Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Operating memory - Win32/Olmarik.TDL4 [Solved]

Started by JulieJean , Jan 17 2012 09:14 AM

  • This topic is locked This topic is locked

#16
JulieJean
Posted 18 January 2012 - 01:38 PM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
i double clicked combo fix and nothing happens.
  • 0

Advertisements

#17
JulieJean
Posted 18 January 2012 - 01:39 PM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
sorry, i meant to say, nothing happens after i click run.
  • 0

#18
Essexboy
Posted 18 January 2012 - 01:57 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK burn GParted on another computer and then retry - If that should fail, I am just composing instructions for another method
  • 0

#19
JulieJean
Posted 18 January 2012 - 04:00 PM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
i burned on a new machine and this helped. I was able to select the partition, but 1 click is all i get and the application freezes. Did this 3 times with same result trying to access different features.

Will await for further instruction that you are working on. Many thanks!
  • 0

#20
Essexboy
Posted 18 January 2012 - 04:13 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK

TDSSKiller has just been updated to possibly cure this - so I will give the instructions for that first. If it fails I will include a second option as I am going offline soon

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Option 2 if it should fail

We will use an mobile operating system called xPUD, and a script called tdl_fix.sh to reset the active partition .

On the clean computer.

Creating a bootable USB using xPUD
  • Please download the following files and save it to the desktop
  • Insert the USB device to make bootable to the computer. (Make sure that no other USB's are inserted)
  • Double-click on unetbootin.exe to run
  • Select Disk Image, ISO and in the space provided, enter the path location of xpud-0.9.2.iso (ex. C:\Documents and Settings\yourusername\Desktop\xpud-0.9.2.iso)
  • Select USB Drive type and the drive letter assigned to your USB stick.
  • Click "OK" and wait until the program finishes. You now have a bootable xPUD.
  • Download to the USB tdl_fix.sh

Please note: if you prefer to create a bootable CD using xPUD, you may download the ISO image found here and burn it to a CD.



  • Boot into xPUD then click the File tab.
  • Press File
  • Expand mnt
  • Click on the folder under mnt that represents your USB drive (sdb1 ?)
  • You should see the tdl_fix.sh file in the main window.
    Posted Image
  • Select Tool from the Menu
  • Choose Open Terminal
  • Type bash tdl_fix.sh then press Enter.
  • Read the warning then type y and press Enter to continue.
  • Type sda then press Enter when prompted.
  • You will be shown a list of partitions to choose marking active.
  • Type 2 then press Enter.
  • If you are presented with a warning about no bootloader files, type n then press Enter to choose another. If this happens, type 3 to select partition 3 then press Enter.
  • When you receive no warning about bootloader files but are presented with another view of the partition structure and asked if it looks correct, type y then press Enter.
  • The script will complete and prompt you to reboot the computer.
  • Close the Terminal window and restart back into Windows.
  • Post the contents of the tdl_fix.txt file that was created on your flash drive and let me know how the computer is behaving.

Note - in the event there is a problem booting the computer normally after running the script, run the tdl_fix.sh script again using the following command.

bash tdl_fix.sh -restore

Make sure to leave a space to either side of tdl_fix.sh in the command.
This will prompt you to use the file tdl_mbr_sda.bin on drive sda.
Ok the procedure then restart when complete.
This is a backup of the original mbr and will restore it to it's current state.


Partition Deletion

  • Boot into xPUD then click the File tab.
  • Press File
  • Expand mnt
  • Click on the folder under mnt that represents your USB drive (sdb1 ?)
  • You should see the tdl_fix.sh file in the main window.
  • Select Tool from the Menu
  • Choose Open Terminal
  • Type bash tdl_fix.sh -delete then press Enter.
  • ** Make sure to leave a space to either side of tdl_fix.sh in the command.
  • You should be notified of a hidden partition found and prompted to delete it.
  • Type y then press Enter.
  • The script will complete and prompt you to reboot the computer.
  • Close the Terminal window and restart back into Windows.
  • Post the contents of the tdl_delete.txt file that was created on your flash drive.

Note - in the event there is a problem booting the computer normally after running the script, run the tdl_fix.sh script again using the following command.

bash tdl_fix.sh -restore

Make sure to leave a space to either side of tdl_fix.sh in the command.
This will prompt you to use the file tdl_mbr_sda.bin on drive sda.
Ok the procedure then restart when complete.
  • 0

#21
JulieJean
Posted 18 January 2012 - 04:46 PM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Option 1 had me skip all and not cure. Here is the log file:


