16:58:41.0114 0884 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 16:58:41.0254 0884 ============================================================ 16:58:41.0254 0884 Current date / time: 2012/11/27 16:58:41.0254 16:58:41.0254 0884 SystemInfo: 16:58:41.0254 0884 16:58:41.0254 0884 OS Version: 5.1.2600 ServicePack: 3.0 16:58:41.0254 0884 Product type: Workstation 16:58:41.0254 0884 ComputerName: ATF-362C1C96D63 16:58:41.0254 0884 UserName: wojtron 16:58:41.0254 0884 Windows directory: C:\WINDOWS 16:58:41.0254 0884 System windows directory: C:\WINDOWS 16:58:41.0254 0884 Processor architecture: Intel x86 16:58:41.0254 0884 Number of processors: 1 16:58:41.0254 0884 Page size: 0x1000 16:58:41.0254 0884 Boot type: Normal boot 16:58:41.0254 0884 ============================================================ 16:58:41.0645 0884 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 16:58:41.0665 0884 Drive \Device\Harddisk1\DR1 - Size: 0x12A3F92000 (74.56 Gb), SectorSize: 0x200, Cylinders: 0x2605, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 16:58:41.0665 0884 ============================================================ 16:58:41.0665 0884 \Device\Harddisk0\DR0: 16:58:41.0665 0884 MBR partitions: 16:58:41.0665 0884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1770D3B 16:58:41.0675 0884 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1770DB9, BlocksNum 0x7D9D708 16:58:41.0675 0884 \Device\Harddisk1\DR1: 16:58:41.0675 0884 MBR partitions: 16:58:41.0675 0884 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x951A0C5 16:58:41.0675 0884 ============================================================ 16:58:41.0695 0884 C: <-> \Device\Harddisk0\DR0\Partition1 16:58:41.0715 0884 D: <-> \Device\Harddisk0\DR0\Partition2 16:58:41.0735 0884 E: <-> \Device\Harddisk1\DR1\Partition1 16:58:41.0735 0884 ============================================================ 16:58:41.0735 0884 Initialize success 16:58:41.0735 0884 ============================================================ 16:58:48.0374 3044 ============================================================ 16:58:48.0374 3044 Scan started 16:58:48.0374 3044 Mode: Manual; SigCheck; TDLFS; 16:58:48.0374 3044 ============================================================ 16:58:48.0475 3044 ================ Scan system memory ======================== 16:58:48.0475 3044 System memory - ok 16:58:48.0475 3044 ================ Scan services ============================= 16:58:48.0595 3044 Abiosdsk - ok 16:58:48.0605 3044 abp480n5 - ok 16:58:48.0655 3044 [ 05118282F5D039595A2B92B4A4AFE197 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 16:58:48.0915 3044 ACPI - ok 16:58:48.0945 3044 [ 66A42B7DB194E24B973BBCCE840A0F3F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 16:58:49.0085 3044 ACPIEC - ok 16:58:49.0145 3044 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 16:58:49.0186 3044 AdobeFlashPlayerUpdateSvc - ok 16:58:49.0196 3044 adpu160m - ok 16:58:49.0236 3044 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 16:58:49.0386 3044 aec - ok 16:58:49.0436 3044 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 16:58:49.0486 3044 AFD - ok 16:58:49.0486 3044 Aha154x - ok 16:58:49.0496 3044 aic78u2 - ok 16:58:49.0516 3044 aic78xx - ok 16:58:49.0836 3044 [ DD8520280304B6145A6BE31008748C7C ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS 16:58:50.0668 3044 ALCXWDM - ok 16:58:50.0688 3044 [ 27AF056D8C42F0AB3CF1DFDCBBEB3243 ] Alerter C:\WINDOWS\system32\alrsvc.dll 16:58:50.0838 3044 Alerter - ok 16:58:50.0858 3044 [ D1738DDDFF196C5CEE6D867C136AF745 ] ALG C:\WINDOWS\System32\alg.exe 16:58:50.0918 3044 ALG - ok 16:58:50.0928 3044 AliIde - ok 16:58:50.0938 3044 amsint - ok 16:58:50.0948 3044 AppMgmt - ok 16:58:50.0958 3044 asc - ok 16:58:50.0978 3044 asc3350p - ok 16:58:50.0988 3044 asc3550 - ok 16:58:51.0058 3044 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 16:58:51.0108 3044 aspnet_state - ok 16:58:51.0138 3044 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 16:58:51.0289 3044 AsyncMac - ok 16:58:51.0339 3044 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 16:58:51.0489 3044 atapi - ok 16:58:51.0499 3044 Atdisk - ok 16:58:51.0579 3044 [ 471087B5E1E01CC82604E81EA14781D8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 16:58:51.0739 