[Resolved] Redirected Searches, Delays in typing, System Slowed

[adammedonca]

i still cannot get tdsskiller to open. redirects are still occuring.

also i am having trouble replying to this thread. i keep getting a message that say the last post from my IP address was less than 45 seconds ago.

[Bear]

Hi Adam

The 45 second rule is to prevent denial of service attack.  Sites like ours are frequent targets for the bad guys.

PS.  I hate the 45 second thing too   

[Bear]

Hi Adam

1.  Once again disable all Anti-virus and anti-malware programs.

2.  Download AZP to your desktop.  Unzip it to your desktop.

3.  Open the folder and double click on AVZ.exe to run it.  Click on the Icon for update located at the Bottom Right side window.  Click Start to begin the update.

4.  On the top menu, click AVZGuard, then select Enable AVZGuard.  If you get an error message skip this step and go on to 5.

5.  Next, click on File Standard scripts  and check box #3, Advanced System Analysis with malware removal mode enabled.

6.  Click on the Execute selected scripts.
•   Automatic scanning, healing and system check will be executed.
•   A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip.

7.  It is necessary to reboot your machine, because AVZ will disturb some program operations (like antiviruses and firewall) during the system scan while the AVZGuard is enabled. The reboot will reverse this and put things back the way they were.  All applications will work properly after the system restart.

DO NOT OPEN virusinfo_syscure.zip.  SEND IT AS AN ATTACHMENT TO YOUR POST.

Remember to be sure Word Wrap is NOT turned on in any Notepad files you post and to be sure and check that all the data you entered was posted. 

Now please post the following to me as a reply to this post:
virusinfo_syscure.zip
Let me know how your computer and browser are operating
If you have any other questions or problems, let me know that as well

[adammedonca]

upon rebooting, i got a message saying the driver was not found for an unknown device. I didnt know what to do with it.

[Bear]

Hi Adam

As you may have guessed, you have a very difficult rootkit.  It is residing in your MBR or master boot record.  This is outside the area that AV programs scan.  It will keep re-infecting your PC until we remove it.  As it replicates itself it will try to create new files and infect old ones.  This could be the cause of your driver problem.  Fist issue is to remove the malware.

1.  Disable all AV programs and disable them again each time your PC reboots.

2.  Double click on the OTL icon to run it (Vista and Windows 7 users right click and select Run as  Administrator). Make sure all other windows are closed and to let it run uninterrupted. 

3.  In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".  On the upper right be sure Use Company-Name WhiteList and Skip Microsoft Files are checked.  Copy the code in the code box below and paste it into the Custom Scan box .

Code: [Select]

:OTL
[2011/12/20 18:16:34 | 001,008,141 | ---- | M] () -- C:\Users\Adam\Desktop\iExplore.exe

:FILES
c:\windows\$NtUninstallKB18598$

:Commands
 [REBOOT]



4.  Click on the Run Fix button.  The fix log is saved on your C: drive under OTL\Moved Files as date-some number.log.  Reboot you PC.

5.  Select/Start.  Type Disk management into the Search box then tap enter. You should now see your partition layout.
Use the snipping tool from your accessories folder to copy that screen shot, attach that to your reply.

How to use Snipping tool

This is a screen shot example of what I`d like to see, your table may differ, but this shows general layout:




As always please check to be sure Word Wrap is NOT turned on in any Notepad files you post and please be sure to check that all the data you entered was posted.  If not, use multiple posts.

Now please post the following to me as a reply to this post:
OTL Fix log
Disk Management image
Let me know how your computer and browser are operating
If you have any other questions or problems, let me know that as well

[adammedonca]

========== OTL ==========
C:\Users\Adam\Desktop\iExplore.exe moved successfully.
========== FILES ==========
c:\windows\$NtUninstallKB18598$\4090149740 folder moved successfully.
c:\windows\$NtUninstallKB18598$ folder moved successfully.
========== COMMANDS ==========
 
OTL by OldTimer - Version 3.2.31.0 log created on 12282011_175950

[adammedonca]

 ...

[Bear]

Hi Adam

It looks like you have a rootkit in a separate, hidden MBR.  Altering the MBR without knowing what you are doing can cause the PC to not be able to boot.  I am currently consulting with those wiser than me for direction.  When they get back to me, I will get back to you.

[Bear]

Hi Adam

I apologize for the wierd formatting.  I don't know what caused it or how to fix it.  But here is the information.