17:39:12.0093 2680 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24
17:39:12.0359 2680 ============================================================
17:39:12.0359 2680 Current date / time: 2012/01/18 17:39:12.0359
17:39:12.0359 2680 SystemInfo:
17:39:12.0359 2680
17:39:12.0359 2680 OS Version: 5.1.2600 ServicePack: 3.0
17:39:12.0359 2680 Product type: Workstation
17:39:12.0359 2680 ComputerName: FRONTDSKTHKCTR
17:39:12.0359 2680 UserName: Owner
17:39:12.0359 2680 Windows directory: C:\WINDOWS
17:39:12.0359 2680 System windows directory: C:\WINDOWS
17:39:12.0359 2680 Processor architecture: Intel x86
17:39:12.0359 2680 Number of processors: 2
17:39:12.0359 2680 Page size: 0x1000
17:39:12.0359 2680 Boot type: Normal boot
17:39:12.0359 2680 ============================================================
17:39:13.0687 2680 Drive \Device\Harddisk0\DR0 - Size: 0x12A2480000 (74.54 Gb), SectorSize: 0x200, Cylinders: 0x2602, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:39:13.0703 2680 Initialize success
17:39:43.0937 3120 ============================================================
17:39:43.0937 3120 Scan started
17:39:43.0937 3120 Mode: Manual; SigCheck; TDLFS;
17:39:43.0937 3120 ============================================================
17:39:44.0156 3120 Abiosdsk - ok
17:39:44.0187 3120 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:39:44.0437 3120 abp480n5 - ok
17:39:44.0562 3120 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
17:39:44.0671 3120 ac97intc - ok
17:39:44.0781 3120 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:39:44.0875 3120 ACPI - ok
17:39:44.0906 3120 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:39:45.0000 3120 ACPIEC - ok
17:39:45.0015 3120 ADIHdAudAddService (45e7a5e6963fa9d69cb85f50a271e3df) C:\WINDOWS\system32\drivers\ADIHdAud.sys
17:39:45.0046 3120 ADIHdAudAddService - ok
17:39:45.0062 3120 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:39:45.0187 3120 adpu160m - ok
17:39:45.0234 3120 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:39:45.0328 3120 aec - ok
17:39:45.0343 3120 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
17:39:45.0421 3120 AFD - ok
17:39:45.0437 3120 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:39:45.0531 3120 agp440 - ok
17:39:45.0687 3120 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:39:45.0781 3120 agpCPQ - ok
17:39:45.0796 3120 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:39:45.0859 3120 Aha154x - ok
17:39:45.0906 3120 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:39:46.0000 3120 aic78u2 - ok
17:39:46.0015 3120 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:39:46.0109 3120 aic78xx - ok
17:39:46.0125 3120 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:39:46.0234 3120 AliIde - ok
17:39:46.0328 3120 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:39:46.0421 3120 alim1541 - ok
17:39:46.0453 3120 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:39:46.0562 3120 amdagp - ok
17:39:46.0656 3120 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:39:46.0703 3120 amsint - ok
17:39:46.0734 3120 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:39:46.0843 3120 asc - ok
17:39:46.0875 3120 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:39:46.0937 3120 asc3350p - ok
17:39:46.0953 3120 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:39:47.0062 3120 asc3550 - ok
17:39:47.0171 3120 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:39:47.0250 3120 AsyncMac - ok
17:39:47.0296 3120 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:39:47.0375 3120 atapi - ok
17:39:47.0375 3120 Atdisk - ok
17:39:47.0421 3120 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:39:47.0515 3120 Atmarpc - ok
17:39:47.0531 3120 atmeltpm (dbf0d7e2df33b469eb55406fea759350) C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
17:39:47.0593 3120 atmeltpm - ok
17:39:47.0593 3120 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:39:47.0687 3120 audstub - ok
17:39:47.0703 3120 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:39:47.0812 3120 Beep - ok
17:39:47.0843 3120 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:39:47.0921 3120 cbidf - ok
17:39:47.0937 3120 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:39:48.0015 3120 cbidf2k - ok
17:39:48.0031 3120 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:39:48.0078 3120 cd20xrnt - ok
17:39:48.0093 3120 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:39:48.0187 3120 Cdaudio - ok
17:39:48.0328 3120 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:39:48.0421 3120 Cdfs - ok
17:39:48.0562 3120 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:39:48.0671 3120 Cdrom - ok
17:39:48.0687 3120 Changer - ok
17:39:48.0718 3120 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:39:48.0812 3120 CmdIde - ok
17:39:48.0843 3120 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:39:51.0281 3120 Cpqarray - ok
17:39:51.0406 3120 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:39:51.0515 3120 dac2w2k - ok
17:39:51.0656 3120 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:39:51.0781 3120 dac960nt - ok
17:39:51.0921 3120 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:39:52.0000 3120 Disk - ok
17:39:52.0031 3120 DLABOIOM (35cbc02546335ea41a5d516da6626c8a) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
17:39:52.0062 3120 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
17:39:52.0062 3120 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
17:39:52.0093 3120 DLACDBHM (ec6ae8bc9f773382d2eed49e4dfdae2a) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
17:39:52.0109 3120 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
17:39:52.0109 3120 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
17:39:52.0125 3120 DLADResN (19e3db16de2bb3db81b172a78d140b03) C:\WINDOWS\system32\DLA\DLADResN.SYS
17:39:52.0140 3120 DLADResN ( UnsignedFile.Multi.Generic ) - warning
17:39:52.0140 3120 DLADResN - detected UnsignedFile.Multi.Generic (1)
17:39:52.0156 3120 DLAIFS_M (e4859ca5bd8412a9a60d62067a653522) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
17:39:52.0156 3120 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
17:39:52.0156 3120 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
17:39:52.0171 3120 DLAOPIOM (20c24a3d1cf0825487c93f806625805e) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
17:39:52.0203 3120 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
17:39:52.0203 3120 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
17:39:52.0234 3120 DLAPoolM (8a530da5dc81954bcf1966813f699b49) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
17:39:52.0234 3120 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
17:39:52.0234 3120 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
17:39:52.0265 3120 DLARTL_N (0605b66052f82b6f07204dbdb61c13ff) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
17:39:52.0281 3120 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
17:39:52.0281 3120 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
17:39:52.0359 3120 DLAUDFAM (7eda68af6a91bf64af6f301e39928ebf) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
17:39:52.0375 3120 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
17:39:52.0375 3120 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
17:39:52.0390 3120 DLAUDF_M (a18423bbc6d92b01fdf3c51e7510ee70) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
17:39:52.0406 3120 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
17:39:52.0406 3120 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
17:39:52.0437 3120 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:39:52.0578 3120 dmboot - ok
17:39:52.0609 3120 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:39:52.0718 3120 dmio - ok
17:39:52.0750 3120 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:39:52.0859 3120 dmload - ok
17:39:52.0984 3120 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:39:53.0078 3120 DMusic - ok
17:39:53.0218 3120 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:39:53.0312 3120 dpti2o - ok
17:39:53.0437 3120 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:39:53.0515 3120 drmkaud - ok
17:39:53.0640 3120 DRVMCDB (48c7008d23dcfce0d0232f49307efced) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
17:39:53.0671 3120 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
17:39:53.0671 3120 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
17:39:53.0687 3120 DRVNDDM (05467e44a42c777dd1534bb4539b16d1) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
17:39:53.0718 3120 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
17:39:53.0718 3120 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
17:39:53.0734 3120 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:39:53.0828 3120 E100B - ok
17:39:53.0843 3120 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
17:39:53.0859 3120 e1express - ok
17:39:53.0890 3120 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
17:39:53.0968 3120 eamon - ok
17:39:54.0062 3120 EGATHDRV (2d0fc676d159525f6cd74c3302c7a61c) C:\WINDOWS\SYSTEM32\EGATHDRV.SYS
17:39:54.0078 3120 EGATHDRV ( UnsignedFile.Multi.Generic ) - warning
17:39:54.0078 3120 EGATHDRV - detected UnsignedFile.Multi.Generic (1)
