2011/06/05 15:53:52.0500 3612 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24 2011/06/05 15:53:52.0578 3612 ================================================================================ 2011/06/05 15:53:52.0578 3612 SystemInfo: 2011/06/05 15:53:52.0578 3612 2011/06/05 15:53:52.0578 3612 OS Version: 5.1.2600 ServicePack: 3.0 2011/06/05 15:53:52.0578 3612 Product type: Workstation 2011/06/05 15:53:52.0578 3612 ComputerName: D68BB28DCD53412 2011/06/05 15:53:52.0578 3612 UserName: Łukasz 2011/06/05 15:53:52.0578 3612 Windows directory: C:\windows 2011/06/05 15:53:52.0578 3612 System windows directory: C:\windows 2011/06/05 15:53:52.0578 3612 Processor architecture: Intel x86 2011/06/05 15:53:52.0578 3612 Number of processors: 2 2011/06/05 15:53:52.0578 3612 Page size: 0x1000 2011/06/05 15:53:52.0578 3612 Boot type: Normal boot 2011/06/05 15:53:52.0578 3612 ================================================================================ 2011/06/05 15:53:53.0234 3612 Initialize success 2011/06/05 15:54:00.0656 4772 ================================================================================ 2011/06/05 15:54:00.0656 4772 Scan started 2011/06/05 15:54:00.0656 4772 Mode: Manual; 2011/06/05 15:54:00.0656 4772 ================================================================================ 2011/06/05 15:54:01.0578 4772 Aavmker4 (479c9835b91147be1a92cb76fad9c6de) C:\windows\system32\drivers\Aavmker4.sys 2011/06/05 15:54:01.0625 4772 ACPI (05118282f5d039595a2b92b4a4afe197) C:\windows\system32\DRIVERS\ACPI.sys 2011/06/05 15:54:01.0656 4772 ACPIEC (66a42b7db194e24b973bbcce840a0f3f) C:\windows\system32\drivers\ACPIEC.sys 2011/06/05 15:54:01.0687 4772 aec (8bed39e3c35d6a489438b8141717a557) C:\windows\system32\drivers\aec.sys 2011/06/05 15:54:01.0718 4772 AFD (322d0e36693d6e24a2398bee62a268cd) C:\windows\System32\drivers\afd.sys 2011/06/05 15:54:01.0781 4772 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\windows\system32\DRIVERS\arp1394.sys 2011/06/05 15:54:01.0812 4772 aswFsBlk (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\windows\system32\drivers\aswFsBlk.sys 2011/06/05 15:54:01.0828 4772 aswMon2 (a1c52b822b7b8a5c2162d38f579f97b7) C:\windows\system32\drivers\aswMon2.sys 2011/06/05 15:54:01.0843 4772 aswRdr (b6e8c5874377a42756c282fac2e20836) C:\windows\system32\drivers\aswRdr.sys 2011/06/05 15:54:01.0859 4772 aswSP (b93a553c9b0f14263c8f016a44c3258c) C:\windows\system32\drivers\aswSP.sys 2011/06/05 15:54:01.0875 4772 aswTdi (1408421505257846eb336feeef33352d) C:\windows\system32\drivers\aswTdi.sys 2011/06/05 15:54:01.0890 4772 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\windows\system32\DRIVERS\asyncmac.sys 2011/06/05 15:54:01.0906 4772 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\windows\system32\DRIVERS\atapi.sys 2011/06/05 15:54:02.0015 4772 ati2mtag (97129408c8760f3421c1551ba3f3899d) C:\windows\system32\DRIVERS\ati2mtag.sys 2011/06/05 15:54:02.0078 4772 AtiHDAudioService (af7ee20d8ecc163d30bd2ab594a74baf) C:\windows\system32\drivers\AtihdXP3.sys 2011/06/05 15:54:02.0093 4772 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\windows\system32\DRIVERS\atksgt.sys 2011/06/05 15:54:02.0125 4772 Atmarpc (9916c1225104ba14794209cfa8012159) C:\windows\system32\DRIVERS\atmarpc.sys 2011/06/05 15:54:02.0140 4772 audstub (d9f724aa26c010a217c97606b160ed68) C:\windows\system32\DRIVERS\audstub.sys 2011/06/05 15:54:02.0171 4772 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\windows\system32\drivers\Beep.sys 2011/06/05 15:54:02.0187 4772 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\drivers\cbidf2k.sys 2011/06/05 15:54:02.0218 4772 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\windows\system32\drivers\Cdaudio.sys 2011/06/05 15:54:02.0218 4772 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\windows\system32\drivers\Cdfs.sys 2011/06/05 15:54:02.0250 4772 