FD}"
.\debug.cpp(400) : Destination "\Device\{582D0E8C-5A18-4D00-951B-F7DDB04631FD}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CompositeBattery"
.\debug.cpp(400) : Destination "\Device\CompositeBattery"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WMIDataDevice"
.\debug.cpp(400) : Destination "\Device\WMIDataDevice"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_10250000&REV_1000#4&104fd401&0&0101#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\000000c9"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{746BBAA3-A6D2-44A7-8C4C-5CE0C67AE79C}"
.\debug.cpp(400) : Destination "\Device\{746BBAA3-A6D2-44A7-8C4C-5CE0C67AE79C}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomPIONEER_DVD-RW_DVR-K17RS________________1.00____#46_0444a304c323335345735204c202020202020#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP2T1L0-12"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PIPE"
.\debug.cpp(400) : Destination "\Device\NamedPipe"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTKRNL"
.\debug.cpp(400) : Destination "\Device\BTKRNL"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{2eb07ea0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&fab2443&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\000000a5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\COM3"
.\debug.cpp(400) : Destination "\Device\Winachsf0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSnx"
.\debug.cpp(400) : Destination "\Device\aswSnx"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&Signature379C7ACBOffset789313E00Length66FC7C200#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\G:"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PSched"
.\debug.cpp(400) : Destination "\Device\PSched"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UNC"
.\debug.cpp(400) : Destination "\Device\Mup"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPNAT"
.\debug.cpp(400) : Destination "\Device\IPNAT"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_1025010F&REV_0900#4&104fd401&0&0002#{2c7089aa-2e0e-11d1-b114-00c04fc2aae4}"
.\debug.cpp(400) : Destination "\Device\000000c8"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{0a4252a0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{4BBFA4DC-2805-4B76-8988-A2792FE23040}"
.\debug.cpp(400) : Destination "\Device\{4BBFA4DC-2805-4B76-8988-A2792FE23040}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\GEARAspiWDMDevice"
.\debug.cpp(400) : Destination "\Device\GEARAspiWDMDevice"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD0"
.\debug.cpp(400) : Destination "\Device\USBFDO-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWTDI"
.\debug.cpp(400) : Destination "\Device\ASWTDI"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Tcp"
.\debug.cpp(400) : Destination "\Device\Tcp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\I2OExec"
.\debug.cpp(400) : Destination "\Device\I2OExec"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgrMsg"
.\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgrMsg"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LCD"
.\debug.cpp(400) : Destination "\Device\VideoPdo0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10EC&DEV_8139&SUBSYS_010F1025&REV_10#4&fcf0450&0&10A4#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0024"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD1"
.\debug.cpp(400) : Destination "\Device\USBFDO-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000007a"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{DDE36970-F60C-4E9E-8268-26F8CFBFB84F}"
.\debug.cpp(400) : Destination "\Device\{DDE36970-F60C-4E9E-8268-26F8CFBFB84F}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive0"
.\debug.cpp(400) : Destination "\Device\Harddisk0\DR0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ConexantDiagnosticsServer"
.\debug.cpp(400) : Destination "\Device\ConexantDiagnosticsServer"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PRN"
.\debug.cpp(400) : Destination "\DosDevices\LPT1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\rapport_service_early_injection"
.\debug.cpp(400) : Destination "\Device\rapport_service_early_injection"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD2"
.\debug.cpp(400) : Destination "\Device\USBFDO-2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{7273CF7E-FE7B-4A27-A363-BBFF32F0CFE5}"
.\debug.cpp(400) : Destination "\Device\{7273CF7E-FE7B-4A27-A363-BBFF32F0CFE5}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{23F3EA06-9001-42C9-8FF6-1D4304391D03}"
.\debug.cpp(400) : Destination "\Device\{23F3EA06-9001-42C9-8FF6-1D4304391D03}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{cf1dda2c-9743-11d0-a3ee-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{53172480-4791-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000077"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#*TUNMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000001"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\sysaudio"
.\debug.cpp(400) : Destination "\Device\sysaudio"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\fsWrap"
.\debug.cpp(400) : Destination "\Device\FsWrap"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000076"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0002#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000078"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{97ebaacb-95bd-11d0-a3ea-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom0"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e6bedade-a066-11db-adf3-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTSERIAL"
.\debug.cpp(400) : Destination "\Device\BTSERIAL"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1524&DEV_0551&SUBSYS_010F1025&REV_01#4&fcf0450&0&0CA4#{36fc9e61-c465-11cf-8056-444553540000}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0023"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom1"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#FixedButton#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000008e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Global"