17:39:54.0109 3120 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
17:39:54.0125 3120 ehdrv - ok
17:39:54.0140 3120 epfwtdir (06c65ac0a703cf8eea4f284d901a1550) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
17:39:54.0140 3120 epfwtdir - ok
17:39:54.0171 3120 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:39:54.0281 3120 Fastfat - ok
17:39:54.0343 3120 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:39:54.0453 3120 Fdc - ok
17:39:54.0468 3120 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:39:54.0546 3120 Fips - ok
17:39:54.0578 3120 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:39:54.0687 3120 Flpydisk - ok
17:39:54.0828 3120 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:39:54.0906 3120 FltMgr - ok
17:39:55.0031 3120 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:39:55.0109 3120 Fs_Rec - ok
17:39:55.0140 3120 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:39:55.0234 3120 Ftdisk - ok
17:39:55.0328 3120 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:39:55.0343 3120 GEARAspiWDM - ok
17:39:55.0359 3120 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:39:55.0500 3120 Gpc - ok
17:39:55.0546 3120 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
17:39:55.0578 3120 HdAudAddService - ok
17:39:55.0625 3120 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:39:55.0734 3120 HDAudBus - ok
17:39:55.0796 3120 HECI (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys
17:39:55.0859 3120 HECI - ok
17:39:55.0906 3120 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:39:56.0015 3120 HidUsb - ok
17:39:56.0031 3120 HPFXBULK (d63b7f6b2b992c0b566f44efde620b5d) C:\WINDOWS\system32\drivers\hpfxbulk.sys
17:39:56.0093 3120 HPFXBULK - ok
17:39:56.0125 3120 HPFXFAX (2bdff04d7d9a3cf07d9417cd366756e1) C:\WINDOWS\system32\drivers\hpfxfax.sys
17:39:56.0140 3120 HPFXFAX - ok
17:39:56.0140 3120 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:39:56.0234 3120 hpn - ok
17:39:56.0281 3120 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
17:39:56.0375 3120 HTTP - ok
17:39:56.0390 3120 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:39:56.0484 3120 i2omgmt - ok
17:39:56.0500 3120 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:39:56.0578 3120 i2omp - ok
17:39:56.0703 3120 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:39:56.0812 3120 i8042prt - ok
17:39:56.0953 3120 ialm (2aae7be67911f4aec9ad28e9cfb9096f) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
17:39:57.0234 3120 ialm - ok
17:39:57.0375 3120 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
17:39:57.0421 3120 iaStor - ok
17:39:57.0453 3120 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:39:57.0546 3120 Imapi - ok
17:39:57.0578 3120 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:39:57.0671 3120 ini910u - ok
17:39:57.0718 3120 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:39:57.0812 3120 IntelIde - ok
17:39:57.0828 3120 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:39:57.0921 3120 intelppm - ok
17:39:57.0953 3120 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:39:58.0046 3120 Ip6Fw - ok
17:39:58.0078 3120 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:39:58.0171 3120 IpFilterDriver - ok
17:39:58.0203 3120 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:39:58.0281 3120 IpInIp - ok
17:39:58.0312 3120 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:39:58.0390 3120 IpNat - ok
17:39:58.0546 3120 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:39:58.0640 3120 IPSec - ok
17:39:58.0656 3120 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:39:58.0765 3120 IRENUM - ok
17:39:58.0781 3120 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:39:58.0875 3120 isapnp - ok
17:39:58.0890 3120 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:39:58.0984 3120 Kbdclass - ok
17:39:59.0000 3120 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:39:59.0093 3120 kbdhid - ok
17:39:59.0109 3120 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:39:59.0203 3120 kmixer - ok
17:39:59.0312 3120 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
17:39:59.0390 3120 KSecDD - ok
17:39:59.0406 3120 lbrtfdc - ok
17:39:59.0437 3120 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:39:59.0562 3120 mnmdd - ok
17:39:59.0593 3120 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:39:59.0687 3120 Modem - ok
17:39:59.0703 3120 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:39:59.0796 3120 Mouclass - ok
17:39:59.0812 3120 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:39:59.0906 3120 mouhid - ok
17:39:59.0937 3120 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:40:00.0046 3120 MountMgr - ok
17:40:00.0078 3120 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:40:00.0156 3120 mraid35x - ok
17:40:00.0250 3120 MREMP50 (80b2ec735495823ae5771a5f603e73bd) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
17:40:00.0265 3120 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
17:40:00.0265 3120 MREMP50 - detected UnsignedFile.Multi.Generic (1)
17:40:00.0281 3120 MREMP50a64 - ok
17:40:00.0296 3120 MRESP50 (37d7c22f7e26da90e2d2d260e5d27846) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
17:40:00.0343 3120 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
17:40:00.0343 3120 MRESP50 - detected UnsignedFile.Multi.Generic (1)
17:40:00.0343 3120 MRESP50a64 - ok
17:40:00.0500 3120 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:40:00.0578 3120 MRxDAV - ok
17:40:00.0609 3120 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:40:00.0656 3120 MRxSmb - ok
17:40:00.0796 3120 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:40:00.0890 3120 Msfs - ok
17:40:00.0906 3120 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:40:00.0984 3120 MSKSSRV - ok
17:40:01.0015 3120 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:40:01.0093 3120 MSPCLOCK - ok
17:40:01.0109 3120 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:40:01.0187 3120 MSPQM - ok
17:40:01.0218 3120 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:40:01.0312 3120 mssmbios - ok
17:40:01.0343 3120 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
17:40:01.0421 3120 Mup - ok
17:40:01.0562 3120 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:40:01.0703 3120 NDIS - ok
17:40:01.0718 3120 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:40:01.0812 3120 NdisTapi - ok
17:40:01.0828 3120 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:40:01.0937 3120 Ndisuio - ok
17:40:01.0953 3120 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:40:02.0046 3120 NdisWan - ok
17:40:02.0062 3120 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
17:40:02.0171 3120 NDProxy - ok
17:40:02.0187 3120 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:40:02.0265 3120 NetBIOS - ok
17:40:02.0390 3120 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:40:02.0484 3120 NetBT - ok
17:40:02.0515 3120 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:40:02.0593 3120 Npfs - ok
17:40:02.0625 3120 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:40:02.0750 3120 Ntfs - ok
17:40:02.0765 3120 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:40:02.0875 3120 Null - ok
17:40:02.0937 3120 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:40:03.0078 3120 nv - ok
17:40:03.0203 3120 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:40:03.0421 3120 NwlnkFlt - ok
17:40:03.0453 3120 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:40:03.0546 3120 NwlnkFwd - ok
17:40:03.0593 3120 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:40:03.0687 3120 Parport - ok
17:40:03.0703 3120 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:40:03.0781 3120 PartMgr - ok
17:40:03.0890 3120 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:40:04.0000 3120 ParVdm - ok
17:40:04.0031 3120 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:40:04.0125 3120 PCI - ok
17:40:04.0125 3120 PCIDump - ok
17:40:04.0171 3120 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:40:04.0265 3120 PCIIde - ok
17:40:04.0296 3120 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:40:04.0390 3120 Pcmcia - ok
17:40:04.0390 3120 PDCOMP - ok
17:40:04.0406 3120 PDFRAME - ok
17:40:04.0406 3120 PDRELI - ok
17:40:04.0421 3120 PDRFRAME - ok
17:40:04.0453 3120 pelmouse (e541a80cdffd6077c761b4578efc0450) C:\WINDOWS\system32\DRIVERS\pelmouse.sys
17:40:04.0500 3120 pelmouse - ok
17:40:04.0562 3120 pelusblf (6432858a4493e906a7d61b9b17a0672a) C:\WINDOWS\system32\DRIVERS\pelusblf.sys
17:40:04.0578 3120 pelusblf - ok
17:40:04.0609 3120 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:40:04.0703 3120 perc2 - ok
17:40:04.0781 3120 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:40:04.0875 3120 perc2hib - ok
17:40:04.0890 3120 pmem (dedef40e1d05842639491365cb2c069e) C:\WINDOWS\System32\drivers\pmemnt.sys
17:40:04.0906 3120 pmem ( UnsignedFile.Multi.Generic ) - warning
17:40:04.0906 3120 pmem - detected UnsignedFile.Multi.Generic (1)
17:40:04.0953 3120 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:40:05.0046 3120 PptpMiniport - ok
17:40:05.0109 3120 PROCDD (6f9e6e874fd74ee6dd0bbecde9d3f795) C:\WINDOWS\system32\DRIVERS\PROCDD.SYS