3044 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning 16:58:51.0739 3044 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1) 16:58:51.0819 3044 [ B979BA0120B6DB757196A8E2E873FE3C ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe 16:58:51.0919 3044 ATI Smart ( UnsignedFile.Multi.Generic ) - warning 16:58:51.0919 3044 ATI Smart - detected UnsignedFile.Multi.Generic (1) 16:58:52.0220 3044 [ C0B86ECB324E50F6BBD529F9D5C6B24B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 16:58:52.0771 3044 ati2mtag ( UnsignedFile.Multi.Generic ) - warning 16:58:52.0771 3044 ati2mtag - detected UnsignedFile.Multi.Generic (1) 16:58:52.0811 3044 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 16:58:52.0971 3044 Atmarpc - ok 16:58:53.0011 3044 [ 3A28D3E7BAD0EED3810CD918B2525B54 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 16:58:53.0181 3044 AudioSrv - ok 16:58:53.0201 3044 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 16:58:53.0362 3044 audstub - ok 16:58:53.0402 3044 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 16:58:53.0572 3044 Beep - ok 16:58:53.0632 3044 [ 78200FAA6FD9C69394134C238C87FB7F ] BITS C:\WINDOWS\system32\qmgr.dll 16:58:53.0932 3044 BITS - ok 16:58:53.0952 3044 [ B98ED6D85339A66A73F32FB569EB6C01 ] Browser C:\WINDOWS\System32\browser.dll 16:58:54.0133 3044 Browser - ok 16:58:54.0163 3044 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 16:58:54.0333 3044 cbidf2k - ok 16:58:54.0343 3044 cd20xrnt - ok 16:58:54.0373 3044 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 16:58:54.0553 3044 Cdaudio - ok 16:58:54.0583 3044 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 16:58:54.0744 3044 Cdfs - ok 16:58:54.0774 3044 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 16:58:54.0954 3044 Cdrom - ok 16:58:54.0964 3044 Changer - ok 16:58:55.0004 3044 [ 45B63DF2FB498D219FCBB4425CADE676 ] CiSvc C:\WINDOWS\system32\cisvc.exe 16:58:55.0184 3044 CiSvc - ok 16:58:55.0214 3044 [ C94F1B6F61858D6389C0FA06954FB9C4 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 16:58:55.0374 3044 ClipSrv - ok 16:58:55.0404 3044 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:58:55.0475 3044 clr_optimization_v2.0.50727_32 - ok 16:58:55.0485 3044 CmdIde - ok 16:58:55.0495 3044 COMSysApp - ok 16:58:55.0505 3044 Cpqarray - ok 16:58:55.0535 3044 [ 6B105FE95F2E9F0B6346044BA59D41C9 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 16:58:55.0715 3044 CryptSvc - ok 16:58:55.0725 3044 dac2w2k - ok 16:58:55.0735 3044 dac960nt - ok 16:58:55.0795 3044 [ A37311D9D628C1042A2836731787F0F3 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 16:58:55.0915 3044 DcomLaunch - ok 16:58:55.0955 3044 [ 6B4AFE7C676CFF3EFF2DC06A4EE945F7 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 16:58:56.0146 3044 Dhcp - ok 16:58:56.0236 3044 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 16:58:56.0396 3044 Disk - ok 16:58:56.0406 3044 dmadmin - ok 16:58:56.0496 3044 [ BC9219ABC5696942E6F9AC8A9B28670F ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 16:58:56.0816 3044 dmboot - ok 16:58:56.0857 3044 [ 5FA232E3BA6E1346F9F5A7E519320CB0 ] dmio C:\WINDOWS\system32\drivers\dmio.sys 16:58:57.0027 3044 dmio - ok 16:58:57.0047 3044 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 16:58:57.0197 3044 dmload - ok 16:58:57.0217 3044 [ D858920A05076914D34B0388E8D96CC0 ] dmserver C:\WINDOWS\System32\dmserver.dll 16:58:57.0387 3044 dmserver - ok 16:58:57.0417 3044 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 16:58:57.0588 3044 DMusic - ok 16:58:57.0628 3044 [ 082BE13166A3354F25F78E0B2601012B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 16:58:57.0668 3044 Dnscache - ok 16:58:57.0718 3044 [ E0B7D66CF29D9ADCCF873C77821CD4CA ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 16:58:57.0898 3044 Dot3svc - ok 16:58:57.0908 3044 dpti2o - ok 16:58:57.0928 3044 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 16:58:58.0078 3044 drmkaud - ok 16:58:58.0118 3044 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys 16:58:58.0158 3044 dtsoftbus01 - ok 16:58:58.0239 3044 [ 5F256C1AD50FEFDC442CD5AAB58C7DD8 ] EapHost C:\WINDOWS\System32\eapsvc.dll 16:58:58.0409 3044 EapHost - ok 16:58:58.0449 3044 [ ED1B71382C31FD2CF3CDC4672EFAD6EA ] ERSvc C:\WINDOWS\System32\ersvc.dll 16:58:58.0599 3044 