.\debug.cpp(400) : Destination "\GLOBAL??"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\rapport_service_buka"
.\debug.cpp(400) : Destination "\Device\rapport_service_buka"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1002&DEV_4375&SUBSYS_010F1025&REV_80#3&13c0b0c5&0&99#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0008"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PxHelperDevice0"
.\debug.cpp(400) : Destination "\Device\PxHelperDevice0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Pcmcia0"
.\debug.cpp(400) : Destination "\Device\Pcmcia0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTSLBCSP"
.\debug.cpp(400) : Destination "\Device\BTSLBCSP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_10250000&REV_1000#4&104fd401&0&0101#{86841137-ed8e-4d97-9975-f2ed56b4430e}"
.\debug.cpp(400) : Destination "\Device\000000c9"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&360dbfd6&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#ThermalZone#THRM#{4afa3d51-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000008c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3e227e76-690d-11d2-8161-0000f8775bf1}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomPIONEER_DVD-RW_DVR-K17RS________________1.00____#46_0444a304c323335345735204c202020202020#{1186654d-47b8-48b9-beb9-7df113ae3c67}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP2T1L0-12"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_10250000&REV_1000#4&104fd401&0&0101#{65e8773e-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\000000c9"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HSF_MDMDevice0"
.\debug.cpp(400) : Destination "\Device\HSF_MDMDevice0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNPA000#4&5d18f2df&0#{2accfe60-c130-11d2-b082-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\00000090"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\int15"
.\debug.cpp(400) : Destination "\Device\int15"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\rapport_cerberus"
.\debug.cpp(400) : Destination "\Device\rapport_cerberus_v2_26169"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1002&DEV_5975&SUBSYS_010F1025&REV_00#4&2c0d4f31&0&2808#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0026"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{07dad660-22f1-11d1-a9f4-00c04fbbde8f}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\rapport_service_process_guard"
.\debug.cpp(400) : Destination "\Device\rapport_service_process_guard"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#AuthenticAMD_-_x86_Family_15_Model_76#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\00000085"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MountPointManager"
.\debug.cpp(400) : Destination "\Device\MountPointManager"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e6bedadc-a066-11db-adf3-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO Soft Data Fax Modem with SmartCP"
.\debug.cpp(400) : Destination "\Device\000000c8"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\zntport"
.\debug.cpp(400) : Destination "\Device\zntport"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AAVMKER4"
.\debug.cpp(400) : Destination "\Device\AavmKer4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&fab2443&0#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\000000a5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MbDlDp32"
.\debug.cpp(400) : Destination "\Device\PxHelperDevice0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmConfig"
.\debug.cpp(400) : Destination "\Device\DmControl\DmConfig"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0E#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000008b"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WanArp"
.\debug.cpp(400) : Destination "\Device\WANARP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&29c2c6ea&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ftdisk#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\00000006"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USNTracker"
.\debug.cpp(400) : Destination "\Device\USNTracker"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\TVicPortDevice0"
.\debug.cpp(400) : Destination "\Device\TVicPortDevice0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1002&DEV_4374&SUBSYS_010F1025&REV_80#3&13c0b0c5&0&98#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0007"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmTrace"
.\debug.cpp(400) : Destination "\Device\DmControl\DmTrace"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SASKUTIL"
.\debug.cpp(400) : Destination "\Device\SASKUTIL"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Dritek_KB_Filter"
.\debug.cpp(400) : Destination "\Device\Dritek_KB_Filter"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISWANIP"
.\debug.cpp(400) : Destination "\Device\NdisWanIp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#dmio#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\00000005"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{27b0b192-c1df-11dc-af20-0016369708f8}"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi0:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1524&DEV_0520&SUBSYS_010F1025&REV_01#4&fcf0450&0&0BA4#{36fc9e60-c465-11cf-8056-444553540000}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0022"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#PORTS#0001#{86e0d1e0-8089-11d0-9ce4-08003e301f73}"
.\debug.cpp(400) : Destination "\Device\0000007c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e6bedadd-a066-11db-adf3-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&Signature379C7ACBOffset1384C7A00Length650E4C400#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#PORTS#0000#{86e0d1e0-8089-11d0-9ce4-08003e301f73}"
.\debug.cpp(400) : Destination "\Device\0000007b"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_10250000&REV_1000#4&104fd401&0&0101#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\000000c9"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{4747b320-62ce-11cf-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000075"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK1"
.\debug.cpp(400) : Destination "\Device\ParTechInc0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}"
.\debug.cpp(400) : Destination "\Device\00000080"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISTAPI"
.\debug.cpp(400) : Destination "\Device\NdisTapi"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NdisWan"
.\debug.cpp(400) : Destination "\Device\NdisWan"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi1:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPMULTICAST"
.\debug.cpp(400) : Destination "\Device\IPMULTICAST"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MICH_AZ0"
.\debug.cpp(400) : Destination "\Device\MICH_AZ0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{5F1E9F71-AA81-429F-87B4-FDC457E34003}"
.\debug.cpp(400) : Destination "\Device\{5F1E9F71-AA81-429F-87B4-FDC457E34003}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK2"
.\debug.cpp(400) : Destination "\Device\ParTechInc1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NTIDrvr"
.\debug.cpp(400) : Destination "\Device\NTIDrvr"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmLoader"
.\debug.cpp(400) : Destination "\Device\DmLoader"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Shadow"
.\debug.cpp(400) : Destination "\Device\LanmanRedirector"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK3"
.\debug.cpp(400) : Destination "\Device\ParTechInc2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SABDIFSV"
.\debug.cpp(400) : Destination "\Device\SASDIFSV"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ip6fw"
.\debug.cpp(400) : Destination "\Device\Ip6fw"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgr"
.\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgr"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FtControl"
.\debug.cpp(400) : Destination "\Device\FtControl"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\C:"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSP_Avar"
.\debug.cpp(400) : Destination "\Device\aswSP_Avar"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PSDVDisk"
.\debug.cpp(400) : Destination "\Device\PSDVDisk"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MAILSLOT"
.\debug.cpp(400) : Destination "\Device\MailSlot"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MBAMProtector"
.\debug.cpp(400) : Destination "\Device\MBAMProtector"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AUX"
.\debug.cpp(400) : Destination "\DosDevices\COM1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWRDR"
.\debug.cpp(400) : Destination "\Device\ASWRDR"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SCSI#CdRom&Ven_BU7120A&Prod_PUI121Z&Rev_1.01#5&36e5972&1&000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Scsi\a05f55yu1Port4Path0Target0Lun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ndisuio"
.\debug.cpp(400) : Destination "\Device\Ndisuio"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Standard Modem"
.\debug.cpp(400) : Destination "\Device\00000071"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\GLOBALROOT"
.\debug.cpp(400) : Destination ""
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_MOU#0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\0000007f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi2:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NUL"
.\debug.cpp(400) : Destination "\Device\Null"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1002&DEV_4373&SUBSYS_010F1025&REV_80#3&13c0b0c5&0&9A#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0009"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_14E4&DEV_4318&SUBSYS_03121468&REV_02#4&fcf0450&0&20A4#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0025"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#PORTS#0001#{34699dc2-f125-4490-ae54-e7db91946f9e}"
.\debug.cpp(400) : Destination "\Device\0000007c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SYNTP"
.\debug.cpp(400) : Destination "\Device\SynTP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_KBD#0000#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\0000007e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1524&DEV_0530&SUBSYS_010F1025&REV_01#4&fcf0450&0&09A4#{36fc9e60-c465-11cf-8056-444553540000}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0020"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#PORTS#0000#{34699dc2-f125-4490-ae54-e7db91946f9e}"
.\debug.cpp(400) : Destination "\Device\0000007b"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UBHelper0"
.\debug.cpp(400) : Destination "\Device\UBHelper0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#SYN1003#4&fab2443&0#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\000000a6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&1b299a2&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UBHelper1"
.\debug.cpp(400) : Destination "\Device\UBHelper1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmInfo"
.\debug.cpp(400) : Destination "\Device\DmControl\DmInfo"
.\debug.cpp(409) : --
.\debug.cpp(453) : **********************************************
.\boot_cleaner.cpp(565) : System volume is \\.\C:
.\boot_cleaner.cpp(600) : \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000001`384c7a00
.\boot_cleaner.cpp(276) : Boot sector MD5 is: 7c47d39b31ef9830828d5f8aa4780dfd
.\boot_cleaner.cpp(1060) :
.\boot_cleaner.cpp(1061) : Size Device Name MBR Status
.\boot_cleaner.cpp(1062) : --------------------------------------------
.\boot_cleaner.cpp(1106) : 55 GB \\.\PhysicalDrive0 Unknown boot code
.\boot_cleaner.cpp(1112) :
.\boot_cleaner.cpp(1118) : Unknown boot code has been found on some of your physical disks.
.\boot_cleaner.cpp(1120) : To inspect the boot code manually, dump the master boot sector:
.\boot_cleaner.cpp(1121) : remover.exe dump <device_name> [output_file]
.\boot_cleaner.cpp(1125) : To disinfect the master boot sector, use the following command:
.\boot_cleaner.cpp(1126) : remover.exe fix <device_name>
.\boot_cleaner.cpp(1129) :
.\boot_cleaner.cpp(1151) : Done;


bsod:

==================================================
Dump File : Mini061711-02.dmp
Crash Time : 17/06/2011 09:13:26
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061711-02.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061711-01.dmp
Crash Time : 16/06/2011 19:47:40
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a518e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a518e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061711-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061611-08.dmp
Crash Time : 16/06/2011 17:42:48
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061611-08.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061611-07.dmp
Crash Time : 16/06/2011 09:40:18
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a518e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a518e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061611-07.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061611-06.dmp
Crash Time : 16/06/2011 09:08:56
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061611-06.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061611-05.dmp
Crash Time : 16/06/2011 08:51:00
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6b598e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6b598e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061611-05.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061611-04.dmp
Crash Time : 16/06/2011 08:35:36
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6b698e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6b698e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061611-04.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061611-03.dmp
Crash Time : 16/06/2011 08:15:36
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061611-03.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061611-02.dmp
Crash Time : 16/06/2011 08:00:14
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a898e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a898e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061611-02.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061611-01.dmp
Crash Time : 16/06/2011 07:42:36
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061611-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061511-02.dmp
Crash Time : 15/06/2011 12:04:42
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061511-02.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061511-01.dmp
Crash Time : 15/06/2011 11:47:30
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061511-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061411-09.dmp
Crash Time : 14/06/2011 22:55:42
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061411-09.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061411-08.dmp
Crash Time : 14/06/2011 22:13:26
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061411-08.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061411-07.dmp
Crash Time : 14/06/2011 21:53:32
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6b4b8e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6b4b8e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061411-07.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061411-06.dmp
Crash Time : 14/06/2011 21:30:06
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6b438e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6b438e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061411-06.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061411-05.dmp
Crash Time : 14/06/2011 09:59:42
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061411-05.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061411-04.dmp
Crash Time : 14/06/2011 09:45:10
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061411-04.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061411-03.dmp
Crash Time : 14/06/2011 09:30:36
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061411-03.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061411-02.dmp
Crash Time : 14/06/2011 08:30:20
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061411-02.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061411-01.dmp
Crash Time : 14/06/2011 08:14:12
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a518e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a518e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061411-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061311-09.dmp
Crash Time : 13/06/2011 19:55:28
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061311-09.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061311-08.dmp
Crash Time : 13/06/2011 19:39:18
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061311-08.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061311-07.dmp
Crash Time : 13/06/2011 19:13:42
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6b338e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6b338e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061311-07.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061311-06.dmp
Crash Time : 13/06/2011 18:53:56
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6b798e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6b798e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061311-06.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061311-05.dmp
Crash Time : 13/06/2011 18:30:48
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061311-05.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061311-04.dmp
Crash Time : 13/06/2011 17:37:42
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061311-04.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061311-03.dmp
Crash Time : 13/06/2011 16:40:18
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf79718e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf79718e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061311-03.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061311-02.dmp
Crash Time : 13/06/2011 08:36:14
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061311-02.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061311-01.dmp
Crash Time : 13/06/2011 08:22:18
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061311-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061211-01.dmp
Crash Time : 12/06/2011 11:35:04
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6b3b8e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6b3b8e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061211-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061111-07.dmp
Crash Time : 11/06/2011 18:18:34
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061111-07.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061111-06.dmp
Crash Time : 11/06/2011 11:41:42
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061111-06.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061111-05.dmp
Crash Time : 11/06/2011 11:23:02
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061111-05.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061111-04.dmp
Crash Time : 11/06/2011 09:54:34
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061111-04.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061111-03.dmp
Crash Time : 11/06/2011 01:11:46
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061111-03.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061111-02.dmp
Crash Time : 11/06/2011 00:55:24
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061111-02.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061111-01.dmp
Crash Time : 11/06/2011 00:38:36
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf79518e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf79518e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061111-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061011-06.dmp
Crash Time : 10/06/2011 23:24:26
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a498e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a498e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061011-06.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061011-05.dmp
Crash Time : 10/06/2011 23:08:54
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a418e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a418e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061011-05.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061011-04.dmp
Crash Time : 10/06/2011 22:53:38
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a318e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a318e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061011-04.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061011-03.dmp
Crash Time : 10/06/2011 22:17:28
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a218e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a218e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061011-03.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061011-02.dmp
Crash Time : 10/06/2011 08:48:44
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a398e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a398e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061011-02.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini061011-01.dmp
Crash Time : 09/06/2011 15:36:18
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6b538e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6b538e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061011-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060911-02.dmp
Crash Time : 09/06/2011 15:17:10
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a318e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a318e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060911-02.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060911-01.dmp
Crash Time : 09/06/2011 15:03:08
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a318e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a318e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060911-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060811-10.dmp
Crash Time : 08/06/2011 16:08:02
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6b718e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6b718e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060811-10.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060811-09.dmp
Crash Time : 08/06/2011 15:41:54
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a318e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a318e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060811-09.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060811-08.dmp
Crash Time : 08/06/2011 15:23:42
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6b538e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6b538e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060811-08.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060811-07.dmp
Crash Time : 08/06/2011 14:34:32
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a318e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a318e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060811-07.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060811-06.dmp
Crash Time : 08/06/2011 13:20:24
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a298e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a298e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060811-06.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060811-05.dmp
Crash Time : 08/06/2011 12:02:10
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a318e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a318e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060811-05.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060811-04.dmp
Crash Time : 08/06/2011 04:26:02
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a298e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a298e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060811-04.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060811-03.dmp
Crash Time : 08/06/2011 04:12:36
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a298e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a298e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060811-03.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060811-02.dmp
Crash Time : 08/06/2011 03:58:54
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a298e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a298e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060811-02.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini060811-01.dmp
Crash Time : 08/06/2011 03:44:44
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf7a318e0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf7a318e0
Caused By Driver : psdfilter.sys
Caused By Address : psdfilter.sys+38e0
File Description : PSD Filter Driver
Product Name :
Company : HiTRUST
File Version : 2, 2, 0, 10
Processor : 32-bit
Crash Address : psdfilter.sys+38e0
Stack Address 1 : ntoskrnl.exe+28eaf
Stack Address 2 : ntoskrnl.exe+6ac3d
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini060811-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

[Broni]

It looks, like psdfilter.sys is the culprit. That file is a part of Acer eDataSecurity Management PSD Filter Driver by HiTRUST.
Download and install fresh copy: http://support.acer-...gy/utility.html
Let me know, if it helped.

[teehee]

Hey broni thanks for the advice, it is really appreciated. My pc seems to have stopped crashing now, do you have any idea why my programs have not been restored to the start menu. Also my hard drives (including external) still appear empty when i click on them even though in properties they are shown as having files in them.

[Broni]

I'm glad to see good news regarding BSODs :)

As for the other issues, we'll keep working on those...

Let's see, if we can recover your missing features.
Download and run UnHide

Then, delete your Combofix file, download new one and see, if it'll run now.;

[teehee]

Hi mate, the unhide program worked fine and now I can finally see everything. However the combofix still does not seem to work. Everytime I run it the freezes (i am guessing it freezes as the sytem clock stops running). Would you advise me to keep all of the spyware programs I have downloaded or is there one more important than the others?