17:40:05.0125 3120 PROCDD ( UnsignedFile.Multi.Generic ) - warning
17:40:05.0125 3120 PROCDD - detected UnsignedFile.Multi.Generic (1)
17:40:05.0156 3120 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
17:40:05.0250 3120 Processor - ok
17:40:05.0296 3120 psadd (fb4c54f3a168b178dabf15eebaed8276) C:\WINDOWS\system32\Drivers\psadd.sys
17:40:05.0312 3120 psadd ( UnsignedFile.Multi.Generic ) - warning
17:40:05.0312 3120 psadd - detected UnsignedFile.Multi.Generic (1)
17:40:05.0359 3120 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:40:05.0437 3120 PSched - ok
17:40:05.0500 3120 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:40:05.0578 3120 Ptilink - ok
17:40:05.0640 3120 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:40:05.0671 3120 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
17:40:05.0671 3120 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
17:40:05.0703 3120 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:40:05.0796 3120 ql1080 - ok
17:40:05.0843 3120 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:40:05.0953 3120 Ql10wnt - ok
17:40:05.0968 3120 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:40:06.0062 3120 ql12160 - ok
17:40:06.0078 3120 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:40:06.0171 3120 ql1240 - ok
17:40:06.0250 3120 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:40:06.0328 3120 ql1280 - ok
17:40:06.0359 3120 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:40:06.0453 3120 RasAcd - ok
17:40:06.0500 3120 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:40:06.0609 3120 Rasl2tp - ok
17:40:06.0609 3120 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:40:06.0703 3120 RasPppoe - ok
17:40:06.0734 3120 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:40:06.0812 3120 Raspti - ok
17:40:06.0859 3120 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:40:06.0968 3120 Rdbss - ok
17:40:06.0984 3120 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:40:07.0062 3120 RDPCDD - ok
17:40:07.0109 3120 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:40:07.0187 3120 rdpdr - ok
17:40:07.0218 3120 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
17:40:07.0328 3120 RDPWD - ok
17:40:07.0343 3120 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:40:07.0421 3120 redbook - ok
17:40:07.0562 3120 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:40:07.0656 3120 Secdrv - ok
17:40:07.0687 3120 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:40:07.0765 3120 serenum - ok
17:40:07.0890 3120 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:40:07.0984 3120 Serial - ok
17:40:08.0000 3120 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:40:08.0109 3120 Sfloppy - ok
17:40:08.0109 3120 Simbad - ok
17:40:08.0156 3120 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:40:08.0250 3120 sisagp - ok
17:40:08.0312 3120 smi2 (3ba9d0c8a0fbd9fb4029b6cd87c8ce0b) C:\Program Files\SMI2\smi2.sys
17:40:08.0343 3120 smi2 ( UnsignedFile.Multi.Generic ) - warning
17:40:08.0343 3120 smi2 - detected UnsignedFile.Multi.Generic (1)
17:40:08.0484 3120 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:40:08.0531 3120 Sparrow - ok
17:40:08.0562 3120 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:40:08.0656 3120 splitter - ok
17:40:08.0671 3120 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:40:08.0796 3120 sr - ok
17:40:08.0828 3120 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
17:40:08.0875 3120 Srv - ok
17:40:08.0890 3120 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:40:09.0000 3120 swenum - ok
17:40:09.0015 3120 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:40:09.0109 3120 swmidi - ok
17:40:09.0234 3120 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:40:09.0328 3120 symc810 - ok
17:40:09.0343 3120 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:40:09.0437 3120 symc8xx - ok
17:40:09.0453 3120 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:40:09.0531 3120 sym_hi - ok
17:40:09.0546 3120 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:40:09.0640 3120 sym_u3 - ok
17:40:09.0671 3120 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:40:09.0765 3120 sysaudio - ok
17:40:09.0781 3120 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:40:09.0875 3120 Tcpip - ok
17:40:09.0968 3120 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:40:10.0078 3120 TDPIPE - ok
17:40:10.0093 3120 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:40:10.0171 3120 TDTCP - ok
17:40:10.0187 3120 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:40:10.0265 3120 TermDD - ok
17:40:10.0312 3120 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:40:10.0390 3120 TosIde - ok
17:40:10.0421 3120 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys
17:40:10.0453 3120 TrueSight ( UnsignedFile.Multi.Generic ) - warning
17:40:10.0453 3120 TrueSight - detected UnsignedFile.Multi.Generic (1)
17:40:10.0484 3120 tvtfilter (dd957007df98aecffaaa2656d4b981e4) C:\WINDOWS\system32\drivers\tvtfilter.sys
17:40:10.0500 3120 tvtfilter ( UnsignedFile.Multi.Generic ) - warning
17:40:10.0500 3120 tvtfilter - detected UnsignedFile.Multi.Generic (1)
17:40:10.0531 3120 TVTPktFilter (0727cce3ff1a4446f4a1d507361567ab) C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys
17:40:10.0578 3120 TVTPktFilter - ok
17:40:10.0671 3120 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:40:10.0765 3120 Udfs - ok
17:40:10.0781 3120 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:40:10.0843 3120 ultra - ok
17:40:10.0890 3120 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:40:10.0984 3120 Update - ok
17:40:11.0109 3120 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:40:11.0203 3120 usbccgp - ok
17:40:11.0218 3120 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:40:11.0312 3120 usbehci - ok
17:40:11.0328 3120 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:40:11.0421 3120 usbhub - ok
17:40:11.0437 3120 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:40:11.0515 3120 usbprint - ok
17:40:11.0531 3120 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:40:11.0640 3120 usbscan - ok
17:40:11.0656 3120 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:40:11.0750 3120 USBSTOR - ok
17:40:11.0765 3120 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:40:11.0875 3120 usbuhci - ok
17:40:12.0015 3120 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:40:12.0093 3120 VgaSave - ok
17:40:12.0125 3120 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:40:12.0218 3120 viaagp - ok
17:40:12.0359 3120 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:40:12.0468 3120 ViaIde - ok
17:40:12.0484 3120 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:40:12.0578 3120 VolSnap - ok
17:40:12.0593 3120 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:40:12.0703 3120 Wanarp - ok
17:40:12.0718 3120 WDICA - ok
17:40:12.0750 3120 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:40:12.0828 3120 wdmaud - ok
17:40:13.0015 3120 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
17:40:13.0109 3120 WpdUsb - ok
17:40:13.0203 3120 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:40:13.0265 3120 WudfPf - ok
17:40:13.0281 3120 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:40:13.0328 3120 WudfRd - ok
17:40:13.0375 3120 MBR (0x1B8) (7cf4d68c96af416bba888eb985d91ba4) \Device\Harddisk0\DR0
17:40:13.0437 3120 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:40:13.0437 3120 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:40:13.0468 3120 Boot (0x1200) (4004489d9cb3e831fa2183db7ba8d927) \Device\Harddisk0\DR0\Partition0
17:40:13.0468 3120 \Device\Harddisk0\DR0\Partition0 - ok
17:40:13.0468 3120 ============================================================
17:40:13.0468 3120 Scan finished
17:40:13.0468 3120 ============================================================
17:40:13.0593 3376 Detected object count: 22
17:40:13.0593 3376 Actual detected object count: 22
17:40:46.0265 3376 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0265 3376 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0265 3376 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0265 3376 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0265 3376 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0265 3376 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 EGATHDRV ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 EGATHDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 pmem ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 pmem ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0281 3376 PROCDD ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0281 3376 PROCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0296 3376 psadd ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0296 3376 psadd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0296 3376 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0296 3376 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0296 3376 smi2 ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0296 3376 smi2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0296 3376 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0296 3376 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0296 3376 tvtfilter ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:46.0296 3376 tvtfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:46.0296 3376 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:40:46.0296 3376 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
