16:32:58.0796 2872 TDSS rootkit removing tool 2.6.0.0 Sep 23 2011 07:42:37 16:32:58.0828 2872 ============================================================ 16:32:58.0828 2872 Current date / time: 2011/09/24 16:32:58.0828 16:32:58.0828 2872 SystemInfo: 16:32:58.0828 2872 16:32:58.0828 2872 OS Version: 5.1.2600 ServicePack: 3.0 16:32:58.0828 2872 Product type: Workstation 16:32:58.0828 2872 ComputerName: MATUSZAK-5E9904 16:32:58.0828 2872 UserName: Piotr 16:32:58.0828 2872 Windows directory: C:\WINDOWS 16:32:58.0828 2872 System windows directory: C:\WINDOWS 16:32:58.0828 2872 Processor architecture: Intel x86 16:32:58.0828 2872 Number of processors: 2 16:32:58.0828 2872 Page size: 0x1000 16:32:58.0828 2872 Boot type: Normal boot 16:32:58.0828 2872 ============================================================ 16:32:59.0562 2872 Initialize success 16:33:05.0406 2932 ============================================================ 16:33:05.0406 2932 Scan started 16:33:05.0406 2932 Mode: Manual; 16:33:05.0406 2932 ============================================================ 16:33:05.0750 2932 23a370c4 - ok 16:33:05.0765 2932 Abiosdsk - ok 16:33:05.0781 2932 abp480n5 - ok 16:33:05.0812 2932 ACPI (a966410ecf83b81f3b0b8e07a71957d4) C:\WINDOWS\system32\DRIVERS\ACPI.sys 16:33:05.0812 2932 ACPI - ok 16:33:05.0843 2932 ACPIEC (66a42b7db194e24b973bbcce840a0f3f) C:\WINDOWS\system32\drivers\ACPIEC.sys 16:33:05.0843 2932 ACPIEC - ok 16:33:05.0843 2932 adpu160m - ok 16:33:05.0859 2932 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys 16:33:05.0859 2932 aec - ok 16:33:05.0890 2932 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys 16:33:05.0890 2932 AFD - ok 16:33:05.0906 2932 AFS2K (b34b1ab0a7690a0e2301fec6d17b2fc1) C:\WINDOWS\system32\drivers\AFS2K.sys 16:33:05.0906 2932 AFS2K - ok 16:33:05.0921 2932 Aha154x - ok 16:33:05.0921 2932 aic78u2 - ok 16:33:05.0921 2932 aic78xx - ok 16:33:05.0937 2932 AliIde - ok 16:33:05.0984 2932 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys 16:33:06.0000 2932 Ambfilt - ok 16:33:06.0000 2932 amsint - ok 16:33:06.0046 2932 AODDriver (21ca6a013a75fcf6f930d4b08803973a) C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys 16:33:06.0046 2932 AODDriver - ok 16:33:06.0046 2932 asc - ok 16:33:06.0062 2932 asc3350p - ok 16:33:06.0062 2932 asc3550 - ok 16:33:06.0093 2932 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 16:33:06.0093 2932 AsyncMac - ok 16:33:06.0109 2932 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys 16:33:06.0109 2932 atapi - ok 16:33:06.0109 2932 Atdisk - ok 16:33:06.0140 2932 atksgt (f9c24d25d9ff29f894995a64812b4d85) C:\WINDOWS\system32\DRIVERS\atksgt.sys 16:33:06.0140 2932 atksgt - ok 16:33:06.0156 2932 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 16:33:06.0156 2932 Atmarpc - ok 16:33:06.0171 2932 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 16:33:06.0171 2932 audstub - ok 16:33:06.0203 2932 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 16:33:06.0203 2932 Beep - ok 16:33:06.0218 2932 CA561 (50ded7c73e0fb40693edab8cad7c46e7) C:\WINDOWS\system32\Drivers\SPCA561.SYS 16:33:06.0218 2932 CA561 - ok 16:33:06.0250 2932 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 16:33:06.0250 2932 cbidf2k - ok 16:33:06.0265 2932 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 16:33:06.0265 2932 CCDECODE - ok 16:33:06.0265 2932 cd20xrnt - ok 16:33:06.0281 2932 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 16:33:06.0281 2932 Cdaudio - ok 16:33:06.0281 2932 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys 16:33:06.0281 2932 Cdfs - ok 16:33:06.0281 2932 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys 16:33:06.0281 2932 Cdrom - ok 16:33:06.0296 2932 Changer - ok 16:33:06.0296 2932 CmdIde - ok 16:33:06.0312 2932 Cpqarray - ok 16:33:06.0312 2932 dac2w2k - ok 16:33:06.0312 2932 dac960nt - ok 16:33:06.0328 2932 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys 16:33:06.0328 2932 Disk - ok 16:33:06.0343 2932 dmboot (3b809ffad55dcebdb156d5ca1bd3da65) C:\WINDOWS\system32\drivers\dmboot.sys 16:33:06.0359 2932 dmboot - ok 16:33:06.0359 2932 dmio (27725b6501201c3080ba73048bce389a) C:\WINDOWS\system32\drivers\dmio.sys 16:33:06.0359 2932 dmio - ok 16:33:06.0375 2932 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 16:33:06.0375 2932 dmload - ok 16:33:06.0390 2932 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys 16:33:06.0390 2932 DMusic - ok 16:33:06.0390 2932 dpti2o - ok 16:33:06.0421 2932 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys 16:33:06.0421 2932 drmkaud - ok 16:33:06.0437 2932 eamon (d42dd9021acd47683b33adf21bca49aa) C:\WINDOWS\system32\DRIVERS\eamon.sys 16:33:06.0437 2932 eamon - ok 16:33:06.0453 2932 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\WINDOWS\system32\DRIVERS\ehdrv.sys 16:33:06.0453 2932 ehdrv - ok 16:33:06.0500 2932 epfwtdir (aa0667eb9a92414abb784c101a6c7fec) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys 16:33:06.0500 2932 epfwtdir - ok 16:33:06.0515 2932 epmntdrv (f07ba56b0235f15eff8f10dc6389c42e) C:\WINDOWS\system32\epmntdrv.sys 16:33:06.0546 2932 epmntdrv - ok 16:33:06.0562 2932 etdrv (3af0ae042afe486b22644cd3fbebf2e2) C:\WINDOWS\etdrv.sys 16:33:06.0562 2932 etdrv - ok 16:33:06.0578 2932 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\WINDOWS\system32\EuGdiDrv.sys 16:33:06.0578 2932 EuGdiDrv - ok 16:33:06.0609 2932 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys 16:33:06.0609 2932 Fastfat - ok 16:33:06.0640 2932 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys 16:33:06.0640 2932 Fdc - ok 16:33:06.0656 2932 Fips (c5fb298257c0a6514ea17835e774ea0a) C:\WINDOWS\system32\drivers\Fips.sys 16:33:06.0656 2932 Fips - ok 16:33:06.0671 2932 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys 16:33:06.0687 2932 Flpydisk - ok 16:33:06.0687 2932 FltMgr (5a85cd3d07273e3f6fe72ee9c6431632) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 16:33:06.0687 2932 FltMgr - ok 16:33:06.0718 2932 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 16:33:06.0718 2932 Fs_Rec - ok 16:33:06.0734 2932 Ftdisk (ed6d921d8ab423138fb35beee6d6a6cb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 16:33:06.0734 2932 Ftdisk - ok 16:33:06.0750 2932 gdrv (d556cb79967e92b5cc69686d16c1d846) C:\WINDOWS\gdrv.sys 16:33:06.0750 2932 gdrv - ok 16:33:06.0812 2932 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys 16:33:06.0812 2932 Gpc - ok 16:33:06.0843 2932 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys 16:33:06.0843 2932 hamachi - ok 16:33:06.0859 2932 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 16:33:06.0859 2932 HDAudBus - ok 16:33:06.0890 2932 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys 16:33:06.0890 2932 HidUsb - ok 16:33:06.0906 2932 hotcore3 (48ed16c0c98c950843e673eeee02ac94) C:\WINDOWS\system32\DRIVERS\hotcore3.sys 16:33:06.0906 2932 hotcore3 - ok 16:33:06.0906 2932 hpn - ok 16:33:06.0937 2932 HTTP (909d110c9634b0f1487eaaea837317d9) C:\WINDOWS\system32\Drivers\HTTP.sys 16:33:06.0937 2932 HTTP - ok 16:33:06.0937 2932 i2omgmt - ok 16:33:06.0953 2932 i2omp - ok 16:33:06.0968 2932 i8042prt (2656fdfe0a7916c3a16f374454c55dd9) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 16:33:06.0968 2932 i8042prt - ok 16:33:06.0984 2932 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys 16:33:06.0984 2932 Imapi - ok 16:33:06.0984 2932 ini910u - ok 16:33:07.0062 2932 IntcAzAudAddService (512cc914475348d774d1bb9f866396a5) C:\WINDOWS\system32\drivers\RtkHDAud.sys 16:33:07.0093 2932 IntcAzAudAddService - ok 16:33:07.0093 2932 IntelIde - ok 16:33:07.0125 2932 intelppm (78a353438791c6d04c64013a5abec6bd) C:\WINDOWS\system32\DRIVERS\intelppm.sys 16:33:07.0125 2932 intelppm - ok 16:33:07.0140 2932 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 16:33:07.0140 2932 Ip6Fw - ok 16:33:07.0156 2932 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 16:33:07.0156 2932 IpFilterDriver - ok 16:33:07.0171 2932 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys 16:33:07.0171 2932 IpInIp - ok 16:33:07.0187 2932 IpNat (472c75f85e631f8aa87d21c9fee6238d) C:\WINDOWS\system32\DRIVERS\ipnat.sys 16:33:07.0187 2932 IpNat - ok 16:33:07.0218 2932 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys 16:33:07.0218 2932 IPSec - ok 16:33:07.0234 2932 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys 16:33:07.0234 2932 IRENUM - ok 16:33:07.0250 2932 isapnp (01a9e68528f4f34e5702123d27c67bd4) C:\WINDOWS\system32\DRIVERS\isapnp.sys 16:33:07.0250 2932 isapnp - ok 16:33:07.0281 2932 Kbdclass (cc13db862f929ae33f64c3bedc01cd31) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 16:33:07.0281 2932 Kbdclass - ok 16:33:07.0312 2932 kbdhid (831be9197bdace6bdcac1bfdbe1c380f) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16:33:07.0312 2932 kbdhid - ok 16:33:07.0312 2932 KLIF (5d92a03045a6a98708975b3d77b39a36) C:\WINDOWS\system32\DRIVERS\klif.sys 16:33:07.0328 2932 KLIF - ok 16:33:07.0343 2932 kmixer (8531438246ce9474e41ee1599904c0c7) C:\WINDOWS\system32\drivers\kmixer.sys 16:33:07.0343 2932 kmixer - ok 16:33:07.0359 2932 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys 16:33:07.0359 2932 KSecDD - ok 16:33:07.0375 2932 lbrtfdc - ok 16:33:07.0390 2932 lirsgt (8ccf9ed46d52af1375875f74a91ffacf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys 16:33:07.0390 2932 lirsgt - ok 16:33:07.0421 2932 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 16:33:07.0437 2932 mnmdd - ok 16:33:07.0453 2932 Modem (15f33d12d604d0198ce5561f102cd9c5) C:\WINDOWS\system32\drivers\Modem.sys 16:33:07.0453 2932 Modem - ok 16:33:07.0484 2932 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys 16:33:07.0515 2932 Monfilt - ok 16:33:07.0531 2932 Mouclass (69c12b99ae8b6b99ec314e9b99833728) C:\WINDOWS\system32\DRIVERS\mouclass.sys 16:33:07.0531 2932 Mouclass - ok 16:33:07.0546 2932 mouhid (ecec1e6cd558ab80f944f31326e9d3b5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 16:33:07.0562 2932 mouhid - ok 16:33:07.0578 2932 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys 16:33:07.0578 2932 MountMgr - ok 16:33:07.0593 2932 mraid35x - ok 16:33:07.0609 2932 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 16:33:07.0609 2932 MRxDAV - ok 16:33:07.0625 2932 MRxSmb (3ecc5f53a627b28a23aa7cc8c9376db4) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 16:33:07.0640 2932 MRxSmb - ok 16:33:07.0640 2932 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys 16:33:07.0640 2932 Msfs - ok 16:33:07.0671 2932 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys 16:33:07.0671 2932 MSKSSRV - ok 16:33:07.0687 2932 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 16:33:07.0703 2932 MSPCLOCK - ok 16:33:07.0718 2932 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys 16:33:07.0718 2932 MSPQM - ok 16:33:07.0734 2932 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16:33:07.0734 2932 mssmbios - ok 16:33:07.0750 2932 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys 16:33:07.0750 