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\windows\system32\DRIVERS\cdrom.sys 2011/06/05 15:54:02.0328 4772 Disk (044452051f3e02e7963599fc8f4f3e25) C:\windows\system32\DRIVERS\disk.sys 2011/06/05 15:54:02.0375 4772 dmboot (bc9219abc5696942e6f9ac8a9b28670f) C:\windows\system32\drivers\dmboot.sys 2011/06/05 15:54:02.0390 4772 dmio (5fa232e3ba6e1346f9f5a7e519320cb0) C:\windows\system32\drivers\dmio.sys 2011/06/05 15:54:02.0390 4772 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\windows\system32\drivers\dmload.sys 2011/06/05 15:54:02.0421 4772 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\windows\system32\drivers\DMusic.sys 2011/06/05 15:54:02.0453 4772 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\windows\system32\drivers\drmkaud.sys 2011/06/05 15:54:02.0484 4772 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\windows\system32\DRIVERS\ENTECH.sys 2011/06/05 15:54:02.0515 4772 Fastfat (38d332a6d56af32635675f132548343e) C:\windows\system32\drivers\Fastfat.sys 2011/06/05 15:54:02.0531 4772 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\windows\system32\drivers\Fdc.sys 2011/06/05 15:54:02.0546 4772 Fips (09e2a4d33f81a06a8aab2ba0a0b5d235) C:\windows\system32\drivers\Fips.sys 2011/06/05 15:54:02.0546 4772 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\windows\system32\drivers\Flpydisk.sys 2011/06/05 15:54:02.0578 4772 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\windows\system32\DRIVERS\fltMgr.sys 2011/06/05 15:54:02.0609 4772 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\windows\system32\FsUsbExDisk.SYS 2011/06/05 15:54:02.0656 4772 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\windows\system32\drivers\Fs_Rec.sys 2011/06/05 15:54:02.0687 4772 Ftdisk (ed6d921d8ab423138fb35beee6d6a6cb) C:\windows\system32\DRIVERS\ftdisk.sys 2011/06/05 15:54:02.0703 4772 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\WINDOWS\gdrv.sys 2011/06/05 15:54:02.0734 4772 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\windows\system32\DRIVERS\msgpc.sys 2011/06/05 15:54:02.0765 4772 hamachi (833051c6c6c42117191935f734cfbd97) C:\windows\system32\DRIVERS\hamachi.sys 2011/06/05 15:54:02.0781 4772 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\windows\system32\DRIVERS\HDAudBus.sys 2011/06/05 15:54:02.0812 4772 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\windows\system32\DRIVERS\hidusb.sys 2011/06/05 15:54:02.0843 4772 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\windows\system32\Drivers\HTTP.sys 2011/06/05 15:54:02.0890 4772 i8042prt (177b372af55c4460d0968b5f1d02aa1c) C:\windows\system32\DRIVERS\i8042prt.sys 2011/06/05 15:54:02.0890 4772 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\windows\system32\DRIVERS\imapi.sys 2011/06/05 15:54:03.0000 4772 IntcAzAudAddService (12cd9f66b64b25cbe18f1bb2c6f54832) C:\windows\system32\drivers\RtkHDAud.sys 2011/06/05 15:54:03.0031 4772 intelppm (da153edc09de8c4f846c085caa39d1cc) C:\windows\system32\DRIVERS\intelppm.sys 2011/06/05 15:54:03.0031 4772 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\windows\system32\DRIVERS\Ip6Fw.sys 2011/06/05 15:54:03.0062 4772 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\windows\system32\DRIVERS\ipfltdrv.sys 2011/06/05 15:54:03.0078 4772 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\windows\system32\DRIVERS\ipinip.sys 2011/06/05 15:54:03.0093 4772 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\windows\system32\DRIVERS\ipnat.sys 2011/06/05 15:54:03.0140 4772 IPSec (23c74d75e36e7158768dd63d92789a91) C:\windows\system32\DRIVERS\ipsec.sys 2011/06/05 15:54:03.0156 4772 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\windows\system32\DRIVERS\irenum.sys 2011/06/05 15:54:03.0187 4772 isapnp (c8eef2e93835b81bd335de2123121283) C:\windows\system32\DRIVERS\isapnp.sys 2011/06/05 15:54:03.0203 4772 Kbdclass (2aeca45d4aeaacbdcb77ad11184e4601) C:\windows\system32\DRIVERS\kbdclass.sys 2011/06/05 15:54:03.0218 4772 