17:41:22.0921 3480 ============================================================
17:41:22.0921 3480 Scan started
17:41:22.0921 3480 Mode: Manual; SigCheck; TDLFS;
17:41:22.0921 3480 ============================================================
17:41:23.0109 3480 Abiosdsk - ok
17:41:23.0125 3480 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:41:23.0187 3480 abp480n5 - ok
17:41:23.0203 3480 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
17:41:23.0296 3480 ac97intc - ok
17:41:23.0437 3480 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:41:23.0515 3480 ACPI - ok
17:41:23.0546 3480 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:41:23.0640 3480 ACPIEC - ok
17:41:23.0656 3480 ADIHdAudAddService (45e7a5e6963fa9d69cb85f50a271e3df) C:\WINDOWS\system32\drivers\ADIHdAud.sys
17:41:23.0671 3480 ADIHdAudAddService - ok
17:41:23.0687 3480 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:41:23.0781 3480 adpu160m - ok
17:41:23.0921 3480 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:41:24.0000 3480 aec - ok
17:41:24.0015 3480 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
17:41:24.0031 3480 AFD - ok
17:41:24.0046 3480 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:41:24.0140 3480 agp440 - ok
17:41:24.0156 3480 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:41:24.0234 3480 agpCPQ - ok
17:41:24.0281 3480 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:41:24.0359 3480 Aha154x - ok
17:41:24.0375 3480 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:41:24.0453 3480 aic78u2 - ok
17:41:24.0453 3480 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:41:24.0546 3480 aic78xx - ok
17:41:24.0671 3480 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:41:24.0750 3480 AliIde - ok
17:41:24.0796 3480 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:41:24.0875 3480 alim1541 - ok
17:41:24.0875 3480 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:41:24.0968 3480 amdagp - ok
17:41:25.0000 3480 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:41:25.0031 3480 amsint - ok
17:41:25.0046 3480 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:41:25.0140 3480 asc - ok
17:41:25.0140 3480 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:41:25.0187 3480 asc3350p - ok
17:41:25.0203 3480 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:41:25.0281 3480 asc3550 - ok
17:41:25.0421 3480 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:41:25.0531 3480 AsyncMac - ok
17:41:25.0546 3480 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:41:25.0625 3480 atapi - ok
17:41:25.0703 3480 Atdisk - ok
17:41:25.0750 3480 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:41:25.0828 3480 Atmarpc - ok
17:41:25.0859 3480 atmeltpm (dbf0d7e2df33b469eb55406fea759350) C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
17:41:25.0875 3480 atmeltpm - ok
17:41:25.0875 3480 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:41:25.0953 3480 audstub - ok
17:41:25.0984 3480 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:41:28.0234 3480 Beep - ok
17:41:28.0359 3480 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:41:28.0453 3480 cbidf - ok
17:41:28.0453 3480 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:41:28.0546 3480 cbidf2k - ok
17:41:28.0578 3480 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:41:28.0625 3480 cd20xrnt - ok
17:41:28.0640 3480 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:41:28.0718 3480 Cdaudio - ok
17:41:28.0765 3480 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:41:28.0843 3480 Cdfs - ok
17:41:28.0859 3480 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:41:28.0953 3480 Cdrom - ok
17:41:28.0968 3480 Changer - ok
17:41:29.0015 3480 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:41:29.0093 3480 CmdIde - ok
17:41:29.0109 3480 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:41:29.0218 3480 Cpqarray - ok
17:41:29.0250 3480 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:41:29.0328 3480 dac2w2k - ok
17:41:29.0453 3480 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:41:29.0546 3480 dac960nt - ok
17:41:29.0593 3480 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:41:29.0671 3480 Disk - ok
17:41:29.0703 3480 DLABOIOM (35cbc02546335ea41a5d516da6626c8a) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
17:41:29.0703 3480 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
17:41:29.0703 3480 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
17:41:29.0750 3480 DLACDBHM (ec6ae8bc9f773382d2eed49e4dfdae2a) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
17:41:29.0750 3480 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
17:41:29.0750 3480 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
17:41:29.0765 3480 DLADResN (19e3db16de2bb3db81b172a78d140b03) C:\WINDOWS\system32\DLA\DLADResN.SYS
17:41:29.0781 3480 DLADResN ( UnsignedFile.Multi.Generic ) - warning
17:41:29.0781 3480 DLADResN - detected UnsignedFile.Multi.Generic (1)
17:41:29.0796 3480 DLAIFS_M (e4859ca5bd8412a9a60d62067a653522) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
17:41:29.0812 3480 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
17:41:29.0812 3480 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
17:41:29.0828 3480 DLAOPIOM (20c24a3d1cf0825487c93f806625805e) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
17:41:29.0859 3480 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
17:41:29.0859 3480 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
17:41:29.0875 3480 DLAPoolM (8a530da5dc81954bcf1966813f699b49) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
17:41:29.0906 3480 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
17:41:29.0906 3480 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
17:41:29.0921 3480 DLARTL_N (0605b66052f82b6f07204dbdb61c13ff) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
17:41:29.0937 3480 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
17:41:29.0937 3480 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
17:41:29.0968 3480 DLAUDFAM (7eda68af6a91bf64af6f301e39928ebf) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
17:41:30.0000 3480 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
17:41:30.0000 3480 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
17:41:30.0031 3480 DLAUDF_M (a18423bbc6d92b01fdf3c51e7510ee70) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
17:41:30.0046 3480 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
17:41:30.0046 3480 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
17:41:30.0109 3480 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:41:30.0218 3480 dmboot - ok
17:41:30.0250 3480 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:41:30.0359 3480 dmio - ok
17:41:30.0484 3480 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:41:30.0578 3480 dmload - ok
17:41:30.0625 3480 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:41:30.0718 3480 DMusic - ok
17:41:30.0734 3480 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:41:30.0859 3480 dpti2o - ok
17:41:30.0984 3480 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:41:31.0078 3480 drmkaud - ok
17:41:31.0203 3480 DRVMCDB (48c7008d23dcfce0d0232f49307efced) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
17:41:31.0218 3480 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
17:41:31.0218 3480 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
17:41:31.0234 3480 DRVNDDM (05467e44a42c777dd1534bb4539b16d1) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
17:41:31.0250 3480 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
17:41:31.0250 3480 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
17:41:31.0296 3480 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:41:31.0421 3480 E100B - ok
17:41:31.0453 3480 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
17:41:31.0468 3480 e1express - ok
17:41:31.0546 3480 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
17:41:31.0546 3480 eamon - ok
17:41:31.0609 3480 EGATHDRV (2d0fc676d159525f6cd74c3302c7a61c) C:\WINDOWS\SYSTEM32\EGATHDRV.SYS
17:41:31.0625 3480 EGATHDRV ( UnsignedFile.Multi.Generic ) - warning
17:41:31.0625 3480 EGATHDRV - detected UnsignedFile.Multi.Generic (1)
17:41:31.0656 3480 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
17:41:31.0656 3480 ehdrv - ok
17:41:31.0671 3480 epfwtdir (06c65ac0a703cf8eea4f284d901a1550) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
17:41:31.0687 3480 epfwtdir - ok
17:41:31.0703 3480 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:41:31.0796 3480 Fastfat - ok
17:41:31.0812 3480 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:41:31.0906 3480 Fdc - ok
17:41:31.0937 3480 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:41:32.0031 3480 Fips - ok
17:41:32.0062 3480 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:41:32.0140 3480 Flpydisk - ok
17:41:32.0156 3480 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:41:32.0250 3480 FltMgr - ok