2932 MSTEE - ok 16:33:07.0765 2932 Mup (f66b6b1cddee6ca87cefc016eb7a0d8e) C:\WINDOWS\system32\drivers\Mup.sys 16:33:07.0781 2932 Mup - ok 16:33:07.0781 2932 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 16:33:07.0796 2932 NABTSFEC - ok 16:33:07.0796 2932 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys 16:33:07.0796 2932 NDIS - ok 16:33:07.0812 2932 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 16:33:07.0812 2932 NdisIP - ok 16:33:07.0828 2932 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 16:33:07.0828 2932 NdisTapi - ok 16:33:07.0843 2932 Ndisuio (8d3ce6b579cde8d37acc690b67dc2106) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16:33:07.0843 2932 Ndisuio - ok 16:33:07.0859 2932 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:33:07.0875 2932 NdisWan - ok 16:33:07.0875 2932 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys 16:33:07.0875 2932 NDProxy - ok 16:33:07.0890 2932 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys 16:33:07.0890 2932 NetBIOS - ok 16:33:07.0906 2932 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys 16:33:07.0906 2932 NetBT - ok 16:33:07.0937 2932 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys 16:33:07.0937 2932 Npfs - ok 16:33:07.0937 2932 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys 16:33:07.0953 2932 Ntfs - ok 16:33:07.0968 2932 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 16:33:07.0968 2932 Null - ok 16:33:08.0093 2932 nv (f85e109844787668ce8aab54ef14362a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 16:33:08.0187 2932 nv - ok 16:33:08.0218 2932 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 16:33:08.0218 2932 NwlnkFlt - ok 16:33:08.0234 2932 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 16:33:08.0234 2932 NwlnkFwd - ok 16:33:08.0250 2932 Parport (2ff48d8fdc815a8492fb2bd81e6999c2) C:\WINDOWS\system32\DRIVERS\parport.sys 16:33:08.0250 2932 Parport - ok 16:33:08.0265 2932 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys 16:33:08.0265 2932 PartMgr - ok 16:33:08.0265 2932 ParVdm (453ec2c2a20a1382f564541918520eeb) C:\WINDOWS\system32\drivers\ParVdm.sys 16:33:08.0265 2932 ParVdm - ok 16:33:08.0281 2932 PCI (5fd05c92ec56f696eaa50b68cef1b84a) C:\WINDOWS\system32\DRIVERS\pci.sys 16:33:08.0281 2932 PCI - ok 16:33:08.0296 2932 PCIDump - ok 16:33:08.0296 2932 PCIIde (548cf2d6369eae441a4c6baa75bc4f0a) C:\WINDOWS\system32\DRIVERS\pciide.sys 16:33:08.0296 2932 PCIIde - ok 16:33:08.0312 2932 Pcmcia (2849812217ecec059cb45f80eb6e52d4) C:\WINDOWS\system32\drivers\Pcmcia.sys 16:33:08.0312 2932 Pcmcia - ok 16:33:08.0328 2932 PDCOMP - ok 16:33:08.0328 2932 PDFRAME - ok 16:33:08.0328 2932 PDRELI - ok 16:33:08.0343 2932 PDRFRAME - ok 16:33:08.0343 2932 perc2 - ok 16:33:08.0343 2932 perc2hib - ok 16:33:08.0390 2932 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys 16:33:08.0390 2932 PptpMiniport - ok 16:33:08.0406 2932 PQNTDrv (4228630829c0e521c43d882a00533374) C:\WINDOWS\system32\drivers\PQNTDrv.sys 16:33:08.0406 2932 PQNTDrv - ok 16:33:08.0421 2932 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys 16:33:08.0421 2932 PSched - ok 16:33:08.0453 2932 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 16:33:08.0453 2932 Ptilink - ok 16:33:08.0468 2932 pwdrvio (c50de6d0c04b230f185a13fde0f047fa) C:\WINDOWS\system32\pwdrvio.sys 16:33:08.0468 2932 pwdrvio - ok 16:33:08.0484 2932 pwdspio (cdc5704308222400ad606bcf87b006a5) C:\WINDOWS\system32\pwdspio.sys 16:33:08.0484 2932 pwdspio - ok 16:33:08.0515 2932 PxHelp20 (81088114178112618b1c414a65e50f7c) C:\WINDOWS\system32\Drivers\PxHelp20.sys 16:33:08.0515 2932 PxHelp20 - ok 16:33:08.0515 2932 ql1080 - ok 