kmixer (692bcf44383d056aed41b045a323d378) C:\windows\system32\drivers\kmixer.sys 2011/06/05 15:54:03.0234 4772 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\windows\system32\drivers\KSecDD.sys 2011/06/05 15:54:03.0265 4772 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\windows\system32\DRIVERS\lirsgt.sys 2011/06/05 15:54:03.0296 4772 Mac606 (6660dc05bd94b1e9e0757561a7103ecb) C:\windows\system32\DRIVERS\Mac606.sys 2011/06/05 15:54:03.0328 4772 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\windows\system32\drivers\mbamswissarmy.sys 2011/06/05 15:54:03.0359 4772 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\windows\system32\drivers\mnmdd.sys 2011/06/05 15:54:03.0390 4772 Modem (4a068db7dc37d5afedb6512d2931d7b3) C:\windows\system32\drivers\Modem.sys 2011/06/05 15:54:03.0421 4772 Mouclass (fbed3df6b884f8cf00447b73507f2c48) C:\windows\system32\DRIVERS\mouclass.sys 2011/06/05 15:54:03.0421 4772 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\windows\system32\drivers\MountMgr.sys 2011/06/05 15:54:03.0437 4772 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\windows\system32\DRIVERS\mrxdav.sys 2011/06/05 15:54:03.0453 4772 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\windows\system32\DRIVERS\mrxsmb.sys 2011/06/05 15:54:03.0468 4772 Msfs (c941ea2454ba8350021d774daf0f1027) C:\windows\system32\drivers\Msfs.sys 2011/06/05 15:54:03.0515 4772 MSKSSRV (85736f804191cb420a31aca2a7f0674f) C:\windows\system32\drivers\MSKSSRV.sys 2011/06/05 15:54:03.0515 4772 MSPCLOCK (e943adb93d83c5cbc0ca3f53f53b48cc) C:\windows\system32\drivers\MSPCLOCK.sys 2011/06/05 15:54:03.0531 4772 MSPQM (f6a726b8832db1f88326b8be98b11981) C:\windows\system32\drivers\MSPQM.sys 2011/06/05 15:54:03.0531 4772 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\windows\system32\DRIVERS\mssmbios.sys 2011/06/05 15:54:03.0531 4772 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\windows\system32\drivers\Mup.sys 2011/06/05 15:54:03.0546 4772 NDIS (1df7f42665c94b825322fae71721130d) C:\windows\system32\drivers\NDIS.sys 2011/06/05 15:54:03.0546 4772 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\windows\system32\DRIVERS\ndistapi.sys 2011/06/05 15:54:03.0562 4772 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\windows\system32\DRIVERS\ndisuio.sys 2011/06/05 15:54:03.0578 4772 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\windows\system32\DRIVERS\ndiswan.sys 2011/06/05 15:54:03.0593 4772 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\windows\system32\drivers\NDProxy.sys 2011/06/05 15:54:03.0609 4772 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\windows\system32\DRIVERS\netbios.sys 2011/06/05 15:54:03.0609 4772 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\windows\system32\DRIVERS\netbt.sys 2011/06/05 15:54:03.0625 4772 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\windows\system32\DRIVERS\nic1394.sys 2011/06/05 15:54:03.0640 4772 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\windows\system32\drivers\Npfs.sys 2011/06/05 15:54:03.0656 4772 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\windows\system32\drivers\Ntfs.sys 2011/06/05 15:54:03.0687 4772 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\windows\system32\drivers\Null.sys 2011/06/05 15:54:03.0750 4772 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\windows\system32\DRIVERS\nwlnkflt.sys 2011/06/05 15:54:03.0765 4772 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\windows\system32\DRIVERS\nwlnkfwd.sys 2011/06/05 15:54:03.0781 4772 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\windows\system32\DRIVERS\ohci1394.sys 2011/06/05 15:54:03.0796 4772 Parport (2d4cdaebced17743aa9e25d3016dc229) C:\windows\system32\DRIVERS\parport.sys 2011/06/05 15:54:03.0812 4772 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\windows\system32\drivers\PartMgr.sys 2011/06/05 15:54:03.0812 4772 ParVdm (453ec2c2a20a1382f564541918520eeb) C:\windows\system32\drivers\ParVdm.sys 2011/06/05 15:54:03.0828 4772 PCI (6862c69168d787b85a7d95ccd33c694e) C:\windows\system32\DRIVERS\pci.sys 2011/06/05 15:54:03.0843 4772 PCIIde (548cf2d6369eae441a4c6baa75bc4f0a) C:\windows\system32\DRIVERS\pciide.sys 2011/06/05 15:54:03.0859 4772 Pcmcia (8db27f1ae9593c94095485305a583862) C:\windows\system32\drivers\Pcmcia.sys 2011/06/05 15:54:03.0921 4772 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\windows\system32\DRIVERS\raspptp.sys 2011/06/05 15:54:03.0921 4772 PSched (09298ec810b07e5d582cb3a3f9255424) C:\windows\system32\DRIVERS\psched.sys 2011/06/05 15:54:03.0937 4772 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\windows\system32\DRIVERS\ptilink.sys 2011/06/05 15:54:03.0953 4772 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys 2011/06/05 15:54:03.0984 4772 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\windows\system32\DRIVERS\rasacd.sys 2011/06/05 15:54:04.0015 4772 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\windows\system32\DRIVERS\rasl2tp.sys 2011/06/05 15:54:04.0015 4772 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\windows\system32\DRIVERS\raspppoe.sys 2011/06/05 15:54:04.0015 4772 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\windows\system32\DRIVERS\raspti.sys 2011/06/05 15:54:04.0031 4772 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\windows\system32\DRIVERS\rdbss.sys 2011/06/05 15:54:04.0046 4772 RDPCDD (4912d5b403614ce99c28420f75353332) C:\windows\system32\DRIVERS\RDPCDD.sys 2011/06/05 15:54:04.0062 4772 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\windows\system32\DRIVERS\rdpdr.sys 2011/06/05 15:54:04.0078 4772 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\windows\system32\drivers\RDPWD.sys 2011/06/05 15:54:04.0093 4772 redbook (e0c7bbd18040b58651bac700c804861d) C:\windows\system32\DRIVERS\redbook.sys 2011/06/05 15:54:04.0187 4772 RTHDMIAzAudService (1674a34f0084bffdec2dcdb1625a87f0) C:\windows\system32\drivers\RtKHDMI.sys 2011/06/05 15:54:04.0218 4772 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\windows\system32\DRIVERS\Rtenicxp.sys 2011/06/05 15:54:04.0250 4772 SCDEmu (f441ba47bd8610cb9536965bd7d1f943) C:\windows\system32\drivers\SCDEmu.sys 2011/06/05 15:54:04.0281 4772 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\DRIVERS\secdrv.sys 2011/06/05 15:54:04.0281 4772 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\windows\system32\DRIVERS\serenum.sys 2011/06/05 15:54:04.0312 4772 Serial (d07b02f88165e69b9f17162cf592c8a6) C:\windows\system32\DRIVERS\serial.sys 2011/06/05 15:54:04.0343 4772 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\windows\system32\drivers\sfdrv01.sys 2011/06/05 15:54:04.0359 4772 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\windows\system32\drivers\sfhlp02.sys 2011/06/05 15:54:04.0375 4772 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\windows\system32\drivers\Sfloppy.sys 2011/06/05 15:54:04.0390 4772 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\windows\system32\drivers\sfvfs02.sys 2011/06/05 15:54:04.0406 4772 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\windows\system32\drivers\splitter.sys 2011/06/05 15:54:04.0437 4772 sr (eb032822be406ef220d546ddffcf0002) C:\windows\system32\DRIVERS\sr.sys 2011/06/05 15:54:04.0453 4772 Srv (5252605079810904e31c332e241cd59b) C:\windows\system32\DRIVERS\srv.sys 2011/06/05 15:54:04.0468 4772 ss_bbus (7d5d8db6196e6b32277553dcd1648f2e) C:\windows\system32\DRIVERS\ss_bbus.sys 2011/06/05 15:54:04.0500 4772 ss_bmdfl (56e2f50d93012799d6fd0328c7e0d105) C:\windows\system32\DRIVERS\ss_bmdfl.sys 2011/06/05 15:54:04.0515 4772 ss_bmdm (578f256d5297be0ea0bbd8d5a3f500f9) C:\windows\system32\DRIVERS\ss_bmdm.sys 2011/06/05 15:54:04.0515 4772 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\windows\system32\DRIVERS\swenum.sys 2011/06/05 15:54:04.0531 4772 