17:41:32.0281 3480 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:41:32.0343 3480 Fs_Rec - ok
17:41:32.0468 3480 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:41:32.0546 3480 Ftdisk - ok
17:41:32.0578 3480 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:41:32.0593 3480 GEARAspiWDM - ok
17:41:32.0593 3480 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:41:32.0671 3480 Gpc - ok
17:41:32.0703 3480 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
17:41:32.0718 3480 HdAudAddService - ok
17:41:32.0812 3480 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:41:32.0921 3480 HDAudBus - ok
17:41:32.0953 3480 HECI (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys
17:41:32.0968 3480 HECI - ok
17:41:33.0015 3480 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:41:33.0093 3480 HidUsb - ok
17:41:33.0125 3480 HPFXBULK (d63b7f6b2b992c0b566f44efde620b5d) C:\WINDOWS\system32\drivers\hpfxbulk.sys
17:41:33.0140 3480 HPFXBULK - ok
17:41:33.0156 3480 HPFXFAX (2bdff04d7d9a3cf07d9417cd366756e1) C:\WINDOWS\system32\drivers\hpfxfax.sys
17:41:33.0156 3480 HPFXFAX - ok
17:41:33.0171 3480 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:41:33.0250 3480 hpn - ok
17:41:33.0281 3480 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
17:41:33.0390 3480 HTTP - ok
17:41:33.0406 3480 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:41:33.0484 3480 i2omgmt - ok
17:41:33.0515 3480 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:41:33.0578 3480 i2omp - ok
17:41:33.0609 3480 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:41:33.0687 3480 i8042prt - ok
17:41:33.0843 3480 ialm (2aae7be67911f4aec9ad28e9cfb9096f) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
17:41:33.0968 3480 ialm - ok
17:41:34.0046 3480 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
17:41:34.0062 3480 iaStor - ok
17:41:34.0093 3480 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:41:34.0187 3480 Imapi - ok
17:41:34.0218 3480 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:41:34.0296 3480 ini910u - ok
17:41:34.0343 3480 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:41:34.0453 3480 IntelIde - ok
17:41:34.0453 3480 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:41:34.0531 3480 intelppm - ok
17:41:34.0546 3480 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:41:34.0656 3480 Ip6Fw - ok
17:41:34.0671 3480 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:41:34.0765 3480 IpFilterDriver - ok
17:41:34.0796 3480 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:41:34.0875 3480 IpInIp - ok
17:41:34.0890 3480 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:41:34.0968 3480 IpNat - ok
17:41:35.0000 3480 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:41:35.0062 3480 IPSec - ok
17:41:35.0109 3480 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:41:35.0203 3480 IRENUM - ok
17:41:35.0234 3480 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:41:35.0312 3480 isapnp - ok
17:41:35.0328 3480 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:41:35.0421 3480 Kbdclass - ok
17:41:35.0546 3480 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:41:35.0671 3480 kbdhid - ok
17:41:35.0687 3480 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:41:35.0812 3480 kmixer - ok
17:41:35.0828 3480 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
17:41:35.0921 3480 KSecDD - ok
17:41:35.0921 3480 lbrtfdc - ok
17:41:35.0953 3480 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:41:36.0031 3480 mnmdd - ok
17:41:36.0078 3480 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:41:36.0187 3480 Modem - ok
17:41:36.0203 3480 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:41:36.0296 3480 Mouclass - ok
17:41:36.0312 3480 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:41:36.0406 3480 mouhid - ok
17:41:36.0546 3480 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:41:36.0625 3480 MountMgr - ok
17:41:36.0656 3480 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:41:36.0734 3480 mraid35x - ok
17:41:36.0828 3480 MREMP50 (80b2ec735495823ae5771a5f603e73bd) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
17:41:36.0828 3480 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
17:41:36.0828 3480 MREMP50 - detected UnsignedFile.Multi.Generic (1)
17:41:36.0828 3480 MREMP50a64 - ok
17:41:36.0828 3480 MRESP50 (37d7c22f7e26da90e2d2d260e5d27846) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
17:41:36.0859 3480 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
17:41:36.0859 3480 MRESP50 - detected UnsignedFile.Multi.Generic (1)
17:41:36.0859 3480 MRESP50a64 - ok
17:41:37.0015 3480 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:41:37.0093 3480 MRxDAV - ok
17:41:37.0125 3480 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:41:37.0140 3480 MRxSmb - ok
17:41:37.0171 3480 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:41:37.0265 3480 Msfs - ok
17:41:37.0312 3480 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:41:37.0406 3480 MSKSSRV - ok
17:41:37.0421 3480 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:41:37.0500 3480 MSPCLOCK - ok
17:41:37.0546 3480 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:41:37.0625 3480 MSPQM - ok
17:41:37.0640 3480 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:41:37.0718 3480 mssmbios - ok
17:41:37.0750 3480 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
17:41:37.0828 3480 Mup - ok
17:41:37.0921 3480 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:41:38.0000 3480 NDIS - ok
17:41:38.0093 3480 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:41:38.0187 3480 NdisTapi - ok
17:41:38.0187 3480 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:41:38.0281 3480 Ndisuio - ok
17:41:38.0296 3480 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:41:38.0390 3480 NdisWan - ok
17:41:38.0515 3480 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
17:41:38.0593 3480 NDProxy - ok
17:41:38.0625 3480 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:41:38.0718 3480 NetBIOS - ok
17:41:38.0734 3480 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:41:38.0828 3480 NetBT - ok
17:41:38.0859 3480 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:41:38.0953 3480 Npfs - ok
17:41:38.0968 3480 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:41:39.0078 3480 Ntfs - ok
17:41:39.0093 3480 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:41:39.0187 3480 Null - ok
17:41:39.0250 3480 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:41:39.0359 3480 nv - ok
17:41:39.0437 3480 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:41:39.0531 3480 NwlnkFlt - ok
17:41:39.0546 3480 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:41:39.0640 3480 NwlnkFwd - ok
17:41:39.0828 3480 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:41:39.0906 3480 Parport - ok
17:41:39.0968 3480 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:41:40.0046 3480 PartMgr - ok
17:41:40.0078 3480 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:41:40.0156 3480 ParVdm - ok
17:41:40.0203 3480 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:41:40.0281 3480 PCI - ok
17:41:40.0296 3480 PCIDump - ok
17:41:40.0328 3480 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:41:40.0421 3480 PCIIde - ok
17:41:40.0468 3480 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:41:40.0562 3480 Pcmcia - ok
17:41:40.0562 3480 PDCOMP - ok
17:41:40.0578 3480 PDFRAME - ok
17:41:40.0593 3480 PDRELI - ok
17:41:40.0609 3480 PDRFRAME - ok
17:41:40.0640 3480 pelmouse (e541a80cdffd6077c761b4578efc0450) C:\WINDOWS\system32\DRIVERS\pelmouse.sys
17:41:40.0656 3480 pelmouse - ok
17:41:40.0671 3480 pelusblf (6432858a4493e906a7d61b9b17a0672a) C:\WINDOWS\system32\DRIVERS\pelusblf.sys
17:41:40.0703 3480 pelusblf - ok
17:41:40.0828 3480 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:41:40.0937 3480 perc2 - ok
17:41:40.0953 3480 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:41:41.0031 3480 perc2hib - ok
17:41:41.0156 3480 pmem (dedef40e1d05842639491365cb2c069e) C:\WINDOWS\System32\drivers\pmemnt.sys
17:41:41.0156 3480 pmem ( UnsignedFile.Multi.Generic ) - warning
17:41:41.0156 3480 pmem - detected UnsignedFile.Multi.Generic (1)
17:41:41.0203 3480 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:41:41.0281 3480 PptpMiniport - ok
17:41:41.0296 3480 PROCDD (6f9e6e874fd74ee6dd0bbecde9d3f795) C:\WINDOWS\system32\DRIVERS\PROCDD.SYS
17:41:41.0312 3480 PROCDD ( UnsignedFile.Multi.Generic ) - warning
17:41:41.0312 3480 PROCDD - detected UnsignedFile.Multi.Generic (1)
17:41:41.0359 3480 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
17:41:41.0437 3480 Processor - ok
17:41:41.0468 3480 psadd (fb4c54f3a168b178dabf15eebaed8276) C:\WINDOWS\system32\Drivers\psadd.sys
17:41:41.0468 3480 psadd ( UnsignedFile.Multi.Generic ) - warning
17:41:41.0468 3480 psadd - detected UnsignedFile.Multi.Generic (1)
17:41:41.0484 3480 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:41:41.0578 3480 PSched - ok
17:41:41.0671 3480 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:41:41.0750 3480 Ptilink - ok
17:41:41.0765 3480 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:41:41.0796 3480 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