ERSvc - ok 16:58:58.0639 3044 [ 02A467E27AF55F7064C5B251E587315F ] Eventlog C:\WINDOWS\system32\services.exe 16:58:58.0669 3044 Eventlog - ok 16:58:58.0719 3044 [ 6AFF804839C85859E0247164FBE5F5BB ] EventSystem C:\WINDOWS\system32\es.dll 16:58:58.0789 3044 EventSystem - ok 16:58:58.0819 3044 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 16:58:59.0010 3044 Fastfat - ok 16:58:59.0050 3044 [ 55AAE86C7C2CADF6972ACD1D76C24A98 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 16:58:59.0090 3044 FastUserSwitchingCompatibility - ok 16:58:59.0120 3044 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 16:58:59.0290 3044 Fdc - ok 16:58:59.0310 3044 [ 09E2A4D33F81A06A8AAB2BA0A0B5D235 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 16:58:59.0470 3044 Fips - ok 16:58:59.0490 3044 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 16:58:59.0651 3044 Flpydisk - ok 16:58:59.0681 3044 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys 16:58:59.0851 3044 FltMgr - ok 16:58:59.0921 3044 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 16:58:59.0941 3044 FontCache3.0.0.0 - ok 16:58:59.0951 3044 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 16:59:00.0111 3044 Fs_Rec - ok 16:59:00.0131 3044 [ ED6D921D8AB423138FB35BEEE6D6A6CB ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 16:59:00.0312 3044 Ftdisk - ok 16:59:00.0342 3044 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 16:59:00.0512 3044 Gpc - ok 16:59:00.0542 3044 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys 16:59:00.0552 3044 hamachi - ok 16:59:00.0712 3044 [ A7EBBF64C7610B7C67D46AE620AADBA3 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe 16:59:00.0902 3044 Hamachi2Svc - ok 16:59:00.0932 3044 [ AF752014F7EB61542E3F35B9374D7E76 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 16:59:01.0113 3044 helpsvc - ok 16:59:01.0143 3044 [ 1776C3B6069EEECC8042535296C1866A ] HidServ C:\WINDOWS\System32\hidserv.dll 16:59:01.0323 3044 HidServ - ok 16:59:01.0353 3044 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 16:59:01.0513 3044 HidUsb - ok 16:59:01.0553 3044 [ F0273916DA6FB64CC88E0BD77619554F ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 16:59:01.0744 3044 hkmsvc - ok 16:59:01.0754 3044 hpn - ok 16:59:01.0784 3044 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 16:59:01.0864 3044 HTTP - ok 16:59:01.0884 3044 [ AA268079AC119F3A596E5E27AEE4BD17 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 16:59:02.0064 3044 HTTPFilter - ok 16:59:02.0074 3044 i2omgmt - ok 16:59:02.0084 3044 i2omp - ok 16:59:02.0104 3044 [ 177B372AF55C4460D0968B5F1D02AA1C ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 16:59:02.0264 3044 i8042prt - ok 16:59:02.0374 3044 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 16:59:02.0525 3044 idsvc - ok 16:59:02.0545 3044 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 16:59:02.0705 3044 Imapi - ok 16:59:02.0745 3044 [ 9125AF650608A921F98A789E5C5BA864 ] ImapiService C:\WINDOWS\system32\imapi.exe 16:59:02.0925 3044 ImapiService - ok 16:59:02.0945 3044 ini910u - ok 16:59:02.0955 3044 IntelIde - ok 16:59:02.0975 3044 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 16:59:03.0146 3044 Ip6Fw - ok 16:59:03.0196 3044 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 16:59:03.0376 3044 IpFilterDriver - ok 16:59:03.0386 3044 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 16:59:03.0526 3044 IpInIp - ok 16:59:03.0566 3044 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 16:59:03.0736 3044 IpNat - ok 16:59:03.0766 3044 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 16:59:03.0917 3044 IPSec - ok 16:59:03.0947 3044 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys 16:59:04.0017 3044 irda - ok 16:59:04.0047 3044 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 16:59:04.0107 3044 IRENUM - ok 16:59:04.0127 3044 [ 08ACD063724F19533A80B49A221071E2 ] Irmon C:\WINDOWS\System32\irmon.dll 16:59:04.0187 3044 Irmon - ok 16:59:04.0207 3044 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys 16:59:04.0267 3044 irsir - ok 16:59:04.0287 3044 [ C8EEF2E93835B81BD335DE2123121283 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 16:59:04.0417 3044 isapnp - ok 16:59:04.0478 3044 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe 16:59:04.0498 3044 JavaQuickStarterService - ok 16:59:04.0528 3044 [ 2AECA45D4AEAACBDCB77AD11184E4601 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 16:59:04.0688 3044 Kbdclass - ok 16:59:04.0708 3044 [ F718DCDDAC2544BC693F22977D06F78B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16:59:04.0928 3044 kbdhid - ok 16:59:04.0958 3044 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 16:59:05.0128 3044 kmixer - ok 16:59:05.0158 3044 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 16:59:05.0219 3044 KSecDD - ok 16:59:05.0259 3044 [ 061A4BB67C324AC8C176E0D77923B212 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 16:59:05.0309 3044 LanmanServer - ok 16:59:05.0339 3044 [ FA17019DA45C5D6464776A639A5A9ABB ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 16:59:05.0389 3044 lanmanworkstation - ok 16:59:05.0399 3044 lbrtfdc - ok 16:59:05.0429 3044 [ 437AA83D68F9FAC234CA68DBD40DB705 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 16:59:05.0599 3044 LmHosts - ok 16:59:05.0629 3044 LMIInfo - ok 16:59:05.0649 3044 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys 16:59:05.0649 3044 lmimirr - ok 16:59:05.0659 3044 LMIRfsClientNP - ok 16:59:05.0679 3044 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys 16:59:05.0689 3044 LMIRfsDriver - ok 16:59:05.0699 3044 [ 36F3AB18B1BE303DA51DE90A67DE3942 ] Messenger C:\WINDOWS\System32\msgsvc.dll 16:59:05.0880 3044 Messenger - ok 16:59:05.0910 3044 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 16:59:06.0050 3044 mnmdd - ok 16:59:06.0080 3044 [ 845814A8CB9D704D030F076E1BCE83F3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 16:59:06.0240 3044 mnmsrvc - ok 16:59:06.0270 3044 [ 4A068DB7DC37D5AFEDB6512D2931D7B3 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 16:59:06.0430 3044 Modem - ok 16:59:06.0480 3044 [ FBED3DF6B884F8CF00447B73507F2C48 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 16:59:06.0641 3044 Mouclass - ok 16:59:06.0671 3044 [ ECEC1E6CD558AB80F944F31326E9D3B5 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 16:59:06.0841 3044 mouhid - ok 16:59:06.0871 3044 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 16:59:07.0021 3044 MountMgr - ok 16:59:07.0061 3044 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 16:59:07.0081 3044 MozillaMaintenance - ok 16:59:07.0081 3044 mraid35x - ok 16:59:07.0111 3044 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 16:59:07.0292 3044 MRxDAV - ok 16:59:07.0352 3044 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 16:59:07.0462 3044 MRxSmb - ok 16:59:07.0492 3044 [ A54C5EECC7D3424824410BAE0AA6C371 ] MSDTC C:\WINDOWS\system32\msdtc.exe 16:59:07.0652 3044 MSDTC - ok 16:59:07.0692 3044 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 16:59:07.0862 3044 Msfs - ok 16:59:07.0862 3044 MSIServer - ok 16:59:07.0892 3044 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 16:59:08.0043 3044 MSKSSRV - ok 16:59:08.0083 3044 [ 64E8B7C65EB4796939C0F64F8170821B ] msloop C:\WINDOWS\system32\DRIVERS\loop.sys 16:59:08.0243 3044 msloop - ok 16:59:08.0283 3044 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 16:59:08.0433 3044 MSPCLOCK - ok 16:59:08.0453 3044 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 16:59:08.0613 3044 MSPQM - ok 16:59:08.0644 3044 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16:59:08.0804 3044 mssmbios - ok 16:59:08.0834 3044 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 16:59:08.0884 3044 Mup - ok 16:59:08.0924 3044 [ 14CB8528E17D1221C50FC8CA88B1795F ] napagent C:\WINDOWS\System32\qagentrt.dll 16:59:09.0114 3044 napagent - ok 16:59:09.0144 3044 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 16:59:09.0324 3044 NDIS - ok 16:59:09.0355 3044 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 16:59:09.0385 3044 NdisTapi - ok 16:59:09.0415 3044 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16:59:09.0585 3044 Ndisuio - ok 16:59:09.0605 3044 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:59:09.0775 3044 NdisWan - ok 16:59:09.0805 3044 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 16:59:09.0855 3044 NDProxy - ok 16:59:09.0885 3044 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 16:59:10.0046 3044 NetBIOS - ok 16:59:10.0076 3044 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 16:59:10.0246 3044 NetBT - ok 