As you know you have a very serious infection on your PC.  Your financial and other private data may have been compromised.  I recommend that you check your financial accounts, such as banks, credit cards and investment accounts regularly to see if there is any unauthorized activity.  It would also be a good idea to contact:

Equifax

http://www.equifax.com/ at (800) 685-1111
Experian http://www.experian.com/ at (888) 397-3742 and
TransUnion(http://www.transunion.com/ or (800) 888-4213

and put a watch on your accounts so that no one can steal your identity.

We will continue cleaning your PC.

1.   Download Gparted Live CD ISO from Here and save where you can easily find it.

2.   Create a bootable CD by burning that ISO image to a CD, you can download and use ImageBurn for that task.

3.   Instructions for ImageBurn Here if required.

4.   Boot your system from the GParted Live CD. You should see the following:





5.  Press ENTER





6.   By default, "do not touch keymap" is highlighted. Leave this setting alone and just press ENTER.





7.   Choose your language and press ENTER. English is default





8.   Once again, at this prompt, press ENTER You will now be taken to the main GUI screen below:





9.   Right click on the Smallest-1 MB partition Partion and select "Manage Flags"
BE SURE YOU SELECTED THE 1 MB PARTITION

10.  Remove the Ticks from Boot and Hidden as follows:




If there are no flags on this partition, exit the application


11.   Right click on the OS Partion, you can recognize it by its size 219.88 GB and select "Manage Flags"

12.   Put a tick in the Boot option as follows:





13.   You now need to confirm those actions as follows:





14.   Recheck each partion under "Flags" make sure the small rogue partiton does not have "Boot" applied, and the OS partion DOES have "Boot applied.

15.   If the above is correct double click on the Button.

16.   At the next window select "Reboot" then "OK" Boot into Normal Windows, check that all is OK.



[/list]

Now please post the following to me as a reply to this post:
Let me know how your computer and browser are operating; if you had difficulty booting
If you have any other questions or problems, let me know that as well

[adammedonca]

  the redirects are finally gone!!!! google searches still seem a little slow. but, it may just be my imagination or a slow connection. the thing i unchecked was 1.17MB. is all the malware gone now?

[adammedonca]

also, a few greyed out icons have appeared on my desktop. could the malware have hidden them? should i just unhide them? one is called dektop.ini. i dont know what that is.

[Bear]

Hi Adam

That's great.  We have some more cleaning to do and we need to delete the infected partition.  Desktop.ini is a fact of life with Windows.  You have to have it.  I will post new instructions in a couple of hours.

[Bear]

Hi Adam

Now we need to delete the infected MBR.

1.  Re-boot with the GParted Live CD again.

2.  Follow the previous instructions until you are at the main GUI as below:





3.  Select the 1 MB partition.  Be positive it is the 1 MB partition that is highligted.


4.  Click the trash can icon to delete and then click Apply. Then confirm your actions:





5.   Double click on the Button.

6.   At the next window select "Reboot" then "OK" Boot into Normal Windows.

7.  Let's try TDSSKiller again. Right click on TDSSKiller.exe and select run as administrator.  Now click Start Scan.

8.  Click on Change parameters and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click .

9.  If an infected file is detected, the default action will be Cure, click on Continue.  If a suspicious file is detected, the default action will be Skip, click on Continue.

Click on Reboot Now if you are asked to reboot the computer.

10.  If reboot is NOT required, click on Report.   Please copy that file.  If a reboot IS required, the report can also be found in your root directory (usually C:\ folder).   It's file name will take the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt]". Please copy that file.

As always please check to be sure Word Wrap is NOT turned on in any Notepad files you post and please be sure to check that all the data you entered was posted.  If not, use multiple posts.

Now please post the following to me as a reply to this post:
TDSSKiller log
Let me know how your computer and browser are operating and if you had any boot problems
If you have any other questions or problems, let me know that as well

[adammedonca]

15:58:02.0793 2756   TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
15:58:03.0261 2756   ============================================================
15:58:03.0261 2756   Current date / time: 2011/12/30 15:58:03.0261
15:58:03.0261 2756   SystemInfo:
15:58:03.0261 2756   
15:58:03.0261 2756   OS Version: 6.0.6002 ServicePack: 2.0
15:58:03.0261 2756   Product type: Workstation
15:58:03.0261 2756   ComputerName: ADAM-LAPTOP
15:58:03.0261 2756   UserName: Adam
15:58:03.0261 2756   Windows directory: C:\Windows
15:58:03.0261 2756   System windows directory: C:\Windows
15:58:03.0261 2756   Processor architecture: Intel x86
15:58:03.0261 2756   Number of processors: 1
15:58:03.0261 2756   Page size: 0x1000
15:58:03.0261 2756   Boot type: Normal boot
15:58:03.0261 2756   ============================================================
15:58:04.0478 2756   Initialize success
15:58:41.0700 3836   ============================================================
15:58:41.0700 3836   Scan started
15:58:41.0700 3836   Mode: Manual; SigCheck; TDLFS;
15:58:41.0700 3836   ============================================================
15:58:43.0603 3836   ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:58:43.0743 3836   ACPI - ok
15:58:43.0977 3836   adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
15:58:44.0055 3836   adp94xx - ok
15:58:44.0243 3836   adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
15:58:44.0321 3836   adpahci - ok
15:58:44.0523 3836   adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
15:58:44.0539 3836   adpu160m - ok
15:58:44.0726 3836   adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
15:58:44.0742 3836   adpu320 - ok
15:58:45.0007 3836   AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:58:45.0787 3836   AFD - ok
15:58:46.0193 3836   agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
15:58:46.0239 3836   agp440 - ok
15:58:46.0583 3836   ahcix86s - ok
15:58:46.0910 3836   aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:58:46.0941 3836   aic78xx - ok
15:58:47.0191 3836   aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
15:58:47.0207 3836   aliide - ok
15:58:47.0409 3836   amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
15:58:47.0425 3836   amdagp - ok
15:58:47.0721 3836   amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
15:58:47.0831 3836   amdide - ok
15:58:48.0049 3836   AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
15:58:48.0423 3836   AmdK7 - ok
15:58:48.0907 3836   AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
15:58:49.0001 3836   AmdK8 - ok
15:58:49.0344 3836   arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
15:58:49.0375 3836   arc - ok
15:58:49.0593 3836   arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
15:58:49.0656 3836   arcsas - ok
15:58:49.0890 3836   AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:58:49.0968 3836   AsyncMac - ok
15:58:50.0311 3836   atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:58:50.0327 3836   atapi - ok
15:58:50.0841 3836   athr            (99d78248bfd454bfa9b5bec37350fade) C:\Windows\system32\DRIVERS\athr.sys
15:58:50.0966 3836   athr - ok
15:58:51.0668 3836   atikmdag        (7db96c2801a78513bdc133c25d07929e) C:\Windows\system32\DRIVERS\atikmdag.sys
15:58:51.0996 3836   atikmdag - ok
15:58:52.0230 3836   AtiPcie         (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
15:58:52.0245 3836   AtiPcie - ok
15:58:52.0729 3836   AvgLdx86        (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys
15:58:52.0760 3836   AvgLdx86 - ok
15:58:53.0025 3836   AvgMfx86        (53b3f979930a786a614d29cafe99f645) C:\Windows\System32\Drivers\avgmfx86.sys
15:58:53.0041 3836   AvgMfx86 - ok
15:58:53.0322 3836   AvgTdiX         (9a7a93388f503a34e7339ae7f9997449) C:\Windows\System32\Drivers\avgtdix.sys
15:58:53.0353 3836   AvgTdiX - ok
15:58:53.0977 3836   Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:58:54.0289 3836   Beep - ok
15:58:54.0554 3836   blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
15:58:54.0617 3836   blbdrive - ok
15:58:54.0944 3836   bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:58:55.0038 3836   bowser - ok
15:58:55.0397 3836   BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:58:55.0521 3836   BrFiltLo - ok
15:58:55.0927 3836   BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:58:56.0021 3836   BrFiltUp - ok
15:58:56.0223 3836   Bridge          (b1564976d98e91fc764d5dc28a0297da) C:\Windows\system32\DRIVERS\bridge.sys
15:58:56.0426 3836   Bridge - ok
15:58:56.0567 3836   BridgeMP        (b1564976d98e91fc764d5dc28a0297da) C:\Windows\system32\DRIVERS\bridge.sys
15:58:56.0613 3836   BridgeMP - ok
15:58:56.0972 3836   Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:58:57.0191 3836   Brserid - ok
15:58:57.0393 3836   BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:58:57.0643 3836   BrSerWdm - ok
15:58:57.0939 3836   BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:58:58.0173 3836   BrUsbMdm - ok
15:58:58.0517 3836   BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:58:58.0641 3836   BrUsbSer - ok