17:41:41.0796 3480 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
17:41:41.0812 3480 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:41:41.0906 3480 ql1080 - ok
17:41:41.0921 3480 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:41:42.0015 3480 Ql10wnt - ok
17:41:42.0125 3480 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:41:42.0218 3480 ql12160 - ok
17:41:42.0250 3480 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:41:42.0328 3480 ql1240 - ok
17:41:42.0406 3480 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:41:42.0484 3480 ql1280 - ok
17:41:42.0500 3480 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:41:42.0578 3480 RasAcd - ok
17:41:42.0625 3480 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:41:42.0703 3480 Rasl2tp - ok
17:41:42.0718 3480 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:41:42.0796 3480 RasPppoe - ok
17:41:42.0812 3480 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:41:42.0906 3480 Raspti - ok
17:41:42.0937 3480 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:41:43.0031 3480 Rdbss - ok
17:41:43.0140 3480 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:41:43.0218 3480 RDPCDD - ok
17:41:43.0359 3480 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:41:43.0453 3480 rdpdr - ok
17:41:43.0468 3480 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
17:41:43.0546 3480 RDPWD - ok
17:41:43.0578 3480 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:41:43.0656 3480 redbook - ok
17:41:43.0703 3480 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:41:43.0781 3480 Secdrv - ok
17:41:43.0859 3480 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:41:43.0937 3480 serenum - ok
17:41:44.0015 3480 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:41:44.0109 3480 Serial - ok
17:41:44.0109 3480 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:41:44.0203 3480 Sfloppy - ok
17:41:44.0203 3480 Simbad - ok
17:41:44.0234 3480 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:41:44.0312 3480 sisagp - ok
17:41:44.0390 3480 smi2 (3ba9d0c8a0fbd9fb4029b6cd87c8ce0b) C:\Program Files\SMI2\smi2.sys
17:41:44.0390 3480 smi2 ( UnsignedFile.Multi.Generic ) - warning
17:41:44.0390 3480 smi2 - detected UnsignedFile.Multi.Generic (1)
17:41:44.0421 3480 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:41:44.0468 3480 Sparrow - ok
17:41:44.0515 3480 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:41:44.0593 3480 splitter - ok
17:41:44.0609 3480 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:41:44.0687 3480 sr - ok
17:41:44.0718 3480 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
17:41:44.0734 3480 Srv - ok
17:41:44.0765 3480 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:41:44.0859 3480 swenum - ok
17:41:44.0875 3480 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:41:44.0968 3480 swmidi - ok
17:41:45.0093 3480 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:41:45.0171 3480 symc810 - ok
17:41:45.0187 3480 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:41:45.0296 3480 symc8xx - ok
17:41:45.0312 3480 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:41:45.0421 3480 sym_hi - ok
17:41:45.0437 3480 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:41:45.0500 3480 sym_u3 - ok
17:41:45.0640 3480 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:41:45.0750 3480 sysaudio - ok
17:41:45.0765 3480 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:41:45.0812 3480 Tcpip - ok
17:41:45.0859 3480 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:41:45.0984 3480 TDPIPE - ok
17:41:46.0000 3480 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:41:46.0078 3480 TDTCP - ok
17:41:46.0093 3480 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:41:46.0171 3480 TermDD - ok
17:41:46.0218 3480 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:41:46.0296 3480 TosIde - ok
17:41:46.0328 3480 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys
17:41:46.0343 3480 TrueSight ( UnsignedFile.Multi.Generic ) - warning
17:41:46.0343 3480 TrueSight - detected UnsignedFile.Multi.Generic (1)
17:41:46.0421 3480 tvtfilter (dd957007df98aecffaaa2656d4b981e4) C:\WINDOWS\system32\drivers\tvtfilter.sys
17:41:46.0453 3480 tvtfilter ( UnsignedFile.Multi.Generic ) - warning
17:41:46.0453 3480 tvtfilter - detected UnsignedFile.Multi.Generic (1)
17:41:46.0484 3480 TVTPktFilter (0727cce3ff1a4446f4a1d507361567ab) C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys
17:41:46.0500 3480 TVTPktFilter - ok
17:41:46.0546 3480 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:41:46.0625 3480 Udfs - ok
17:41:46.0687 3480 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:41:46.0750 3480 ultra - ok
17:41:46.0781 3480 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:41:46.0875 3480 Update - ok
17:41:47.0000 3480 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:41:47.0078 3480 usbccgp - ok
17:41:47.0093 3480 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:41:47.0187 3480 usbehci - ok
17:41:47.0187 3480 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:41:47.0281 3480 usbhub - ok
17:41:47.0312 3480 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:41:47.0390 3480 usbprint - ok
17:41:47.0515 3480 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:41:47.0593 3480 usbscan - ok
17:41:47.0734 3480 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:41:47.0812 3480 USBSTOR - ok
17:41:47.0828 3480 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:41:47.0937 3480 usbuhci - ok
17:41:47.0953 3480 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:41:48.0031 3480 VgaSave - ok
17:41:48.0062 3480 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:41:48.0140 3480 viaagp - ok
17:41:48.0156 3480 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:41:48.0234 3480 ViaIde - ok
17:41:48.0265 3480 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:41:48.0375 3480 VolSnap - ok
17:41:48.0468 3480 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:41:48.0546 3480 Wanarp - ok
17:41:48.0656 3480 WDICA - ok
17:41:48.0687 3480 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:41:48.0781 3480 wdmaud - ok
17:41:48.0812 3480 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
17:41:48.0828 3480 WpdUsb - ok
17:41:48.0843 3480 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:41:48.0875 3480 WudfPf - ok
17:41:48.0906 3480 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:41:48.0953 3480 WudfRd - ok
17:41:48.0984 3480 MBR (0x1B8) (7cf4d68c96af416bba888eb985d91ba4) \Device\Harddisk0\DR0
17:41:49.0062 3480 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:41:49.0062 3480 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:41:49.0078 3480 Boot (0x1200) (4004489d9cb3e831fa2183db7ba8d927) \Device\Harddisk0\DR0\Partition0
17:41:49.0078 3480 \Device\Harddisk0\DR0\Partition0 - ok
17:41:49.0078 3480 ============================================================
17:41:49.0078 3480 Scan finished
17:41:49.0078 3480 ============================================================
17:41:49.0093 1384 Detected object count: 22
17:41:49.0093 1384 Actual detected object count: 22
17:42:36.0781 1384 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0781 1384 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0781 1384 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0781 1384 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0781 1384 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0781 1384 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0781 1384 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0781 1384 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0781 1384 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0781 1384 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0781 1384 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0781 1384 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0781 1384 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0781 1384 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0781 1384 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0781 1384 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0781 1384 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0781 1384 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 EGATHDRV ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 EGATHDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 pmem ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 pmem ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 PROCDD ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 PROCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 psadd ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 psadd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 smi2 ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 smi2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0796 1384 tvtfilter ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:36.0796 1384 tvtfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:36.0812 1384 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:42:36.0812 1384 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  • 0