16:59:10.0286 3044 [ CBB409B314309FCFFCE5E682E91338C6 ] NetDDE C:\WINDOWS\system32\netdde.exe 16:59:10.0446 3044 NetDDE - ok 16:59:10.0466 3044 [ CBB409B314309FCFFCE5E682E91338C6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 16:59:10.0616 3044 NetDDEdsdm - ok 16:59:10.0636 3044 [ 88296F7943F30A1EE3AF735440B92268 ] Netlogon C:\WINDOWS\system32\lsass.exe 16:59:10.0807 3044 Netlogon - ok 16:59:10.0847 3044 [ 4FE97D0B1B182DF2A9BDD4C02155EF5E ] Netman C:\WINDOWS\System32\netman.dll 16:59:11.0007 3044 Netman - ok 16:59:11.0057 3044 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 16:59:11.0077 3044 NetTcpPortSharing - ok 16:59:11.0117 3044 [ 9D1F13706FB5F02D0E8795FB2D03971D ] Nla C:\WINDOWS\System32\mswsock.dll 16:59:11.0157 3044 Nla - ok 16:59:11.0177 3044 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 16:59:11.0337 3044 Npfs - ok 16:59:11.0428 3044 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 16:59:11.0678 3044 Ntfs - ok 16:59:11.0698 3044 [ 88296F7943F30A1EE3AF735440B92268 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 16:59:11.0848 3044 NtLmSsp - ok 16:59:11.0908 3044 [ 3FB5399DBB7001A80D58EDAD64C98225 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 16:59:12.0139 3044 NtmsSvc - ok 16:59:12.0159 3044 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 16:59:12.0299 3044 Null - ok 16:59:12.0329 3044 [ 46DEED4C6C5FA765F9A2C723BE60348D ] nvatabus C:\WINDOWS\system32\DRIVERS\nvatabus.sys 16:59:12.0369 3044 nvatabus - ok 16:59:12.0399 3044 [ 720CC533EECB65553BD86B139CA04433 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 16:59:12.0439 3044 NVENETFD - ok 16:59:12.0469 3044 [ BCC3722A2DB99AD6F367344997C26654 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 16:59:12.0519 3044 nvnetbus - ok 16:59:12.0539 3044 [ 3194E2F6C9000C39DCF9D0580754F714 ] nv_agp C:\WINDOWS\system32\DRIVERS\nv_agp.sys 16:59:12.0579 3044 nv_agp - ok 16:59:12.0609 3044 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 16:59:12.0769 3044 NwlnkFlt - ok 16:59:12.0779 3044 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 16:59:12.0940 3044 NwlnkFwd - ok 16:59:12.0990 3044 [ B99575D16F887883B821D372FF292C20 ] oreans32 C:\WINDOWS\system32\drivers\oreans32.sys 16:59:12.0990 3044 oreans32 ( UnsignedFile.Multi.Generic ) - warning 16:59:12.0990 3044 oreans32 - detected UnsignedFile.Multi.Generic (1) 16:59:13.0020 3044 [ 2D4CDAEBCED17743AA9E25D3016DC229 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 16:59:13.0180 3044 Parport - ok 16:59:13.0200 3044 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 16:59:13.0370 3044 PartMgr - ok 16:59:13.0390 3044 [ 453EC2C2A20A1382F564541918520EEB ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 16:59:13.0531 3044 ParVdm - ok 16:59:13.0571 3044 [ 6862C69168D787B85A7D95CCD33C694E ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 16:59:13.0721 3044 PCI - ok 16:59:13.0731 3044 PCIDump - ok 16:59:13.0731 3044 [ 548CF2D6369EAE441A4C6BAA75BC4F0A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 16:59:13.0891 3044 PCIIde - ok 16:59:13.0931 3044 [ 8DB27F1AE9593C94095485305A583862 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 16:59:14.0091 3044 Pcmcia - ok 16:59:14.0091 3044 PDCOMP - ok 16:59:14.0101 3044 PDFRAME - ok 16:59:14.0111 3044 PDRELI - ok 16:59:14.0121 3044 PDRFRAME - ok 16:59:14.0121 3044 perc2 - ok 16:59:14.0131 3044 perc2hib - ok 16:59:14.0171 3044 [ 02A467E27AF55F7064C5B251E587315F ] PlugPlay C:\WINDOWS\system32\services.exe 16:59:14.0191 3044 PlugPlay - ok 16:59:14.0232 3044 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe 16:59:14.0242 3044 PnkBstrA - ok 16:59:14.0262 3044 [ 88296F7943F30A1EE3AF735440B92268 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 16:59:14.0412 3044 PolicyAgent - ok 16:59:14.0422 3044 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 16:59:14.0582 3044 PptpMiniport - ok 16:59:14.0622 3044 [ 7A1367D250502C6416A4D3A19EF155F5 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 16:59:14.0792 3044 Processor - ok 16:59:14.0812 3044 [ 88296F7943F30A1EE3AF735440B92268 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 16:59:14.0973 3044 ProtectedStorage - ok 16:59:14.0983 3044 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 16:59:15.0143 3044 PSched - ok 16:59:15.0153 3044 