16:33:08.0515 2932 Ql10wnt - ok 16:33:08.0531 2932 ql12160 - ok 16:33:08.0531 2932 ql1240 - ok 16:33:08.0546 2932 ql1280 - ok 16:33:08.0562 2932 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 16:33:08.0562 2932 RasAcd - ok 16:33:08.0578 2932 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 16:33:08.0578 2932 Rasl2tp - ok 16:33:08.0578 2932 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 16:33:08.0593 2932 RasPppoe - ok 16:33:08.0593 2932 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 16:33:08.0593 2932 Raspti - ok 16:33:08.0625 2932 Rdbss (ed375ce745c42a14f10753f7022ecd6a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 16:33:08.0625 2932 Rdbss - ok 16:33:08.0625 2932 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 16:33:08.0625 2932 RDPCDD - ok 16:33:08.0656 2932 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 16:33:08.0656 2932 rdpdr - ok 16:33:08.0671 2932 RDPWD (047bea21274c8a4a233674a76c958c2c) C:\WINDOWS\system32\drivers\RDPWD.sys 16:33:08.0671 2932 RDPWD - ok 16:33:08.0687 2932 redbook (27fd0496252105b459fa5e1e608e2caa) C:\WINDOWS\system32\DRIVERS\redbook.sys 16:33:08.0687 2932 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\redbook.sys. Real md5: 27fd0496252105b459fa5e1e608e2caa, Fake md5: bddcece9acdad26841c987d10376f6f7 16:33:08.0687 2932 redbook ( ForgedFile.Multi.Generic ) - warning 16:33:08.0687 2932 redbook - detected ForgedFile.Multi.Generic (1) 16:33:08.0703 2932 rootrepeal - ok 16:33:08.0718 2932 rspndr (a3b23fb3f295694091f51865f98588b2) C:\WINDOWS\system32\DRIVERS\rspndr.sys 16:33:08.0718 2932 rspndr - ok 16:33:08.0750 2932 RTLE8023xp (79b4fe884c18dd82d5449f6b6026d092) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 16:33:08.0750 2932 RTLE8023xp - ok 16:33:08.0765 2932 RTLTEAMING (af8c1d37a7dca5d5a8f48f3a59cfb713) C:\WINDOWS\system32\DRIVERS\RTLTEAMING.SYS 16:33:08.0765 2932 RTLTEAMING - ok 16:33:08.0781 2932 RTLVLAN (6ec43dc18746bb9b6ddec4c99b15b6fc) C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS 16:33:08.0781 2932 RTLVLAN - ok 16:33:08.0796 2932 RtNdPt5x (5ffd2aaf467b80fab34929afb7702060) C:\WINDOWS\system32\DRIVERS\RtNdPt5x.sys 16:33:08.0796 2932 RtNdPt5x - ok 16:33:08.0812 2932 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys 16:33:08.0812 2932 Secdrv - ok 16:33:08.0812 2932 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys 16:33:08.0812 2932 serenum - ok 16:33:08.0828 2932 Serial (859bc6f8c3d58cfda9181e9926c7ddb9) C:\WINDOWS\system32\DRIVERS\serial.sys 16:33:08.0828 2932 Serial - ok 16:33:08.0859 2932 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys 16:33:08.0859 2932 Sfloppy - ok 16:33:08.0859 2932 Simbad - ok 16:33:08.0890 2932 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys 16:33:08.0890 2932 SLIP - ok 16:33:08.0890 2932 Sparrow - ok 16:33:08.0906 2932 splitter (9bb1dd670cb7505a90fc4e61d4aa8227) C:\WINDOWS\system32\drivers\splitter.sys 16:33:08.0906 2932 splitter - ok 16:33:08.0921 2932 sptd - ok 16:33:08.0937 2932 sr (6145ca23bccda679a772ec0af42d6eb5) C:\WINDOWS\system32\DRIVERS\sr.sys 16:33:08.0937 2932 sr - ok 16:33:08.0968 2932 Srv (5230953c21c811b5fc1ff31ae2b48097) C:\WINDOWS\system32\DRIVERS\srv.sys 16:33:08.0968 2932 Srv - ok 16:33:08.0984 2932 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 16:33:08.0984 2932 streamip - ok 16:33:09.0000 2932 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys 16:33:09.0000 2932 swenum - ok 16:33:09.0015 2932 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys 16:33:09.0015 2932 swmidi - ok 16:33:09.0031 2932 symc810 - ok 16:33:09.0031 2932 symc8xx - ok 16:33:09.0046 2932 SymEvent (98d28d08e68145fb550ee7670b43baf2) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 16:33:09.0062 2932 SymEvent - ok 16:33:09.0062 2932 sym_hi - ok 16:33:09.0062 2932 sym_u3 - ok 16:33:09.0078 2932 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys 16:33:09.0078 2932 sysaudio - ok 16:33:09.0093 2932 Tcpip (b2220c618b42a2212a59d91ebd6fc4b4) C:\WINDOWS\system32\DRIVERS\tcpip.sys 16:33:09.0109 2932 Tcpip - ok 16:33:09.0125 2932 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys 16:33:09.0125 2932 TDPIPE - ok 16:33:09.0140 2932 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys 16:33:09.0140 2932 TDTCP - ok 16:33:09.0140 2932 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys 16:33:09.0140 2932 TermDD - ok 16:33:09.0156 2932 TosIde - ok 16:33:09.0171 2932 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys 16:33:09.0171 2932 Udfs - ok 16:33:09.0171 2932 ultra - ok 16:33:09.0187 2932 Update (a4815a4884898f355a3513e60843a4fd) C:\WINDOWS\system32\DRIVERS\update.sys 16:33:09.0187 2932 Update - ok 16:33:09.0203 2932 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 16:33:09.0218 2932 usbccgp - ok 16:33:09.0218 2932 usbehci (a45ea1550ea4b368c4fba7ca9d056bc9) C:\WINDOWS\system32\DRIVERS\usbehci.sys 16:33:09.0234 2932 usbehci - ok 16:33:09.0234 2932 usbhub (6d46b1f89134892a862ac56b00ac11fe) C:\WINDOWS\system32\DRIVERS\usbhub.sys 16:33:09.0234 2932 usbhub - ok 16:33:09.0250 2932 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys 16:33:09.0250 2932 usbprint - ok 16:33:09.0265 2932 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys 16:33:09.0265 2932 usbscan - ok 16:33:09.0265 2932 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 16:33:09.0265 2932 USBSTOR - ok 16:33:09.0281 2932 usbuhci (0ee1925590ba1abec14254d54d9870f4) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 16:33:09.0281 2932 usbuhci - ok 16:33:09.0296 2932 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys 16:33:09.0296 2932 VgaSave - ok 16:33:09.0296 2932 ViaIde - ok 16:33:09.0312 2932 VolSnap (ecd173739b8ec10a814cc18653df5a36) C:\WINDOWS\system32\drivers\VolSnap.sys 16:33:09.0312 2932 VolSnap - ok 16:33:09.0328 2932 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys 16:33:09.0328 2932 Wanarp - ok 16:33:09.0328 2932 WDICA - ok 16:33:09.0343 2932 wdmaud (0bfa8203b8148fb4e54bc212c41ce497) C:\WINDOWS\system32\drivers\wdmaud.sys 16:33:09.0343 2932 wdmaud - ok 16:33:09.0390 2932 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 16:33:09.0390 2932 WS2IFSL - ok 16:33:09.0406 2932 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 16:33:09.0406 2932 WSTCODEC - ok 16:33:09.0437 2932 MBR (0x1B8) (32052574bf9f325ae309abc7bfd04460) \Device\Harddisk0\DR0 16:33:09.0484 2932 \Device\Harddisk0\DR0 - ok 16:33:09.0484 2932 Boot (0x1200) (c270e75e8312d0da03048cca07e21a3b) \Device\Harddisk0\DR0\Partition0 16:33:09.0484 2932 \Device\Harddisk0\DR0\Partition0 - ok 16:33:09.0515 2932 Boot (0x1200) (6901377706f2a02fa9f65d5b274f884c) \Device\Harddisk0\DR0\Partition1 16:33:09.0515 2932 \Device\Harddisk0\DR0\Partition1 - ok 16:33:09.0531 2932 Boot (0x1200) (f99a610e2238bf58e5d17bc734abb408) \Device\Harddisk0\DR0\Partition2 16:33:09.0531 2932 \Device\Harddisk0\DR0\Partition2 - ok 16:33:09.0531 2932 ============================================================ 16:33:09.0531 2932 Scan finished 16:33:09.0531 2932 ============================================================ 16:33:09.0531 2928 Detected object count: 1 16:33:09.0531 2928 Actual detected object count: 1 16:37:30.0109 2928 redbook ( ForgedFile.Multi.Generic ) - skipped by user 16:37:30.0109 2928 redbook ( ForgedFile.Multi.Generic ) - User select action: Skip