#22
JulieJean
Posted 18 January 2012 - 05:15 PM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
How long should pud take to boot? Its been trying for some time now. I did the bootable CD.
  • 0

#23
JulieJean
Posted 18 January 2012 - 06:21 PM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
I followed the steps for USB flash drive, and when booting it says it is missing something. So, I created another CD thinking maybe it didn't finish the first time. Same thing happens with this CD it just continues to try to load. I left it for 15 minutes. I'll leave it going for another hour or so while i make dinner, but I can't tell why I am having such an issue.
  • 0

#24
JulieJean
Posted 18 January 2012 - 08:17 PM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
It was still trying to load so i killed it again. I went to the xpud website and followed the same instructions there to create the USB version. Exact same result as the first time. I created this on a completely different computer than the first clean computer. I get NTLDR missing error messsage. There was a note on xPud site to rename a config file, but it looks like the executable file already does that now because I watched the isolinux.cfg turn into syslinux.cfg.

Any thoughts?
  • 0

#25
Essexboy
Posted 19 January 2012 - 04:36 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
This is definitely a real twist on the normal infection

Run TDSSKiller again and once you get to this part

17:41:49.0062 3480 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:41:49.0062 3480 \Device\Harddisk0\DR0 - detected TDSS File System (1)


In the drop down select Delete

Be prepared to use the recovery console CD to enter the fix boot commands, pressing enter after each command

fixmbr \Device\HardDisk0

fixboot c:

exit

Once back in normal windows could you give me another screen shot of disc management please
  • 0

Advertisements

#26
JulieJean
Posted 19 January 2012 - 06:41 AM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
I don't have the recovery CDs. Apparently Lenovo doesn't ship them with the machine unless requested. I called to request them and my warranty ended 6 months ago.

Would this go away if i rolled the system back to the very first back up?

Please advise, I will await your opinion before I conduct the steps you recommend.
  • 0

#27
Essexboy
Posted 19 January 2012 - 06:53 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ah this is the recovery console CD, this enables us to access windows prior to it starting it is common to all XP machines - we may not need it but it is better to be safe than sorry

http://www.thecomput...om/files/rc.iso
  • 0

#28
JulieJean
Posted 19 January 2012 - 07:17 AM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
AH, got it! This is the one I already created. OK, wish me luck.
  • 0

#29
JulieJean
Posted 19 January 2012 - 07:58 AM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
still there! StillThere.JPG
  • 0

#30
JulieJean
Posted 19 January 2012 - 08:10 AM

JulieJean

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
I also ran Gpart again, but it would not let me click on anything. However, the bad partition is no longer the boot partition, so we are making progress. Now, how do we blow that guy away?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP