21:48:12.0171 2416 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05 21:48:12.0343 2416 ============================================================ 21:48:12.0343 2416 Current date / time: 2012/08/17 21:48:12.0343 21:48:12.0343 2416 SystemInfo: 21:48:12.0343 2416 21:48:12.0343 2416 OS Version: 5.1.2600 ServicePack: 3.0 21:48:12.0343 2416 Product type: Workstation 21:48:12.0343 2416 ComputerName: SAFA 21:48:12.0343 2416 UserName: safecznik 21:48:12.0343 2416 Windows directory: C:\WINDOWS 21:48:12.0343 2416 System windows directory: C:\WINDOWS 21:48:12.0343 2416 Processor architecture: Intel x86 21:48:12.0343 2416 Number of processors: 4 21:48:12.0343 2416 Page size: 0x1000 21:48:12.0343 2416 Boot type: Normal boot 21:48:12.0343 2416 ============================================================ 21:48:13.0203 2416 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 21:48:13.0203 2416 ============================================================ 21:48:13.0203 2416 \Device\Harddisk0\DR0: 21:48:13.0203 2416 MBR partitions: 21:48:13.0203 2416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927 21:48:13.0203 2416 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0x61A7927 21:48:13.0218 2416 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0xC34F28D 21:48:13.0234 2416 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1869E5D7, BlocksNum 0xFDE943E 21:48:13.0250 2416 \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x28487A54, BlocksNum 0x11EF932C 21:48:13.0265 2416 \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0x3A380DBF, BlocksNum 0x3E82 21:48:13.0265 2416 ============================================================ 21:48:13.0296 2416 C: <-> \Device\Harddisk0\DR0\Partition1 21:48:13.0343 2416 D: <-> \Device\Harddisk0\DR0\Partition2 21:48:13.0390 2416 E: <-> \Device\Harddisk0\DR0\Partition3 21:48:13.0421 2416 F: <-> \Device\Harddisk0\DR0\Partition4 21:48:13.0453 2416 G: <-> \Device\Harddisk0\DR0\Partition5 21:48:13.0484 2416 H: <-> \Device\Harddisk0\DR0\Partition6 21:48:13.0484 2416 ============================================================ 21:48:13.0484 2416 Initialize success 21:48:13.0484 2416 ============================================================ 21:48:16.0171 2804 ============================================================ 21:48:16.0171 2804 Scan started 21:48:16.0171 2804 Mode: Manual; 21:48:16.0171 2804 ============================================================ 21:48:17.0671 2804 ================ Scan services ============================= 21:48:17.0671 2804 Scan interrupted by user! 21:48:17.0671 2804 ================ Scan global =============================== 21:48:17.0671 2804 Scan interrupted by user! 21:48:17.0671 2804 ================ Scan MBR ================================== 21:48:17.0671 2804 Scan interrupted by user! 21:48:17.0671 2804 ================ Scan VBR ================================== 21:48:17.0671 2804 Scan interrupted by user! 21:48:17.0671 2804 ============================================================ 21:48:17.0671 2804 Scan finished 21:48:17.0671 2804 ============================================================ 21:48:17.0687 3120 Detected object count: 0 21:48:17.0687 3120 Actual detected object count: 0 21:48:33.0890 0788 ============================================================ 21:48:33.0890 0788 Scan started 21:48:33.0890 0788 Mode: Manual; SigCheck; TDLFS; 21:48:33.0890 0788 ============================================================ 21:48:34.0234 0788 ================ Scan services ============================= 21:48:34.0312 0788 Abiosdsk - ok 21:48:34.0312 0788 abp480n5 - ok 21:48:34.0328 0788 [ 05118282f5d039595a2b92b4a4afe197 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 21:48:34.0500 0788 ACPI - ok 21:48:34.0515 0788 [ 66a42b7db194e24b973bbcce840a0f3f ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 21:48:34.0593 0788 ACPIEC - ok 21:48:34.0640 0788 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 21:48:34.0656 0788 AdobeFlashPlayerUpdateSvc - ok 21:48:34.0656 0788 adpu160m - ok 21:48:34.0671 0788 [ 8bed39e3c35d6a489438b8141717a557 ] aec C:\WINDOWS\system32\drivers\aec.sys 21:48:34.0734 0788 aec - ok 21:48:34.0765 0788 [ 1e44bc1e83d8fd2305f8d452db109cf9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 21:48:34.0781 0788 AFD - ok 21:48:34.0781 0788 Aha154x - ok 21:48:34.0796 0788 aic78u2 - ok 21:48:34.0796 0788 aic78xx - ok 21:48:34.0812 0788 [ 27af056d8c42f0ab3cf1dfdcbbeb3243 ] Alerter C:\WINDOWS\system32\alrsvc.dll 21:48:34.0906 0788 Alerter - ok 21:48:34.0921 0788 [ d1738dddff196c5cee6d867c136af745 ] ALG C:\WINDOWS\System32\alg.exe 21:48:35.0000 0788 ALG - ok 21:48:35.0000 0788 AliIde - ok 21:48:35.0000 0788 amsint - ok 21:48:35.0015 0788 [ 1561430da2f2ab81cc0ce71af95a778d ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 21:48:35.0093 0788 AppMgmt - ok 21:48:35.0109 0788 [ b5b8a80875c1dededa8b02765642c32f ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 21:48:35.0187 0788 Arp1394 - ok 21:48:35.0187 0788 asc - ok 21:48:35.0187 0788 asc3350p - ok 21:48:35.0187 0788 asc3550 - ok 21:48:35.0218 0788 [ 2b4e66fac6503494a2c6f32bb6ab3826 ] AsIO C:\WINDOWS\system32\drivers\AsIO.sys 21:48:35.0250 0788 AsIO - ok 21:48:35.0281 0788 [ 0e5e4957549056e2bf2c49f4f6b601ad ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 21:48:35.0296 0788 aspnet_state - ok 21:48:35.0312 0788 [ b153affac761e7f5fcfa822b9c4e97bc ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 21:48:35.0375 0788 AsyncMac - ok 21:48:35.0390 0788 [ 9f3a2f5aa6875c72bf062c712cfa2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 21:48:35.0468 0788 atapi - ok 21:48:35.0468 0788 Atdisk - ok 21:48:35.0593 0788 [ c026951271d59ff97deb2a6b4895b416 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 21:48:35.0703 0788 ati2mtag - ok 21:48:35.0734 0788 [ d4ed96ac2fafee2c697436b9a2871cd3 ] ATITool C:\WINDOWS\system32\DRIVERS\ATITool.sys 21:48:35.0750 0788 ATITool ( UnsignedFile.Multi.Generic ) - warning 21:48:35.0750 0788 ATITool - detected UnsignedFile.Multi.Generic (1) 21:48:35.0781 0788 [ f9c24d25d9ff29f894995a64812b4d85 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys 21:48:35.0781 0788 atksgt - ok 21:48:35.0796 0788 [ 9916c1225104ba14794209cfa8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 21:48:35.0875 0788 Atmarpc - ok 21:48:35.0890 0788 [ 3a28d3e7bad0eed3810cd918b2525b54 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 21:48:35.0968 0788 AudioSrv - ok 21:48:35.0984 0788 [ d9f724aa26c010a217c97606b160ed68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 21:48:36.0062 0788 audstub - ok 21:48:36.0062 0788 [ da1f27d85e0d1525f6621372e7b685e9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 21:48:36.0156 0788 Beep - ok 21:48:36.0187 0788 [ 78200faa6fd9c69394134c238c87fb7f ] BITS C:\WINDOWS\system32\qmgr.dll 21:48:36.0281 0788 BITS - ok 21:48:36.0296 0788 [ b98ed6d85339a66a73f32fb569eb6c01 ] Browser C:\WINDOWS\System32\browser.dll 21:48:36.0390 0788 Browser - ok 21:48:36.0406 0788 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 21:48:36.0484 0788 cbidf2k - ok 21:48:36.0500 0788 [ 0be5aef125be881c4f854c554f2b025c ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 21:48:36.0593 0788 CCDECODE - ok 21:48:36.0593 0788 cd20xrnt - ok 21:48:36.0609 0788 [ c1b486a7658353d33a10cc15211a873b ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 21:48:36.0687 0788 Cdaudio - ok 21:48:36.0703 0788 [ c885b02847f5d2fd45a24e219ed93b32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 21:48:36.0765 0788 Cdfs - ok 21:48:36.0781 0788 [ 1f4260cc5b42272d71f79e570a27a4fe ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 21:48:36.0843 0788 Cdrom - ok 21:48:36.0859 0788 Changer - ok 21:48:36.0859 0788 [ 45b63df2fb498d219fcbb4425cade676 ] CiSvc C:\WINDOWS\system32\cisvc.exe 21:48:36.0937 0788 CiSvc - ok 21:48:36.0953 0788 [ c94f1b6f61858d6389c0fa06954fb9c4 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 21:48:37.0015 0788 ClipSrv - ok 21:48:37.0031 0788 [ d87acaed61e417bba546ced5e7e36d9c ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:48:37.0046 0788 clr_optimization_v2.0.50727_32 - ok 21:48:37.0078 0788 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:48:37.0093 0788 clr_optimization_v4.0.30319_32 - ok 21:48:37.0093 0788 CmdIde - ok 21:48:37.0093 0788 COMSysApp - ok 21:48:37.0109 0788 Cpqarray - ok 21:48:37.0125 0788 [ 097a0a4899b759a4f032bd464963b4be ] cpuz132 C:\WINDOWS\system32\drivers\cpuz132_x32.sys 21:48:37.0125 0788 cpuz132 ( UnsignedFile.Multi.Generic ) - warning 21:48:37.0125 0788 cpuz132 - detected UnsignedFile.Multi.Generic (1) 21:48:37.0156 0788 [ c0ead9f8ab83d41ff07303c75589c2b8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 21:48:37.0171 0788 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning 21:48:37.0171 0788 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1) 21:48:37.0171 0788 [ 6b105fe95f2e9f0b6346044ba59d41c9 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 21:48:37.0250 0788 CryptSvc - ok 21:48:37.0265 0788 [ f3853ffef16c14214a271db60243d1aa ] CT20XUT C:\WINDOWS\system32\drivers\CT20XUT.SYS 21:48:37.0265 0788 CT20XUT - ok 21:48:37.0265 0788 [ f3853ffef16c14214a271db60243d1aa ] CT20XUT.SYS C:\WINDOWS\System32\drivers\CT20XUT.SYS 21:48:37.0281 0788 CT20XUT.SYS - ok 21:48:37.0296 0788 [ 7a437a2b771c40e2255f293dc82fd20c ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys 21:48:37.0312 0788 ctac32k - ok 21:48:37.0343 0788 [ 2a68b4e68e43a394b22b3424e7a6e5af ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys 21:48:37.0359 0788 ctaud2k - ok 21:48:37.0375 0788 [ 83889cd58f286ce10b2b23368935fe89 ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe 21:48:37.0390 0788 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning 21:48:37.0390 0788 CTAudSvcService - detected UnsignedFile.Multi.Generic (1) 21:48:37.0406 0788 [ c3fe1c4c353efdfc893c1f3b7847caba ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys 21:48:37.0421 0788 ctdvda2k - ok 21:48:37.0468 0788 [ 02b287c3305c171bc7611928d4bc3b48 ] CTEXFIFX C:\WINDOWS\system32\drivers\CTEXFIFX.SYS 21:48:37.0515 0788 CTEXFIFX - ok 21:48:37.0531 0788 [ 02b287c3305c171bc7611928d4bc3b48 ] CTEXFIFX.SYS C:\WINDOWS\System32\drivers\CTEXFIFX.SYS 21:48:37.0562 0788 CTEXFIFX.SYS - ok 21:48:37.0578 0788 [ 93f1b4071ef759082d07c5864aaa67b0 ] CTHWIUT C:\WINDOWS\system32\drivers\CTHWIUT.SYS 21:48:37.0593 0788 CTHWIUT - ok 21:48:37.0593 0788 [ 93f1b4071ef759082d07c5864aaa67b0 ] CTHWIUT.SYS C:\WINDOWS\System32\drivers\CTHWIUT.SYS 21:48:37.0593 0788 CTHWIUT.SYS - ok 21:48:37.0609 0788 [ a57b34c36d1a9c886ef86311f256090f ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys 21:48:37.0609 0788 ctprxy2k - ok 21:48:37.0625 0788 [ 2bf688833a70758aaf6d89469e15a7b9 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys 21:48:37.0625 0788 ctsfm2k - ok 21:48:37.0640 0788 dac2w2k - ok 21:48:37.0640 0788 dac960nt - ok 21:48:37.0656 0788 [ a37311d9d628c1042a2836731787f0f3 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 21:48:37.0687 0788 DcomLaunch - ok 21:48:37.0718 0788 [ 6b4afe7c676cff3eff2dc06a4ee945f7 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 21:48:37.0796 0788 Dhcp - ok 21:48:37.0812 0788 [ 044452051f3e02e7963599fc8f4f3e25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 21:48:37.0875 0788 Disk - ok 21:48:37.0906 0788 [ bc9219abc5696942e6f9ac8a9b28670f ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 21:48:37.0984 0788 dmboot - ok 21:48:38.0000 0788 [ 5fa232e3ba6e1346f9f5a7e519320cb0 ] dmio C:\WINDOWS\system32\drivers\dmio.sys 21:48:38.0078 0788 dmio - ok 21:48:38.0093 0788 [ e9317282a63ca4d188c0df5e09c6ac5f ] dmload C:\WINDOWS\system32\drivers\dmload.sys 21:48:38.0171 0788 dmload - ok 21:48:38.0187 0788 [ d858920a05076914d34b0388e8d96cc0 ] dmserver C:\WINDOWS\System32\dmserver.dll 21:48:38.0265 0788 dmserver - ok 21:48:38.0296 0788 [ 8a208dfcf89792a484e76c40e5f50b45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 21:48:38.0359 0788 DMusic - ok 21:48:38.0375 