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 16:59:15.0313 3044 Ptilink - ok 16:59:15.0323 3044 ql1080 - ok 16:59:15.0333 3044 Ql10wnt - ok 16:59:15.0343 3044 ql12160 - ok 16:59:15.0353 3044 ql1240 - ok 16:59:15.0363 3044 ql1280 - ok 16:59:15.0383 3044 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 16:59:15.0523 3044 RasAcd - ok 16:59:15.0563 3044 [ BC22C5E1238D4D36D65679E249C483C3 ] RasAuto C:\WINDOWS\System32\rasauto.dll 16:59:15.0734 3044 RasAuto - ok 16:59:15.0764 3044 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys 16:59:15.0824 3044 Rasirda - ok 16:59:15.0854 3044 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 16:59:16.0004 3044 Rasl2tp - ok 16:59:16.0034 3044 [ 0C392E397B8D34AAAF19EC6119CBB788 ] RasMan C:\WINDOWS\System32\rasmans.dll 16:59:16.0194 3044 RasMan - ok 16:59:16.0244 3044 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 16:59:16.0415 3044 RasPppoe - ok 16:59:16.0445 3044 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 16:59:16.0595 3044 Raspti - ok 16:59:16.0635 3044 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 16:59:16.0805 3044 Rdbss - ok 16:59:16.0825 3044 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 16:59:16.0996 3044 RDPCDD - ok 16:59:17.0036 3044 [ 5B3055DAA788BD688594D2F5981F2A83 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 16:59:17.0076 3044 RDPWD - ok 16:59:17.0116 3044 [ F83907A9A038DB2E35329B039628D293 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 16:59:17.0296 3044 RDSessMgr - ok 16:59:17.0326 3044 [ E0C7BBD18040B58651BAC700C804861D ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 16:59:17.0476 3044 redbook - ok 16:59:17.0506 3044 [ B3F57E6115BCD4DBADE9874F300655E3 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 16:59:17.0676 3044 RemoteAccess - ok 16:59:17.0697 3044 [ 6BC4D5A70F46EA27DDC14E5414C862A5 ] RpcLocator C:\WINDOWS\system32\locator.exe 16:59:17.0857 3044 RpcLocator - ok 16:59:17.0937 3044 [ A37311D9D628C1042A2836731787F0F3 ] RpcSs C:\WINDOWS\system32\rpcss.dll 16:59:17.0987 3044 RpcSs - ok 16:59:18.0027 3044 [ 9ACEE3313020A01235336C2A483AFD1A ] RSVP C:\WINDOWS\system32\rsvp.exe 16:59:18.0187 3044 RSVP - ok 16:59:18.0207 3044 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 16:59:18.0357 3044 rtl8139 - ok 16:59:18.0378 3044 [ 88296F7943F30A1EE3AF735440B92268 ] SamSs C:\WINDOWS\system32\lsass.exe 16:59:18.0518 3044 SamSs - ok 16:59:18.0548 3044 [ C6F479218E94896738C06AF5BA6AB3D3 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 16:59:18.0708 3044 SCardSvr - ok 16:59:18.0768 3044 [ DD73C11A5C4D14945846384B90A61A4B ] Schedule C:\WINDOWS\system32\schedsvc.dll 16:59:18.0958 3044 Schedule - ok 16:59:18.0978 3044 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 16:59:19.0048 3044 Secdrv - ok 16:59:19.0079 3044 [ 2AAD9026648120FFFE2A8D871BB2BBC7 ] seclogon C:\WINDOWS\System32\seclogon.dll 16:59:19.0249 3044 seclogon - ok 16:59:19.0269 3044 [ 9D01E29D59723EB73B72107B208DAFE6 ] SENS C:\WINDOWS\system32\sens.dll 16:59:19.0459 3044 SENS - ok 16:59:19.0479 3044 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 16:59:19.0679 3044 serenum - ok 16:59:19.0719 3044 [ D07B02F88165E69B9F17162CF592C8A6 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 16:59:19.0900 3044 Serial - ok 16:59:19.0920 3044 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 16:59:20.0080 3044 Sfloppy - ok 16:59:20.0130 3044 [ DA5C015911F68F22ED821E9EE49AB233 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 16:59:20.0340 3044 SharedAccess - ok 16:59:20.0370 3044 [ 55AAE86C7C2CADF6972ACD1D76C24A98 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 16:59:20.0380 3044 ShellHWDetection - ok 16:59:20.0390 3044 Simbad - ok 16:59:20.0430 3044 [ C70AEBD3608ED9FCEA2A1BAE83567FFC ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 16:59:20.0450 3044 SkypeUpdate - ok 16:59:20.0531 3044 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe 16:59:20.0551 3044 Sony PC Companion - ok 16:59:20.0581 3044 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 16:59:20.0751 3044 SONYPVU1 - ok 16:59:20.0751 3044 Sparrow - ok 16:59:20.0771 3044 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 16:59:20.0961 3044 splitter - ok 16:59:20.0991 3044 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 16:59:21.0021 3044 Spooler - ok 16:59:21.0051 3044 [ EB032822BE406EF220D546DDFFCF0002 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 16:59:21.0121 3044 sr - ok 16:59:21.0182 3044 [ 316D0E66074AE4CDE641C50D3A1C5148 ] srservice C:\WINDOWS\system32\srsvc.dll 16:59:21.0262 3044 srservice - ok 16:59:21.0322 3044 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 16:59:21.0422 3044 Srv - ok 16:59:21.0452 3044 [ 2C0B1224AA36B4CA1753302BAA855882 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 16:59:21.0522 3044 SSDPSRV - ok 16:59:21.0572 3044 [ 41508EA375C97DC2B56E5F1AFC067187 ] stisvc C:\WINDOWS\system32\wiaservc.dll 16:59:21.0782 3044 stisvc - ok 16:59:21.0792 3044 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 16:59:21.0943 3044 swenum - ok 16:59:21.0953 3044 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 16:59:22.0123 3044 swmidi - ok 16:59:22.0133 3044 SwPrv - ok 16:59:22.0133 3044 symc810 - ok 16:59:22.0143 3044 symc8xx - ok 16:59:22.0143 3044 sym_hi - ok 16:59:22.0153 3044 sym_u3 - ok 16:59:22.0173 3044 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 16:59:22.0333 3044 sysaudio - ok 16:59:22.0363 3044 [ E42048198518F9162027A9984CBB7B5C ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 16:59:22.0543 3044 SysmonLog - ok 16:59:22.0584 3044 [ 2340E6977548038C88E39A9ECBB3FADC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 16:59:22.0774 3044 TapiSrv - ok 16:59:22.0844 3044 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 16:59:22.0934 3044 Tcpip - ok 16:59:22.0954 3044 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 16:59:23.0114 3044 TDPIPE - ok 16:59:23.0124 3044 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 16:59:23.0265 3044 TDTCP - ok 16:59:23.0285 3044 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 16:59:23.0445 3044 TermDD - ok 16:59:23.0485 3044 [ 52E0505408EDD4AB5CCC7F83B67B4299 ] TermService C:\WINDOWS\System32\termsrv.dll 16:59:23.0665 3044 TermService - ok 16:59:23.0695 3044 [ 55AAE86C7C2CADF6972ACD1D76C24A98 ] Themes C:\WINDOWS\System32\shsvcs.dll 16:59:23.0715 3044 Themes - ok 16:59:23.0715 3044 TosIde - ok 16:59:23.0755 3044 [ 9E70EB419D7785C286DC458A019BAB9B ] TrkWks C:\WINDOWS\system32\trkwks.dll 16:59:23.0925 3044 TrkWks - ok 16:59:23.0966 3044 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 16:59:24.0166 3044 Udfs - ok 16:59:24.0176 3044 ultra - ok 16:59:24.0206 3044 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys 16:59:24.0216 3044 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning 16:59:24.0216 3044 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1) 16:59:24.0276 3044 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 16:59:24.0506 3044 Update - ok 16:59:24.0566 3044 [ E96A6BAEE0B2A14A38B45830D6E30697 ] upnphost C:\WINDOWS\System32\upnphost.dll 16:59:24.0647 3044 upnphost - ok 16:59:24.0677 3044 [ EB90E28B28541EC845E5345609355CA7 ] UPS C:\WINDOWS\System32\ups.exe 16:59:24.0847 3044 UPS - ok 16:59:24.0867 3044 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 16:59:25.0067 3044 usbccgp - ok 16:59:25.0988 3044 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 16:59:26.0249 3044 usbehci - ok 16:59:26.0269 3044 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 16:59:26.0439 3044 usbhub - ok 16:59:26.0459 3044 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 16:59:26.0619 3044 usbohci - ok 16:59:26.0649 3044 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 16:59:26.0830 3044 usbscan - ok 16:59:26.0850 3044 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 16:59:27.0030 3044 USBSTOR - ok 16:59:27.0060 3044 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 16:59:27.0220 3044 VgaSave - ok 16:59:27.0230 3044 ViaIde - ok 16:59:27.0250 3044 [ 56B191AC5FC0DF219949C95A6C87AFE7 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 16:59:27.0421 3044 VolSnap - ok 16:59:27.0491 3044 [ 7F2D7BFFC4554E1C742DD3629FD1FB1B ] VSS C:\WINDOWS\System32\vssvc.exe 16:59:27.0591 3044 VSS - ok 16:59:27.0641 3044 [ A672CA3981352F8E9C30FEA056E80A62 ] W32Time C:\WINDOWS\system32\w32time.dll 16:59:28.0041 3044 W32Time - ok 16:59:28.0061 3044 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 16:59:28.0252 3044 Wanarp - ok 16:59:28.0352 3044 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys 16:59:28.0492 3044 Wdf01000 - ok 16:59:28.0492 3044 WDICA - ok 16:59:28.0522 3044 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 16:59:28.0722 3044 wdmaud - ok 16:59:28.0742 3044 [ 81FB88B975E25D76E00B69879D8A434C ] WebClient C:\WINDOWS\System32\webclnt.dll 16:59:28.0923 3044 WebClient - ok 16:59:29.0073 3044 [ 70C22297534A88B0AD0568900AB5A6D9 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 16:59:29.0273 3044 winmgmt - ok 16:59:29.0363 3044 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys 16:59:29.0453 3044 WinUSB - ok 16:59:29.0493 3044 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 16:59:29.0574 3044 WmdmPmSN - ok 16:59:29.0634 3044 [ A2B12D80A1670511B047A7D8BB647598 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 16:59:29.0824 3044 WmiApSrv - ok 16:59:29.0864 3044 [ B6669F49D42E09BC0F9889FAA0F3336D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 16:59:30.0084 3044 wscsvc - ok 16:59:30.0124 3044 [ 04550D5EB7EE82C115DB547C01DF09FD ] wuauserv C:\WINDOWS\system32\wuauserv.dll 16:59:30.0335 3044 wuauserv - ok 16:59:30.0375 3044 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 16:59:30.0415 3044 WudfPf - ok 16:59:30.0435 3044 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 16:59:30.0465 3044 WudfRd - ok 16:59:30.0505 3044 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 16:59:30.0545 3044 WudfSvc - ok 16:59:30.0665 3044 [ C2842273AAA77AC031EDB87FA19A2147 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 16:59:31.0066 3044 WZCSVC - ok 16:59:31.0116 3044 [ 24ED6935771359A5AEF1FE8BF0C56F39 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 16:59:31.0466 3044 xmlprov - ok 16:59:31.0476 3044 ================ Scan global =============================== 16:59:31.0506 3044 [ 65C782F8CFC1BEBCC58E1532F44B6408 ] C:\WINDOWS\system32\basesrv.dll 16:59:31.0647 3044 [ 19FEEF6CEDD18ADE51092B947DBBCB02 ] C:\WINDOWS\system32\winsrv.dll 16:59:31.0897 3044 [ 19FEEF6CEDD18ADE51092B947DBBCB02 ] C:\WINDOWS\system32\winsrv.dll 16:59:31.0957 3044 [ 02A467E27AF55F7064C5B251E587315F ] C:\WINDOWS\system32\services.exe 16:59:31.0957 3044 [Global] - ok 16:59:31.0987 3044 ================ Scan MBR ================================== 16:59:32.0027 3044 [ 32052574BF9F325AE309ABC7BFD04460 ] \Device\Harddisk0\DR0 16:59:37.0775 3044 \Device\Harddisk0\DR0 - ok 16:59:37.0805 3044 [ 32052574BF9F325AE309ABC7BFD04460 ] \Device\Harddisk1\DR1 16:59:39.0077 3044 \Device\Harddisk1\DR1 - ok 16:59:39.0087 3044 ================ Scan VBR ================================== 16:59:39.0097 3044 [ 1E30AAF5B6E1B6187129D180F8067BE0 ] \Device\Harddisk0\DR0\Partition1 16:59:39.0097 3044 \Device\Harddisk0\DR0\Partition1 - ok 16:59:39.0137 3044 [ A28F60BB0E24CB9AD4B07ED4B2D56669 ] \Device\Harddisk0\DR0\Partition2 16:59:39.0258 3044 \Device\Harddisk0\DR0\Partition2 - ok 16:59:39.0278 3044 [ F526731710744B0B2411603121C52969 ] \Device\Harddisk1\DR1\Partition1 16:59:39.0298 3044 \Device\Harddisk1\DR1\Partition1 - ok 16:59:39.0298 3044 ============================================================ 16:59:39.0298 3044 Scan finished 16:59:39.0298 3044 ============================================================ 16:59:39.0428 3036 Detected object count: 5 16:59:39.0428 3036 Actual detected object count: 5 16:59:56.0733 3036 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user 16:59:56.0733 3036 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:59:56.0733 3036 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user 16:59:56.0733 3036 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:59:56.0733 3036 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user 16:59:56.0733 3036 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:59:56.0773 3036 C:\WINDOWS\system32\drivers\oreans32.sys - copied to quarantine 16:59:56.0773 3036 HKLM\SYSTEM\ControlSet001\services\oreans32 - will be deleted on reboot 16:59:56.0773 3036 HKLM\SYSTEM\ControlSet002\services\oreans32 - will be deleted on reboot 16:59:56.0773 3036 C:\WINDOWS\system32\drivers\oreans32.sys - will be deleted on reboot 16:59:56.0773 3036 oreans32 ( UnsignedFile.Multi.Generic ) - User select action: Delete 16:59:56.0783 3036 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user 16:59:56.0783 3036 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:05:13.0939 2500 Deinitialize success