15:58:59.0063 3836   BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:58:59.0359 3836   BTHMODEM - ok
15:58:59.0437 3836   catchme - ok
15:58:59.0655 3836   cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:58:59.0733 3836   cdfs - ok
15:59:00.0233 3836   cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:59:00.0326 3836   cdrom - ok
15:59:00.0716 3836   circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
15:59:00.0779 3836   circlass - ok
15:59:00.0919 3836   CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:59:00.0966 3836   CLFS - ok
15:59:01.0200 3836   CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
15:59:01.0262 3836   CmBatt - ok
15:59:01.0527 3836   cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
15:59:01.0605 3836   cmdide - ok
15:59:01.0730 3836   Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
15:59:01.0730 3836   Compbatt - ok
15:59:01.0871 3836   crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
15:59:01.0886 3836   crcdisk - ok
15:59:01.0949 3836   Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
15:59:02.0011 3836   Crusoe - ok
15:59:02.0229 3836   DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:59:02.0354 3836   DfsC - ok
15:59:02.0573 3836   disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:59:02.0666 3836   disk - ok
15:59:02.0838 3836   DKbFltr         (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
15:59:02.0838 3836   DKbFltr - ok
15:59:03.0212 3836   DritekPortIO    (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
15:59:03.0259 3836   DritekPortIO - ok
15:59:03.0399 3836   drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:59:03.0493 3836   drmkaud - ok
15:59:03.0977 3836   DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:59:04.0023 3836   DXGKrnl - ok
15:59:04.0382 3836   E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:59:04.0491 3836   E1G60 - ok
15:59:04.0725 3836   Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:59:04.0757 3836   Ecache - ok
15:59:04.0991 3836   elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
15:59:05.0037 3836   elxstor - ok
15:59:05.0225 3836   ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
15:59:05.0318 3836   ErrDev - ok
15:59:05.0568 3836   exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:59:05.0646 3836   exfat - ok
15:59:05.0833 3836   fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:59:05.0911 3836   fastfat - ok
15:59:06.0083 3836   fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:59:06.0176 3836   fdc - ok
15:59:06.0457 3836   FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:59:06.0551 3836   FileInfo - ok
15:59:06.0800 3836   Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:59:06.0894 3836   Filetrace - ok
15:59:07.0190 3836   flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:59:07.0284 3836   flpydisk - ok
15:59:07.0658 3836   FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:59:07.0674 3836   FltMgr - ok
15:59:07.0908 3836   Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
15:59:07.0986 3836   Fs_Rec - ok
15:59:08.0220 3836   gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
15:59:08.0251 3836   gagp30kx - ok
15:59:08.0547 3836   GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:59:08.0563 3836   GEARAspiWDM - ok
15:59:08.0937 3836   HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
15:59:09.0062 3836   HdAudAddService - ok
15:59:09.0749 3836   HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:59:09.0920 3836   HDAudBus - ok
15:59:10.0357 3836   HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:59:10.0513 3836   HidBth - ok
15:59:10.0794 3836   HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:59:10.0950 3836   HidIr - ok
15:59:11.0168 3836   HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:59:11.0246 3836   HidUsb - ok
15:59:11.0496 3836   HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
15:59:11.0543 3836   HpCISSs - ok
15:59:11.0808 3836   HTTP            (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
15:59:11.0933 3836   HTTP - ok
15:59:12.0198 3836   i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
15:59:12.0260 3836   i2omp - ok
15:59:12.0447 3836   i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:59:12.0525 3836   i8042prt - ok
15:59:13.0399 3836   iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
15:59:13.0430 3836   iaStorV - ok
15:59:13.0633 3836   iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:59:13.0664 3836   iirsp - ok
15:59:14.0132 3836   IntcAzAudAddService (33a8c13c71698218be432020cc668d5c) C:\Windows\system32\drivers\RTKVHDA.sys
15:59:14.0241 3836   IntcAzAudAddService - ok
15:59:14.0429 3836   intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:59:14.0475 3836   intelide - ok
15:59:14.0897 3836   intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:59:14.0990 3836   intelppm - ok
15:59:15.0209 3836   IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:59:15.0287 3836   IpFilterDriver - ok
15:59:15.0380 3836   IpInIp - ok
15:59:15.0458 3836   IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
15:59:15.0521 3836   IPMIDRV - ok
15:59:15.0645 3836   IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:59:15.0692 3836   IPNAT - ok
15:59:15.0864 3836   iPodDrv         (cf79ff3d10864f73660a34e006b6b8f8) C:\Windows\system32\drivers\iPodDrv.sys
15:59:15.0879 3836   iPodDrv ( UnsignedFile.Multi.Generic ) - warning
15:59:15.0879 3836   iPodDrv - detected UnsignedFile.Multi.Generic (1)
15:59:16.0020 3836   IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:59:16.0098 3836   IRENUM - ok
15:59:16.0301 3836   isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
15:59:16.0332 3836   isapnp - ok
15:59:16.0472 3836   iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:59:16.0488 3836   iScsiPrt - ok
15:59:16.0644 3836   iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:59:16.0659 3836   iteatapi - ok
15:59:16.0784 3836   iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:59:16.0800 3836   iteraid - ok
15:59:16.0956 3836   kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:59:16.0987 3836   kbdclass - ok
15:59:17.0174 3836   kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
15:59:17.0268 3836   kbdhid - ok
15:59:17.0439 3836   KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
15:59:17.0486 3836   KSecDD - ok
15:59:17.0658 3836   L1C             (e7ec4dc9192166e7adb76c9fe3f10709) C:\Windows\system32\DRIVERS\L1C60x86.sys
15:59:17.0705 3836   L1C - ok
15:59:17.0939 3836   lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:59:18.0001 3836   lltdio - ok
15:59:18.0219 3836   LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
15:59:18.0251 3836   LSI_FC - ok
15:59:18.0422 3836   LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
15:59:18.0438 3836   LSI_SAS - ok
15:59:18.0625 3836   LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
15:59:18.0656 3836   LSI_SCSI - ok
15:59:18.0890 3836   luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:59:18.0984 3836   luafv - ok
15:59:19.0140 3836   lvpopflt        (9fb982de1c8dd769f8ed681dd878b12f) C:\Windows\system32\DRIVERS\lvpopflt.sys
15:59:19.0171 3836   lvpopflt - ok
15:59:19.0358 3836   LVPr2Mon        (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\Drivers\LVPr2Mon.sys
15:59:19.0358 3836   LVPr2Mon - ok
15:59:19.0561 3836   LVRS            (37072ec9299e825f4335cc554b6fac6a) C:\Windows\system32\DRIVERS\lvrs.sys
15:59:19.0592 3836   LVRS - ok
15:59:20.0513 3836   LVUVC           (a240e42a7402e927a71b6e8aa4629b13) C:\Windows\system32\DRIVERS\lvuvc.sys
15:59:21.0012 3836   LVUVC - ok
15:59:21.0183 3836   megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
15:59:21.0199 3836   megasas - ok
15:59:21.0386 3836   MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
15:59:21.0433 3836   MegaSR - ok
15:59:21.0698 3836   Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:59:21.0839 3836   Modem - ok
15:59:21.0963 3836   monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:59:22.0073 3836   monitor - ok
15:59:22.0260 3836   mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:59:22.0275 3836   mouclass - ok
15:59:22.0478 3836   mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:59:22.0541 3836   mouhid - ok
15:59:22.0743 3836   MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:59:22.0759 3836   MountMgr - ok
15:59:23.0024 3836   mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
15:59:23.0040 3836   mpio - ok
15:59:23.0180 3836   mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:59:23.0196 3836   mpsdrv - ok
15:59:23.0399 3836   Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:59:23.0399 3836   Mraid35x - ok
15:59:23.0555 3836   MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:59:23.0633 3836   MRxDAV - ok
15:59:23.0757 3836   mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:59:23.0851 3836   mrxsmb - ok
15:59:24.0007 3836   mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:59:24.0069 3836   mrxsmb10 - ok
15:59:24.0475 3836   mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:59:24.0522 3836   mrxsmb20 - ok
15:59:24.0662 3836   msahci          (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
15:59:24.0678 3836   msahci - ok
15:59:24.0896 3836   msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
15:59:24.0912 3836   msdsm - ok
15:59:25.0317 3836   Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:59:25.0427 3836   Msfs - ok
15:59:25.0598 3836   msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:59:25.0629 3836   msisadrv - ok
15:59:25.0848 3836   MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:59:25.0926 3836   MSKSSRV - ok
15:59:26.0207 3836   MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:59:26.0300 3836   MSPCLOCK - ok
15:59:26.0534 3836   MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:59:26.0628 3836   MSPQM - ok
15:59:26.0877 3836   MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:59:26.0909 3836   MsRPC - ok
15:59:27.0065 3836   mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:59:27.0080 3836   mssmbios - ok
15:59:27.0283 3836   MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:59:27.0377 3836   MSTEE - ok
15:59:27.0548 3836   Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:59:27.0579 3836   Mup - ok
15:59:27.0782 3836   NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:59:27.0845 3836   NativeWifiP - ok
15:59:28.0110 3836   NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:59:28.0172 3836   NDIS - ok
15:59:28.0328 3836   NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:59:28.0375 3836   NdisTapi - ok
15:59:28.0531 3836   Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:59:28.0593 3836   Ndisuio - ok
15:59:28.0734 3836   NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:59:28.0796 3836   NdisWan - ok
15:59:28.0937 3836   NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:59:28.0968 3836   NDProxy - ok
15:59:29.0139 3836   NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:59:29.0186 3836   NetBIOS - ok
15:59:29.0451 3836   netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:59:29.0545 3836   netbt - ok
15:59:29.0795 3836   nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:59:29.0810 3836   nfrd960 - ok
15:59:30.0029 3836   Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:59:30.0091 3836   Npfs - ok
15:59:30.0247 3836   nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:59:30.0325 3836   nsiproxy - ok
15:59:30.0606 3836   Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:59:30.0684 3836   Ntfs - ok
15:59:31.0011 3836   NTIDrvr         (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
15:59:31.0043 3836   NTIDrvr - ok
15:59:31.0308 3836   ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:59:31.0448 3836   ntrigdigi - ok
15:59:31.0635 3836   Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:59:31.0729 3836   Null - ok
15:59:31.0916 3836   nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
15:59:31.0932 3836   nvraid - ok
15:59:32.0072 3836   nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
15:59:32.0088 3836   nvstor - ok
15:59:32.0228 3836   nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
15:59:32.0244 3836   nv_agp - ok
15:59:32.0322 3836   NwlnkFlt - ok
15:59:32.0353 3836   NwlnkFwd - ok
15:59:32.0556 3836   ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
15:59:32.0727 3836   ohci1394 - ok
15:59:32.0993 3836   Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:59:33.0117 3836   Parport - ok
15:59:33.0273 3836   partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:59:33.0289 3836   partmgr - ok
15:59:33.0445 3836   Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:59:33.0585 3836   Parvdm - ok
15:59:33.0788 3836   pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:59:33.0804 3836   pci - ok
15:59:33.0975 3836   pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
15:59:34.0007 3836   pciide - ok
15:59:34.0194 3836   pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:59:34.0225 3836   pcmcia - ok
15:59:34.0428 3836   PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:59:34.0584 3836   PEAUTH - ok
15:59:34.0833 3836   PID_0928        (d2d2fa02b722336960eeae0ae7107891) C:\Windows\system32\DRIVERS\LV561AV.SYS
15:59:34.0880 3836   PID_0928 - ok
15:59:35.0130 3836   PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:59:35.0177 3836   PptpMiniport - ok
15:59:35.0691 3836   Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
15:59:35.0801 3836   Processor - ok
15:59:36.0081 3836   PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:59:36.0144 3836   PSched - ok
15:59:36.0440 3836   ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
15:59:36.0565 3836   ql2300 - ok
15:59:36.0799 3836   ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:59:36.0830 3836   ql40xx - ok
15:59:37.0064 3836   QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:59:37.0127 3836   QWAVEdrv - ok
15:59:37.0361 3836   RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:59:37.0454 3836   RasAcd - ok
15:59:37.0657 3836   Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:59:37.0735 3836   Rasl2tp - ok
15:59:37.0938 3836   RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:59:38.0016 3836   RasPppoe - ok
15:59:38.0375 3836   RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:59:38.0406 3836   RasSstp - ok
15:59:38.0609 3836   rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:59:38.0702 3836   rdbss - ok
15:59:39.0030 3836   RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:59:39.0139 3836   RDPCDD - ok
15:59:39.0591 3836   rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
15:59:39.0654 3836   rdpdr - ok
15:59:39.0997 3836   RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:59:40.0059 3836   RDPENCDD - ok
15:59:40.0449 3836   RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
15:59:40.0496 3836   RDPWD - ok
15:59:40.0699 3836   regi            (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
15:59:40.0715 3836   regi - ok
15:59:41.0214 3836   rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:59:41.0276 3836   rspndr - ok
15:59:41.0463 3836   RTSTOR          (6ffd4476cd7ba3b402458fda3fb62e87) C:\Windows\system32\drivers\RTSTOR.SYS
15:59:41.0526 3836   RTSTOR - ok
15:59:41.0651 3836   SASDIFSV - ok
15:59:41.0760 3836   SASKUTIL - ok
15:59:41.0994 3836   sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:59:42.0025 3836   sbp2port - ok
15:59:42.0353 3836   secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:59:42.0493 3836   secdrv - ok
15:59:42.0680 3836   Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:59:42.0774 3836   Serenum - ok
15:59:42.0992 3836   Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:59:43.0148 3836   Serial - ok
15:59:43.0289 3836   sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:59:43.0382 3836   sermouse - ok
15:59:43.0585 3836   sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
15:59:43.0647 3836   sffdisk - ok
15:59:43.0866 3836   sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
15:59:43.0959 3836   sffp_mmc - ok
15:59:44.0131 3836   sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
15:59:44.0193 3836   sffp_sd - ok
15:59:44.0474 3836   sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:59:44.0583 3836   sfloppy - ok
15:59:44.0771 3836   sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
15:59:44.0786 3836   sisagp - ok
15:59:44.0973 3836   SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
15:59:44.0989 3836   SiSRaid2 - ok
15:59:45.0176 3836   SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
15:59:45.0207 3836   SiSRaid4 - ok
15:59:45.0488 3836   Smb             (8f91a4c71fe4d12ee2a165144a626129) C:\Windows\system32\DRIVERS\smb.sys
15:59:45.0535 3836   Smb ( UnsignedFile.Multi.Generic ) - warning
15:59:45.0535 3836   Smb - detected UnsignedFile.Multi.Generic (1)
15:59:45.0785 3836   spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:59:45.0800 3836   spldr - ok
15:59:46.0034 3836   srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:59:46.0143 3836   srv - ok
15:59:46.0284 3836   srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:59:46.0362 3836   srv2 - ok
15:59:46.0518 3836   srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:59:46.0565 3836   srvnet - ok
15:59:46.0908 3836   swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:59:46.0923 3836   swenum - ok
15:59:47.0126 3836   Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:59:47.0142 3836   Symc8xx - ok
15:59:47.0298 3836   Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:59:47.0313 3836   Sym_hi - ok
15:59:47.0516 3836   Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:59:47.0547 3836   Sym_u3 - ok
15:59:47.0750 3836   SynTP           (32c0296ae115906679d94957f501e8db) C:\Windows\system32\DRIVERS\SynTP.sys
15:59:47.0781 3836   SynTP - ok
15:59:48.0015 3836   Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
15:59:48.0078 3836   Tcpip - ok
15:59:48.0249 3836   Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
15:59:48.0281 3836   Tcpip6 - ok
15:59:48.0468 3836   tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
15:59:48.0530 3836   tcpipreg - ok
15:59:48.0733 3836   TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:59:48.0811 3836   TDPIPE - ok
15:59:48.0998 3836   TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:59:49.0045 3836   TDTCP - ok
15:59:49.0217 3836   tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:59:49.0232 3836   tdx - ok
15:59:49.0404 3836   TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:59:49.0404 3836   TermDD - ok
15:59:49.0575 3836   TrueSight       (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys
15:59:49.0575 3836   TrueSight ( UnsignedFile.Multi.Generic ) - warning
15:59:49.0575 3836   TrueSight - detected UnsignedFile.Multi.Generic (1)
15:59:49.0685 3836   tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:59:49.0763 3836   tssecsrv - ok
15:59:49.0965 3836   tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:59:50.0043 3836   tunmp - ok
15:59:50.0215 3836   tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:59:50.0277 3836   tunnel - ok
15:59:50.0465 3836   uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
15:59:50.0465 3836   uagp35 - ok
15:59:50.0652 3836   UBHelper        (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
15:59:50.0652 3836   UBHelper - ok
15:59:50.0870 3836   udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:59:50.0917 3836   udfs - ok
15:59:51.0089 3836   ujqxmtyx        (817d8d89fe54e6e207bf50582c1c0e4b) C:\Windows\system32\Drivers\ujqxmtyx.sys
15:59:51.0135 3836   ujqxmtyx ( UnsignedFile.Multi.Generic ) - warning
15:59:51.0135 3836   ujqxmtyx - detected UnsignedFile.Multi.Generic (1)
15:59:51.0588 3836   uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
15:59:51.0603 3836   uliagpkx - ok
15:59:51.0822 3836   uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
15:59:51.0837 3836   uliahci - ok
15:59:51.0978 3836   UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:59:51.0978 3836   UlSata - ok
15:59:52.0149 3836   ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:59:52.0165 3836   ulsata2 - ok
15:59:52.0337 3836   umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:59:52.0399 3836   umbus - ok
15:59:52.0586 3836   USBAAPL         (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
15:59:52.0664 3836   USBAAPL - ok
15:59:52.0820 3836   usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
15:59:52.0898 3836   usbaudio - ok
15:59:53.0101 3836   usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:59:53.0163 3836   usbccgp - ok
15:59:53.0460 3836   usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:59:53.0616 3836   usbcir - ok
15:59:53.0772 3836   usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:59:53.0850 3836   usbehci - ok
15:59:54.0131 3836   usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:59:54.0209 3836   usbhub - ok
15:59:54.0489 3836   usbohci         (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
15:59:54.0552 3836   usbohci - ok
15:59:54.0692 3836   usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:59:54.0755 3836   usbprint - ok
15:59:54.0957 3836   usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:59:55.0004 3836   usbscan - ok
15:59:55.0191 3836   USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:59:55.0238 3836   USBSTOR - ok
15:59:55.0488 3836   usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:59:55.0566 3836   usbuhci - ok
15:59:55.0706 3836   usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
15:59:55.0753 3836   usbvideo - ok
15:59:56.0018 3836   utqxmtyx        (524d8d450622db4a7875b111c299a76b) C:\Windows\system32\Drivers\utqxmtyx.sys
15:59:56.0034 3836   utqxmtyx ( UnsignedFile.Multi.Generic ) - warning
15:59:56.0034 3836   utqxmtyx - detected UnsignedFile.Multi.Generic (1)
15:59:56.0221 3836   vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:59:56.0315 3836   vga - ok
15:59:56.0439 3836   VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:59:56.0502 3836   VgaSave - ok
15:59:56.0705 3836   viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
15:59:56.0736 3836   viaagp - ok
15:59:56.0954 3836   ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
15:59:57.0017 3836   ViaC7 - ok
15:59:57.0204 3836   viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
15:59:57.0235 3836   viaide - ok
15:59:57.0344 3836   volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:59:57.0375 3836   volmgr - ok
15:59:57.0531 3836   volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:59:57.0578 3836   volmgrx - ok
15:59:57.0734 3836   volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:59:57.0781 3836   volsnap - ok
15:59:57.0984 3836   vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
15:59:58.0015 3836   vsmraid - ok
15:59:58.0249 3836   WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:59:58.0327 3836   WacomPen - ok
15:59:58.0499 3836   Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:59:58.0545 3836   Wanarp - ok
15:59:58.0577 3836   Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:59:58.0639 3836   Wanarpv6 - ok
15:59:58.0873 3836   Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
15:59:58.0889 3836   Wd - ok
15:59:59.0045 3836   Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:59:59.0091 3836   Wdf01000 - ok
15:59:59.0294 3836   WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:59:59.0372 3836   WmiAcpi - ok
15:59:59.0591 3836   WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:59:59.0669 3836   WpdUsb - ok
15:59:59.0871 3836   WPRO_40_1340 - ok
16:00:00.0059 3836   ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
16:00:00.0137 3836   ws2ifsl - ok
16:00:00.0308 3836   WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:00:00.0339 3836   WUDFRd - ok
16:00:00.0417 3836   MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:00:00.0745 3836   \Device\Harddisk0\DR0 - ok
16:00:00.0792 3836   Boot (0x1200)   (b4e7356e26a66b41892e9d35f13edbc0) \Device\Harddisk0\DR0\Partition0
16:00:00.0792 3836   \Device\Harddisk0\DR0\Partition0 - ok
16:00:00.0792 3836   ============================================================
16:00:00.0792 3836   Scan finished
16:00:00.0792 3836   ============================================================
16:00:00.0823 3796   Detected object count: 5
16:00:00.0823 3796   Actual detected object count: 5
16:00:48.0326 3796   iPodDrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:00:48.0326 3796   iPodDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:00:48.0326 3796   Smb ( UnsignedFile.Multi.Generic ) - skipped by user
16:00:48.0326 3796   Smb ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:00:48.0326 3796   TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
16:00:48.0326 3796   TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:00:48.0326 3796   ujqxmtyx ( UnsignedFile.Multi.Generic ) - skipped by user
16:00:48.0326 3796   ujqxmtyx ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:00:48.0326 3796   utqxmtyx ( UnsignedFile.Multi.Generic ) - skipped by user
16:00:48.0326 3796   utqxmtyx ( UnsignedFile.Multi.Generic ) - User select action: Skip

[Bear]

Hi Adam

TDSSKiller found five bad files.  The report says you chose not to delete them.  Did you click Cure?