0788 [ 082be13166a3354f25f78e0b2601012b ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 21:48:38.0406 0788 Dnscache - ok 21:48:38.0421 0788 [ e0b7d66cf29d9adccf873c77821cd4ca ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 21:48:38.0500 0788 Dot3svc - ok 21:48:38.0500 0788 dpti2o - ok 21:48:38.0515 0788 [ 8f5fcff8e8848afac920905fbd9d33c8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 21:48:38.0578 0788 drmkaud - ok 21:48:38.0593 0788 [ 5f256c1ad50fefdc442cd5aab58c7dd8 ] EapHost C:\WINDOWS\System32\eapsvc.dll 21:48:38.0656 0788 EapHost - ok 21:48:38.0687 0788 [ ebf597b66f03035c1cc9e8352f964680 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys 21:48:38.0687 0788 emupia - ok 21:48:38.0703 0788 [ ed1b71382c31fd2cf3cdc4672efad6ea ] ERSvc C:\WINDOWS\System32\ersvc.dll 21:48:38.0781 0788 ERSvc - ok 21:48:38.0796 0788 [ 3f3126a8f73e92f8eb369d54977d9e15 ] ESLvnic1 C:\WINDOWS\system32\DRIVERS\ESLvnic.sys 21:48:38.0796 0788 ESLvnic1 - ok 21:48:38.0828 0788 [ 25e0100c903d7531149baf1d7767f464 ] ESLWireAC C:\WINDOWS\system32\drivers\ESLWireACD.sys 21:48:38.0859 0788 ESLWireAC - ok 21:48:38.0890 0788 [ 02a467e27af55f7064c5b251e587315f ] Eventlog C:\WINDOWS\system32\services.exe 21:48:38.0921 0788 Eventlog - ok 21:48:38.0937 0788 [ 6aff804839c85859e0247164fbe5f5bb ] EventSystem C:\WINDOWS\system32\es.dll 21:48:38.0968 0788 EventSystem - ok 21:48:38.0984 0788 [ 38d332a6d56af32635675f132548343e ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 21:48:39.0046 0788 Fastfat - ok 21:48:39.0062 0788 [ 55aae86c7c2cadf6972acd1d76c24a98 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 21:48:39.0078 0788 FastUserSwitchingCompatibility - ok 21:48:39.0093 0788 [ 92cdd60b6730b9f50f6a1a0c1f8cdc81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 21:48:39.0156 0788 Fdc - ok 21:48:39.0171 0788 [ 09e2a4d33f81a06a8aab2ba0a0b5d235 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 21:48:39.0234 0788 Fips - ok 21:48:39.0250 0788 [ 9d27e7b80bfcdf1cdd9b555862d5e7f0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 21:48:39.0328 0788 Flpydisk - ok 21:48:39.0343 0788 [ b2cf4b0786f8212cb92ed2b50c6db6b0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 21:48:39.0421 0788 FltMgr - ok 21:48:39.0453 0788 [ 8ba7c024070f2b7fdd98ed8a4ba41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 21:48:39.0468 0788 FontCache3.0.0.0 - ok 21:48:39.0468 0788 [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 21:48:39.0546 0788 Fs_Rec - ok 21:48:39.0562 0788 [ ed6d921d8ab423138fb35beee6d6a6cb ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 21:48:39.0640 0788 Ftdisk - ok 21:48:39.0656 0788 [ 77ebf3e9386daa51551af429052d88d0 ] giveio C:\WINDOWS\system32\giveio.sys 21:48:39.0671 0788 giveio ( UnsignedFile.Multi.Generic ) - warning 21:48:39.0671 0788 giveio - detected UnsignedFile.Multi.Generic (1) 21:48:39.0671 0788 [ 0a02c63c8b144bd8c86b103dee7c86a2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 21:48:39.0750 0788 Gpc - ok 21:48:39.0781 0788 [ e9ea9dc7f57103d5d9cb71c27a1a47cf ] ha20x2k C:\WINDOWS\system32\drivers\ha20x2k.sys 21:48:39.0812 0788 ha20x2k - ok 21:48:39.0828 0788 [ 573c7d0a32852b48f3058cfd8026f511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 21:48:39.0906 0788 HDAudBus - ok 21:48:39.0937 0788 [ af752014f7eb61542e3f35b9374d7e76 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 21:48:40.0015 0788 helpsvc - ok 21:48:40.0031 0788 [ 1776c3b6069eeecc8042535296c1866a ] HidServ C:\WINDOWS\System32\hidserv.dll 21:48:40.0109 0788 HidServ - ok 21:48:40.0125 0788 [ ccf82c5ec8a7326c3066de870c06daf1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys 21:48:40.0187 0788 hidusb - ok 21:48:40.0218 0788 [ f0273916da6fb64cc88e0bd77619554f ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 21:48:40.0312 0788 hkmsvc - ok 21:48:40.0312 0788 hpn - ok 21:48:40.0328 0788 [ f80a415ef82cd06ffaf0d971528ead38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 21:48:40.0343 0788 HTTP - ok 21:48:40.0375 0788 [ aa268079ac119f3a596e5e27aee4bd17 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 21:48:40.0437 0788 HTTPFilter - ok 21:48:40.0453 0788 i2omgmt - ok 21:48:40.0453 0788 i2omp - ok 21:48:40.0515 0788 [ 177b372af55c4460d0968b5f1d02aa1c ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 21:48:40.0593 0788 i8042prt - ok 21:48:40.0625 0788 [ daf66902f08796f9c694901660e5a64a ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 21:48:40.0656 0788 IDriverT ( UnsignedFile.Multi.Generic ) - warning 21:48:40.0656 0788 IDriverT - detected UnsignedFile.Multi.Generic (1) 21:48:40.0703 0788 [ c01ac32dc5c03076cfb852cb5da5229c ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:48:40.0734 0788 idsvc - ok 21:48:40.0750 0788 [ 083a052659f5310dd8b6a6cb05edcf8e ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 21:48:40.0828 0788 Imapi - ok 21:48:40.0843 0788 [ 9125af650608a921f98a789e5c5ba864 ] ImapiService C:\WINDOWS\system32\imapi.exe 21:48:40.0921 0788 ImapiService - ok 21:48:40.0921 0788 ini910u - ok 21:48:40.0921 0788 IntelIde - ok 21:48:40.0921 0788 [ da153edc09de8c4f846c085caa39d1cc ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 21:48:41.0000 0788 intelppm - ok 21:48:41.0015 0788 [ 3bb22519a194418d5fec05d800a19ad0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 21:48:41.0078 0788 Ip6Fw - ok 21:48:41.0109 0788 [ 731f22ba402ee4b62748adaf6363c182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 21:48:41.0187 0788 IpFilterDriver - ok 21:48:41.0187 0788 [ b87ab476dcf76e72010632b5550955f5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 21:48:41.0265 0788 IpInIp - ok 21:48:41.0281 0788 [ cc748ea12c6effde940ee98098bf96bb ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 21:48:41.0359 0788 IpNat - ok 21:48:41.0375 0788 [ 23c74d75e36e7158768dd63d92789a91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 21:48:41.0453 0788 IPSec - ok 21:48:41.0468 0788 [ c93c9ff7b04d772627a3646d89f7bf89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 21:48:41.0531 0788 IRENUM - ok 21:48:41.0546 0788 [ c8eef2e93835b81bd335de2123121283 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 21:48:41.0609 0788 isapnp - ok 21:48:41.0671 0788 [ 39133291cb607bdd87cfc565a4a1e7a5 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 21:48:41.0671 0788 JavaQuickStarterService - ok 21:48:41.0687 0788 [ 2aeca45d4aeaacbdcb77ad11184e4601 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 21:48:41.0765 0788 Kbdclass - ok 21:48:41.0765 0788 [ f718dcddac2544bc693f22977d06f78b ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 21:48:41.0843 0788 kbdhid - ok 21:48:41.0843 0788 [ 692bcf44383d056aed41b045a323d378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 21:48:41.0921 0788 kmixer - ok 21:48:41.0921 0788 [ b467646c54cc746128904e1654c750c1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 21:48:41.0937 0788 KSecDD - ok 21:48:41.0953 0788 [ 93e64bab9dee162ca0ca5258d132a047 ] L1e C:\WINDOWS\system32\DRIVERS\l1e51x86.sys 21:48:41.0953 0788 L1e - ok 21:48:41.0984 0788 [ d8d3f1c1e82117a3776a2d320a7b3694 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys 21:48:41.0984 0788 L8042Kbd - ok 21:48:42.0000 0788 [ 5262222fb4a7b57b48115016ccfd1f4c ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys 21:48:42.0000 0788 L8042mou - ok 21:48:42.0031 0788 [ 061a4bb67c324ac8c176e0d77923b212 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 21:48:42.0046 0788 lanmanserver - ok 21:48:42.0062 0788 [ fa17019da45c5d6464776a639a5a9abb ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 21:48:42.0078 0788 lanmanworkstation - ok 21:48:42.0109 0788 [ 5644acfa1b281ce2212353552147d1a0 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys 21:48:42.0125 0788 LBeepKE - ok 21:48:42.0125 0788 lbrtfdc - ok 21:48:42.0171 0788 [ 9582504591a9f405f7505fefb4f64123 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 21:48:42.0187 0788 LBTServ - ok 21:48:42.0218 0788 [ 05d6b85ecc3204931923ab7940b9596e ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys 21:48:42.0218 0788 LHidFilt - ok 21:48:42.0234 0788 [ 8ccf9ed46d52af1375875f74a91ffacf ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys 21:48:42.0234 0788 lirsgt - ok 21:48:42.0250 0788 [ 437aa83d68f9fac234ca68dbd40db705 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 21:48:42.0343 0788 LmHosts - ok 21:48:42.0343 0788 [ 053dbcc1082fdf74ab145a71917a6556 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys 21:48:42.0343 0788 LMouFilt - ok 21:48:42.0375 0788 [ 96062ec1f26f08ebe056c026667744dd ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys 21:48:42.0375 0788 LMouKE - ok 21:48:42.0375 0788 [ 95dab70d56bbac7ddb7e6d0017d71369 ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys 21:48:42.0390 0788 LUsbFilt - ok 21:48:42.0406 0788 [ 36f3ab18b1be303da51de90a67de3942 ] Messenger C:\WINDOWS\System32\msgsvc.dll 21:48:42.0484 0788 Messenger - ok 21:48:42.0531 0788 [ 123271bd5237ab991dc5c21fdf8835eb ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 21:48:42.0531 0788 Microsoft Office Groove Audit Service - ok 21:48:42.0546 0788 [ 4ae068242760a1fb6e1a44bf4e16afa6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 21:48:42.0625 0788 mnmdd - ok 21:48:42.0656 0788 [ 845814a8cb9d704d030f076e1bce83f3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 21:48:42.0718 0788 mnmsrvc - ok 21:48:42.0734 0788 [ 4a068db7dc37d5afedb6512d2931d7b3 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 21:48:42.0812 0788 Modem - ok 21:48:42.0828 0788 [ fbed3df6b884f8cf00447b73507f2c48 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 21:48:42.0906 0788 Mouclass - ok 21:48:42.0921 0788 [ ecec1e6cd558ab80f944f31326e9d3b5 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 21:48:43.0000 0788 mouhid - ok 21:48:43.0000 0788 [ a80b9a0bad1b73637dbcbba7df72d3fd ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 21:48:43.0078 0788 MountMgr - ok 21:48:43.0093 0788 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 21:48:43.0109 0788 MozillaMaintenance - ok 21:48:43.0109 0788 mraid35x - ok 21:48:43.0125 0788 [ ceb34fd9036a4b5fe3df560992408366 ] mrdd C:\WINDOWS\system32\DRIVERS\mrdd.sys 21:48:43.0140 0788 mrdd - ok 21:48:43.0140 0788 [ 11d42bb6206f33fbb3ba0288d3ef81bd ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 21:48:43.0218 0788 MRxDAV - ok 21:48:43.0250 0788 [ 7d304a5eb4344ebeeab53a2fe3ffb9f0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 21:48:43.0265 0788 MRxSmb - ok 21:48:43.0281 0788 [ a54c5eecc7d3424824410bae0aa6c371 ] MSDTC C:\WINDOWS\system32\msdtc.exe 21:48:43.0359 0788 MSDTC - ok 21:48:43.0375 0788 [ c941ea2454ba8350021d774daf0f1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 21:48:43.0453 0788 Msfs - ok 21:48:43.0453 0788 MSIServer - ok 21:48:43.0468 0788 [ d1575e71568f4d9e14ca56b7b0453bf1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 21:48:43.0546 0788 MSKSSRV - ok 21:48:43.0578 0788 [ 325bb26842fc7ccc1fcce2c457317f3e ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 21:48:43.0640 0788 MSPCLOCK - ok 21:48:43.0640 0788 [ bad59648ba099da4a17680b39730cb3d ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 21:48:43.0703 0788 MSPQM - ok 21:48:43.0718 0788 [ af5f4f3f14a8ea2c26de30f7a1e17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 21:48:43.0796 0788 mssmbios - ok 21:48:43.0796 0788 [ e53736a9e30c45fa9e7b5eac55056d1d ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 21:48:43.0875 0788 MSTEE - ok 21:48:43.0890 0788 [ d48659bb24c48345d926ecb45c1ebdf5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys 21:48:43.0921 0788 MTsensor - ok 21:48:43.0937 0788 [ de6a75f5c270e756c5508d94b6cf68f5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 21:48:43.0953 0788 Mup - ok 21:48:43.0968 0788 [ 4678bac36f9ce8c633eedd0ca1f569bf ] mv61xx C:\WINDOWS\system32\DRIVERS\mv61xx.sys 21:48:43.0984 0788 mv61xx - ok 21:48:44.0000 0788 [ 5b50f1b2a2ed47d560577b221da734db ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 21:48:44.0062 0788 NABTSFEC - ok 21:48:44.0093 0788 [ 14cb8528e17d1221c50fc8ca88b1795f ] napagent C:\WINDOWS\System32\qagentrt.dll 21:48:44.0171 0788 napagent - ok 21:48:44.0171 0788 [ 1df7f42665c94b825322fae71721130d ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 21:48:44.0234 0788 NDIS - ok 21:48:44.0250 0788 [ 7ff1f1fd8609c149aa432f95a8163d97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 21:48:44.0328 0788 NdisIP - ok 21:48:44.0328 0788 [ 0109c4f3850dfbab279542515386ae22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 21:48:44.0343 0788 NdisTapi - ok 21:48:44.0359 0788 [ f927a4434c5028758a842943ef1a3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 21:48:44.0437 0788 Ndisuio - ok 21:48:44.0437 0788 [ edc1531a49c80614b2cfda43ca8659ab ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 21:48:44.0515 0788 NdisWan - ok 21:48:44.0531 0788 [ 9282bd12dfb069d3889eb3fcc1000a9b ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 21:48:44.0546 0788 NDProxy - ok 21:48:44.0562 0788 [ 5d81cf9a2f1a3a756b66cf684911cdf0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 21:48:44.0625 0788 NetBIOS - ok 21:48:44.0640 0788 [ 74b2b2f5bea5e9a3dc021d685551bd3d ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 21:48:44.0718 0788 NetBT - ok 21:48:44.0734 0788 [ cbb409b314309fcffce5e682e91338c6 ] NetDDE C:\WINDOWS\system32\netdde.exe 21:48:44.0812 0788 NetDDE - ok 21:48:44.0828 0788 [ cbb409b314309fcffce5e682e91338c6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 21:48:44.0890 0788 NetDDEdsdm - ok 21:48:44.0906 0788 [ 88296f7943f30a1ee3af735440b92268 ] Netlogon C:\WINDOWS\system32\lsass.exe 21:48:44.0984 0788 Netlogon - ok 21:48:45.0000 0788 [ 4fe97d0b1b182df2a9bdd4c02155ef5e ] Netman C:\WINDOWS\System32\netman.dll 21:48:45.0062 0788 Netman - ok 21:48:45.0093 0788 [ d34612c5d02d026535b3095d620626ae ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:48:45.0109 0788 NetTcpPortSharing - ok 21:48:45.0140 0788 [ e9e47cfb2d461fa0fc75b7a74c6383ea ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 21:48:45.0203 0788 NIC1394 - ok 21:48:45.0234 0788 [ 9d1f13706fb5f02d0e8795fb2d03971d ] Nla C:\WINDOWS\System32\mswsock.dll 21:48:45.0250 0788 Nla - ok 21:48:45.0281 0788 [ fd306fbcce7adb1077b709742e7148e9 ] NMSAccessU C:\Program Files\CDBurnerXP\NMSAccessU.exe 21:48:45.0296 0788 NMSAccessU - ok 21:48:45.0312 0788 [ ce48bb59fdb4e38de3712a05fee29e25 ] NPF C:\WINDOWS\system32\drivers\npf.sys 21:48:45.0328 0788 NPF ( UnsignedFile.Multi.Generic ) - warning 21:48:45.0328 0788 NPF - detected UnsignedFile.Multi.Generic (1) 21:48:45.0328 0788 [ 3182d64ae053d6fb034f44b6def8034a ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 21:48:45.0406 0788 Npfs - ok 21:48:45.0406 0788 npggsvc - ok 21:48:45.0421 0788 [ 78a08dd6a8d65e697c18e1db01c5cdca ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 21:48:45.0500 0788 Ntfs - ok 21:48:45.0500 0788 [ 88296f7943f30a1ee3af735440b92268 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 21:48:45.0578 0788 NtLmSsp - ok 21:48:45.0593 0788 [ 3fb5399dbb7001a80d58edad64c98225 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 21:48:45.0671 0788 NtmsSvc - ok 21:48:45.0671 0788 [ 73c1e1f395918bc2c6dd67af7591a3ad ] Null C:\WINDOWS\system32\drivers\Null.sys 21:48:45.0750 0788 Null - ok 21:48:45.0906 0788 [ bf506d232c5e6f2dae80f5c11b45c60e ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 21:48:46.0093 0788 nv - ok 21:48:46.0109 0788 [ ce8cce2b9f96aca02e5ded4298a7796d ] nvsvc C:\WINDOWS\system32\nvsvc32.exe 21:48:46.0125 0788 nvsvc ( UnsignedFile.Multi.Generic ) - warning 21:48:46.0125 0788 nvsvc - detected UnsignedFile.Multi.Generic (1) 21:48:46.0156 0788 [ b305f3fad35083837ef46a0bbce2fc57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 21:48:46.0234 0788 NwlnkFlt - ok 21:48:46.0250 0788 [ c99b3415198d1aab7227f2c88fd664b9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 21:48:46.0312 0788 NwlnkFwd - ok 21:48:46.0359 0788 [ 1f0e05dff4f5a833168e49be1256f002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 21:48:46.0375 0788 odserv - ok 21:48:46.0406 0788 [ ca33832df41afb202ee7aeb05145922f ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 21:48:46.0468 0788 ohci1394 - ok 21:48:46.0500 0788 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:48:46.0500 0788 ose - ok 21:48:46.0515 0788 [ 0e2f8a96f238d4a45068275fc659a2fc ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys 21:48:46.0531 0788 ossrv - ok 21:48:46.0578 0788 [ 01907300eb52206b06facb9608f369a9 ] PanService C:\Program Files\PANDORA.TV\PanService\PandoraService.exe 21:48:46.0593 0788 PanService - ok 21:48:46.0609 0788 [ 2d4cdaebced17743aa9e25d3016dc229 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 21:48:46.0671 0788 Parport - ok 21:48:46.0687 0788 [ beb3ba25197665d82ec7065b724171c6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 21:48:46.0750 0788 PartMgr - ok 21:48:46.0765 0788 [ 453ec2c2a20a1382f564541918520eeb ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 21:48:46.0843 0788 ParVdm - ok 21:48:46.0859 0788 [ 6862c69168d787b85a7d95ccd33c694e ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 21:48:46.0921 0788 PCI - ok 21:48:46.0921 0788 PCIDump - ok 21:48:46.0937 0788 [ 548cf2d6369eae441a4c6baa75bc4f0a ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 21:48:47.0031 0788 PCIIde - ok 21:48:47.0031 0788 [ 8db27f1ae9593c94095485305a583862 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 21:48:47.0109 0788 Pcmcia - ok 21:48:47.0109 0788 PDCOMP - ok 21:48:47.0109 0788 PDFRAME - ok 21:48:47.0109 0788 PDRELI - ok 21:48:47.0109 0788 PDRFRAME - ok 21:48:47.0109 0788 perc2 - ok 21:48:47.0125 0788 perc2hib - ok 21:48:47.0125 0788 [ 02a467e27af55f7064c5b251e587315f ] PlugPlay C:\WINDOWS\system32\services.exe 21:48:47.0156 0788 PlugPlay - ok 21:48:47.0171 0788 [ 88296f7943f30a1ee3af735440b92268 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 21:48:47.0234 0788 PolicyAgent - ok 21:48:47.0265 0788 [ 7d5a2d755b6c6579f63657b527d6ff1b ] PortTalk C:\WINDOWS\system32\Drivers\PortTalk.sys 21:48:47.0265 0788 PortTalk ( UnsignedFile.Multi.Generic ) - warning 21:48:47.0265 0788 PortTalk - detected UnsignedFile.Multi.Generic (1) 21:48:47.0281 0788 [ efeec01b1d3cf84f16ddd24d9d9d8f99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 21:48:47.0343 0788 PptpMiniport - ok 21:48:47.0375 0788 [ 4228630829c0e521c43d882a00533374 ] PQNTDrv C:\WINDOWS\system32\drivers\PQNTDrv.sys 21:48:47.0375 0788 PQNTDrv ( UnsignedFile.Multi.Generic ) - warning 21:48:47.0375 0788 PQNTDrv - detected UnsignedFile.Multi.Generic (1) 21:48:47.0375 0788 [ 88296f7943f30a1ee3af735440b92268 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 21:48:47.0453 0788 ProtectedStorage - ok 21:48:47.0453 0788 [ 09298ec810b07e5d582cb3a3f9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 21:48:47.0515 0788 PSched - ok 21:48:47.0531 0788 [ dc6a43cdecc16cbd1ab8f26dccf49703 ] PsSdk40 C:\WINDOWS\system32\Drivers\pssdk40.sys 21:48:47.0546 0788 PsSdk40 - ok 21:48:47.0578 0788 [ 69b25e6601c59115490def40fce53555 ] PsSdkLBF C:\WINDOWS\system32\Drivers\pssdklbf.sys 21:48:47.0578 0788 PsSdkLBF - ok 21:48:47.0578 0788 [ 80d317bd1c3dbc5d4fe7b1678c60cadd ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 21:48:47.0656 0788 Ptilink - ok 21:48:47.0656 0788 [ 153d02480a0a2f45785522e814c634b6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 21:48:47.0671 0788 PxHelp20 - ok 21:48:47.0671 0788 ql1080 - ok 21:48:47.0671 0788 Ql10wnt - ok 21:48:47.0671 0788 ql12160 - ok 21:48:47.0671 0788 ql1240 - ok 21:48:47.0671 0788 ql1280 - ok 21:48:47.0687 0788 [ fe0d99d6f31e4fad8159f690d68ded9c ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 21:48:47.0765 0788 RasAcd - ok 21:48:47.0781 0788 [ bc22c5e1238d4d36d65679e249c483c3 ] RasAuto C:\WINDOWS\System32\rasauto.dll 21:48:47.0859 0788 RasAuto - ok 21:48:47.0859 0788 [ 11b4a627bc9614b885c4969bfa5ff8a6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 21:48:47.0921 0788 Rasl2tp - ok 21:48:47.0953 0788 [ 0c392e397b8d34aaaf19ec6119cbb788 ] RasMan C:\WINDOWS\System32\rasmans.dll 21:48:48.0031 0788 RasMan - ok 21:48:48.0046 0788 [ 5bc962f2654137c9909c3d4603587dee ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 21:48:48.0109 0788 RasPppoe - ok 21:48:48.0109 0788 [ fdbb1d60066fcfbb7452fd8f9829b242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 21:48:48.0171 0788 Raspti - ok 21:48:48.0187 0788 [ 7ad224ad1a1437fe28d89cf22b17780a ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 21:48:48.0265 0788 Rdbss - ok 21:48:48.0281 0788 [ 4912d5b403614ce99c28420f75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 21:48:48.0359 0788 RDPCDD - ok 21:48:48.0375 0788 [ 15cabd0f7c00c47c70124907916af3f1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 21:48:48.0453 0788 rdpdr - ok 21:48:48.0484 0788 [ 6589db6e5969f8eee594cf71171c5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 21:48:48.0515 0788 RDPWD - ok 21:48:48.0531 0788 [ f83907a9a038db2e35329b039628d293 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 21:48:48.0609 0788 RDSessMgr - ok 21:48:48.0625 0788 [ e0c7bbd18040b58651bac700c804861d ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 21:48:48.0687 0788 redbook - ok 21:48:48.0703 0788 [ b3f57e6115bcd4dbade9874f300655e3 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 21:48:48.0781 0788 RemoteAccess - ok 21:48:48.0781 0788 [ b472b59ef98469c91651b751d3442cb8 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 21:48:48.0859 0788 RemoteRegistry - ok 21:48:48.0875 0788 [ 9ffc7e81313d48a27df2727f82e402d4 ] RMSPPPOE C:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYS 21:48:48.0875 0788 RMSPPPOE ( UnsignedFile.Multi.Generic ) - warning 21:48:48.0875 0788 RMSPPPOE - detected UnsignedFile.Multi.Generic (1) 21:48:48.0875 0788 [ 6bc4d5a70f46ea27ddc14e5414c862a5 ] RpcLocator C:\WINDOWS\system32\locator.exe 21:48:48.0953 0788 RpcLocator - ok 21:48:48.0953 0788 [ a37311d9d628c1042a2836731787f0f3 ] RpcSs C:\WINDOWS\System32\rpcss.dll 21:48:48.0984 0788 RpcSs - ok 21:48:49.0015 0788 [ 9acee3313020a01235336c2a483afd1a ] RSVP C:\WINDOWS\system32\rsvp.exe 21:48:49.0078 0788 RSVP - ok 21:48:49.0093 0788 [ 88296f7943f30a1ee3af735440b92268 ] SamSs C:\WINDOWS\system32\lsass.exe 21:48:49.0171 0788 SamSs - ok 21:48:49.0203 0788 [ 0e37b22d506d09f349885049db34f0dc ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys 21:48:49.0218 0788 SbieDrv - ok 21:48:49.0218 0788 [ e45eb090757b6b4a51bdc6ab902f17d8 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe 21:48:49.0234 0788 SbieSvc - ok 21:48:49.0250 0788 [ 72aecf54aac22b20956d08610972b5a1 ] SBRE C:\WINDOWS\system32\drivers\SBREdrv.sys 21:48:49.0265 0788 SBRE - ok 21:48:49.0281 0788 [ dd73c11a5c4d14945846384b90a61a4b ] Schedule C:\WINDOWS\system32\schedsvc.dll 21:48:49.0359 0788 Schedule - ok 21:48:49.0390 0788 [ 90a3935d05b494a5a39d37e71f09a677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 21:48:49.0453 0788 Secdrv - ok 21:48:49.0468 0788 [ 2aad9026648120fffe2a8d871bb2bbc7 ] seclogon C:\WINDOWS\System32\seclogon.dll 21:48:49.0531 0788 seclogon - ok 21:48:49.0546 0788 [ 9d01e29d59723eb73b72107b208dafe6 ] SENS C:\WINDOWS\system32\sens.dll 21:48:49.0625 0788 SENS - ok 21:48:49.0625 0788 [ 0f29512ccd6bead730039fb4bd2c85ce ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 21:48:49.0703 0788 serenum - ok 21:48:49.0718 0788 [ d07b02f88165e69b9f17162cf592c8a6 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 21:48:49.0781 0788 Serial - ok 21:48:49.0796 0788 [ 8e6b8c671615d126fdc553d1e2de5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 21:48:49.0875 0788 Sfloppy - ok 21:48:49.0906 0788 [ da5c015911f68f22ed821e9ee49ab233 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 21:48:49.0968 0788 SharedAccess - ok 21:48:49.0984 0788 [ 55aae86c7c2cadf6972acd1d76c24a98 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 21:48:50.0000 0788 ShellHWDetection - ok 21:48:50.0000 0788 Simbad - ok 21:48:50.0015 0788 [ 866d538ebe33709a5c9f5c62b73b7d14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 21:48:50.0078 0788 SLIP - ok 21:48:50.0078 0788 Sparrow - ok 21:48:50.0093 0788 [ 5d6401db90ec81b71f8e2c5c8f0fef23 ] speedfan C:\WINDOWS\system32\speedfan.sys 21:48:50.0109 0788 speedfan ( UnsignedFile.Multi.Generic ) - warning 21:48:50.0109 0788 speedfan - detected UnsignedFile.Multi.Generic (1) 21:48:50.0125 0788 [ ab8b92451ecb048a4d1de7c3ffcb4a9f ] splitter C:\WINDOWS\system32\drivers\splitter.sys 21:48:50.0187 0788 splitter - ok 21:48:50.0218 0788 [ 60784f891563fb1b767f70117fc2428f ] Spooler C:\WINDOWS\system32\spoolsv.exe 21:48:50.0218 0788 Spooler - ok 21:48:50.0218 0788 sptd - ok 21:48:50.0234 0788 [ eb032822be406ef220d546ddffcf0002 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 21:48:50.0296 0788 sr - ok 21:48:50.0328 0788 [ 316d0e66074ae4cde641c50d3a1c5148 ] srservice C:\WINDOWS\system32\srsvc.dll 21:48:50.0390 0788 srservice - ok 21:48:50.0406 0788 [ 47ddfc2f003f7f9f0592c6874962a2e7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 21:48:50.0437 0788 Srv - ok 21:48:50.0453 0788 [ 2c0b1224aa36b4ca1753302baa855882 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 21:48:50.0531 0788 SSDPSRV - ok 21:48:50.0546 0788 [ 41508ea375c97dc2b56e5f1afc067187 ] stisvc C:\WINDOWS\system32\wiaservc.dll 21:48:50.0625 0788 stisvc - ok 21:48:50.0640 0788 [ 77813007ba6265c4b6098187e6ed79d2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 21:48:50.0703 0788 streamip - ok 21:48:50.0718 0788 [ 3941d127aef12e93addf6fe6ee027e0f ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 21:48:50.0781 0788 swenum - ok 21:48:50.0796 0788 [ 8ce882bcc6cf8a62f2b2323d95cb3d01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 21:48:50.0859 0788 swmidi - ok 21:48:50.0875 0788 SwPrv - ok 21:48:50.0875 0788 symc810 - ok 21:48:50.0875 0788 symc8xx - ok 21:48:50.0875 0788 sym_hi - ok 21:48:50.0875 0788 sym_u3 - ok 21:48:50.0890 0788 [ 8b83f3ed0f1688b4958f77cd6d2bf290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 21:48:50.0953 0788 sysaudio - ok 21:48:50.0968 0788 [ 2340e6977548038c88e39a9ecbb3fadc ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 21:48:51.0031 0788 TapiSrv - ok 21:48:51.0046 0788 [ 9aefa14bd6b182d61e3119fa5f436d3d ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 21:48:51.0093 0788 Tcpip - ok 21:48:51.0125 0788 [ 6471a66807f5e104e4885f5b67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 21:48:51.0203 0788 TDPIPE - ok 21:48:51.0218 0788 [ c56b6d0402371cf3700eb322ef3aaf61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 21:48:51.0296 0788 TDTCP - ok 21:48:51.0296 0788 [ 88155247177638048422893737429d9e ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 21:48:51.0375 0788 TermDD - ok 21:48:51.0390 0788 [ 52e0505408edd4ab5ccc7f83b67b4299 ] TermService C:\WINDOWS\System32\termsrv.dll 21:48:51.0468 0788 TermService - ok 21:48:51.0484 0788 [ 55aae86c7c2cadf6972acd1d76c24a98 ] Themes C:\WINDOWS\System32\shsvcs.dll 21:48:51.0500 0788 Themes - ok 21:48:51.0515 0788 [ b17551ab6eaa71dca530632c15fa3d9a ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 21:48:51.0593 0788 TlntSvr - ok 21:48:51.0593 0788 TosIde - ok 21:48:51.0609 0788 [ 9e70eb419d7785c286dc458a019bab9b ] TrkWks C:\WINDOWS\system32\trkwks.dll 21:48:51.0671 0788 TrkWks - ok 21:48:51.0687 0788 [ 8f861eda21c05857eb8197300a92501c ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys 21:48:51.0765 0788 tunmp - ok 21:48:51.0781 0788 [ 5787b80c2e3c5e2f56c2a233d91fa2c9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 21:48:51.0843 0788 Udfs - ok 21:48:51.0843 0788 ultra - ok 21:48:51.0875 0788 [ 402ddc88356b1bac0ee3dd1580c76a31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 21:48:51.0937 0788 Update - ok 21:48:51.0968 0788 [ e96a6baee0b2a14a38b45830d6e30697 ] upnphost C:\WINDOWS\System32\upnphost.dll 21:48:52.0031 0788 upnphost - ok 21:48:52.0046 0788 [ eb90e28b28541ec845e5345609355ca7 ] UPS C:\WINDOWS\System32\ups.exe 21:48:52.0125 0788 UPS - ok 21:48:52.0140 0788 [ 173f317ce0db8e21322e71b7e60a27e8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 21:48:52.0218 0788 usbccgp - ok 21:48:52.0234 0788 [ 65dcf09d0e37d4c6b11b5b0b76d470a7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 21:48:52.0296 0788 usbehci - ok 21:48:52.0312 0788 [ 1ab3cdde553b6e064d2e754efe20285c ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 21:48:52.0390 0788 usbhub - ok 21:48:52.0406 0788 [ a0b8cf9deb1184fbdd20784a58fa75d4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 21:48:52.0468 0788 usbscan - ok 21:48:52.0484 0788 [ a32426d9b14a089eaa1d922e0c5801a9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 21:48:52.0546 0788 USBSTOR - ok 21:48:52.0562 0788 [ 26496f9dee2d787fc3e61ad54821ffe6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 21:48:52.0625 0788 usbuhci - ok 21:48:52.0640 0788 [ 63bbfca7f390f4c49ed4b96bfb1633e0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys 21:48:52.0718 0788 usbvideo - ok 21:48:52.0718 0788 [ 0d3a8fafceacd8b7625cd549757a7df1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 21:48:52.0796 0788 VgaSave - ok 21:48:52.0796 0788 ViaIde - ok 21:48:52.0812 0788 [ 56b191ac5fc0df219949c95a6c87afe7 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 21:48:52.0875 0788 VolSnap - ok 21:48:52.0890 0788 [ a672ca3981352f8e9c30fea056e80a62 ] W32Time C:\WINDOWS\system32\w32time.dll 21:48:52.0953 0788 W32Time - ok 21:48:52.0968 0788 [ e20b95baedb550f32dd489265c1da1f6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 21:48:53.0031 0788 Wanarp - ok 21:48:53.0062 0788 [ fd47474bd21794508af449d9d91af6e6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 21:48:53.0078 0788 Wdf01000 - ok 21:48:53.0078 0788 WDICA - ok 21:48:53.0093 0788 [ 6768acf64b18196494413695f0c3a00f ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 21:48:53.0171 0788 wdmaud - ok 21:48:53.0187 0788 [ 81fb88b975e25d76e00b69879d8a434c ] WebClient C:\WINDOWS\System32\webclnt.dll 21:48:53.0250 0788 WebClient - ok 21:48:53.0296 0788 [ 70c22297534a88b0ad0568900ab5a6d9 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 21:48:53.0375 0788 winmgmt - ok 21:48:53.0390 0788 [ 2f4929ecf281ed89822f401cfbd89c70 ] WireHelpSvc C:\Program Files\Common Files\WireHelpSvc.exe 21:48:53.0406 0788 WireHelpSvc - ok 21:48:53.0437 0788 [ 051b1bdecd6dee18c771b5d5ec7f044d ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 21:48:53.0453 0788 WmdmPmSN - ok 21:48:53.0468 0788 [ afce55c392a9676bd24a287d5ed1c777 ] Wmi C:\WINDOWS\System32\advapi32.dll 21:48:53.0515 0788 Wmi - ok 21:48:53.0578 0788 [ 9fbd45f6726d59f9d2a31e6552df3a04 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 21:48:53.0609 0788 WMPNetworkSvc - ok 21:48:53.0625 0788 [ c60dc16d4e406810fad54b98dc92d5ec ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 21:48:53.0625 0788 WpdUsb - ok 21:48:53.0687 0788 [ dcf3e3edf5109ee8bc02fe6e1f045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 21:48:53.0718 0788 WPFFontCache_v0400 - ok 21:48:53.0734 0788 [ b6669f49d42e09bc0f9889faa0f3336d ] wscsvc C:\WINDOWS\system32\wscsvc.dll 21:48:53.0812 0788 wscsvc - ok 21:48:53.0828 0788 [ c98b39829c2bbd34e454150633c62c78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 21:48:53.0890 0788 WSTCODEC - ok 21:48:53.0906 0788 [ 04550d5eb7ee82c115db547c01df09fd ] wuauserv C:\WINDOWS\system32\wuauserv.dll 21:48:53.0984 0788 wuauserv - ok 21:48:54.0015 0788 [ f15feafffbb3644ccc80c5da584e6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 21:48:54.0031 0788 WudfPf - ok 21:48:54.0031 0788 [ 28b524262bce6de1f7ef9f510ba3985b ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 21:48:54.0046 0788 WudfRd - ok 21:48:54.0046 0788 [ 05231c04253c5bc30b26cbaae680ed89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 21:48:54.0062 0788 WudfSvc - ok 21:48:54.0093 0788 [ c2842273aaa77ac031edb87fa19a2147 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 21:48:54.0187 0788 WZCSVC - ok 21:48:54.0203 0788 [ 24ed6935771359a5aef1fe8bf0c56f39 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 21:48:54.0265 0788 xmlprov - ok 21:48:54.0265 0788 ================ Scan global =============================== 21:48:54.0281 0788 (65c782f8cfc1bebcc58e1532f44b6408) C:\WINDOWS\system32\basesrv.dll 21:48:54.0312 0788 (19feef6cedd18ade51092b947dbbcb02) C:\WINDOWS\system32\winsrv.dll 21:48:54.0328 0788 (19feef6cedd18ade51092b947dbbcb02) C:\WINDOWS\system32\winsrv.dll 21:48:54.0343 0788 (02a467e27af55f7064c5b251e587315f) C:\WINDOWS\system32\services.exe 21:48:54.0343 0788 [Global] - ok 21:48:54.0343 0788 ================ Scan MBR ================================== 21:48:54.0359 0788 MBR (0x1B8) (9c603bc3977968c891de319283e1e7af) \Device\Harddisk0\DR0 21:48:54.0359 0788 Suspicious mbr (Forged): \Device\Harddisk0\DR0 21:48:54.0390 0788 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected 21:48:54.0390 0788 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0) 21:48:54.0468 0788 ================ Scan VBR ================================== 21:48:54.0468 0788 Boot (0x1200) (0ecae6a444be2f2a5d48ddb7f0bb6dd4) \Device\Harddisk0\DR0\Partition1 21:48:54.0468 0788 \Device\Harddisk0\DR0\Partition1 - ok 21:48:54.0500 0788 Boot (0x1200) (45607776304f2511c87d7a95565ced0d) \Device\Harddisk0\DR0\Partition2 21:48:54.0500 0788 \Device\Harddisk0\DR0\Partition2 - ok 21:48:54.0515 0788 Boot (0x1200) (dfb9fd9d5b661825d2de0c0fa4fad87a) \Device\Harddisk0\DR0\Partition3 21:48:54.0515 0788 \Device\Harddisk0\DR0\Partition3 - ok 21:48:54.0531 0788 Boot (0x1200) (4a207c84ad11db568d904d1110dc2f73) \Device\Harddisk0\DR0\Partition4 21:48:54.0531 0788 \Device\Harddisk0\DR0\Partition4 - ok 21:48:54.0546 0788 Boot (0x1200) (fa24595bce346cf17d8781d3e2bb2481) \Device\Harddisk0\DR0\Partition5 21:48:54.0546 0788 \Device\Harddisk0\DR0\Partition5 - ok 21:48:54.0562 0788 Boot (0x1200) (50968a6171d9548700ce831c58c219f5) \Device\Harddisk0\DR0\Partition6 21:48:54.0562 0788 \Device\Harddisk0\DR0\Partition6 - ok 21:48:54.0562 0788 ============================================================ 21:48:54.0562 0788 Scan finished 21:48:54.0562 0788 ============================================================ 21:48:54.0671 3460 Detected object count: 13 21:48:54.0671 3460 Actual detected object count: 13 21:49:01.0390 3460 ATITool ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0390 3460 ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0390 3460 cpuz132 ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0390 3460 cpuz132 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0390 3460 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0390 3460 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0390 3460 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0390 3460 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0390 3460 giveio ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0390 3460 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0390 3460 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0390 3460 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0390 3460 NPF ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0390 3460 NPF ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0390 3460 nvsvc ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0390 3460 nvsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0390 3460 PortTalk ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0406 3460 PortTalk ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0406 3460 PQNTDrv ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0406 3460 PQNTDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0406 3460 RMSPPPOE ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0406 3460 RMSPPPOE ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0406 3460 speedfan ( UnsignedFile.Multi.Generic ) - skipped by user 21:49:01.0406 3460 speedfan ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:49:01.0406 3460 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - skipped by user 21:49:01.0406 3460 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Skip 21:49:38.0125 2820 Deinitialize success