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\windows\system32\drivers\swmidi.sys 2011/06/05 15:54:04.0578 4772 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\windows\system32\drivers\sysaudio.sys 2011/06/05 15:54:04.0593 4772 Tcpip (accf5a9a1ffaa490f33dba1c632b95e1) C:\windows\system32\DRIVERS\tcpip.sys 2011/06/05 15:54:04.0625 4772 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\windows\system32\drivers\TDPIPE.sys 2011/06/05 15:54:04.0640 4772 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\windows\system32\drivers\TDTCP.sys 2011/06/05 15:54:04.0656 4772 TermDD (88155247177638048422893737429d9e) C:\windows\system32\DRIVERS\termdd.sys 2011/06/05 15:54:04.0671 4772 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\windows\system32\drivers\Udfs.sys 2011/06/05 15:54:04.0718 4772 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\windows\system32\DRIVERS\update.sys 2011/06/05 15:54:04.0750 4772 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\windows\system32\DRIVERS\usbccgp.sys 2011/06/05 15:54:04.0765 4772 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\windows\system32\DRIVERS\usbehci.sys 2011/06/05 15:54:04.0781 4772 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\windows\system32\DRIVERS\usbhub.sys 2011/06/05 15:54:04.0812 4772 usbprint (a717c8721046828520c9edf31288fc00) C:\windows\system32\DRIVERS\usbprint.sys 2011/06/05 15:54:04.0843 4772 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\windows\system32\DRIVERS\usbscan.sys 2011/06/05 15:54:04.0875 4772 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\windows\system32\DRIVERS\USBSTOR.SYS 2011/06/05 15:54:04.0875 4772 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\windows\system32\DRIVERS\usbuhci.sys 2011/06/05 15:54:04.0906 4772 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\windows\System32\drivers\vga.sys 2011/06/05 15:54:04.0921 4772 VolSnap (56b191ac5fc0df219949c95a6c87afe7) C:\windows\system32\drivers\VolSnap.sys 2011/06/05 15:54:04.0937 4772 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\windows\system32\DRIVERS\wanarp.sys 2011/06/05 15:54:04.0968 4772 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\windows\system32\Drivers\wdf01000.sys 2011/06/05 15:54:05.0000 4772 wdmaud (6768acf64b18196494413695f0c3a00f) C:\windows\system32\drivers\wdmaud.sys 2011/06/05 15:54:05.0031 4772 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\windows\system32\DRIVERS\WudfPf.sys 2011/06/05 15:54:05.0046 4772 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\windows\system32\DRIVERS\wudfrd.sys 2011/06/05 15:54:05.0078 4772 xusb21 (09e5340bd9b2cb730bf4dc6be7721291) C:\windows\system32\DRIVERS\xusb21.sys 2011/06/05 15:54:05.0093 4772 MBR (0x1B8) (6d16556bad153ed1661ac09df9f59375) \Device\Harddisk0\DR0 2011/06/05 15:54:05.0093 4772 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/06/05 15:54:05.0093 4772 ================================================================================ 2011/06/05 15:54:05.0093 4772 Scan finished 2011/06/05 15:54:05.0093 4772 ================================================================================ 2011/06/05 15:54:05.0093 4804 Detected object count: 1 2011/06/05 15:54:05.0093 4804 Actual detected object count: 1 2011/06/05 15:54:19.0250 4804 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Skip 2011/06/05 15:54:38.0109 5864 ================================================================================ 2011/06/05 15:54:38.0109 5864 Scan started 2011/06/05 15:54:38.0109 5864 Mode: Manual; 2011/06/05 15:54:38.0109 5864 ================================================================================ 2011/06/05 15:54:38.0812 5864 Aavmker4 (479c9835b91147be1a92cb76fad9c6de) C:\windows\system32\drivers\Aavmker4.sys 2011/06/05 15:54:38.0843 5864 ACPI (05118282f5d039595a2b92b4a4afe197) C:\windows\system32\DRIVERS\ACPI.sys 2011/06/05 15:54:38.0875 5864 ACPIEC (66a42b7db194e24b973bbcce840a0f3f) C:\windows\system32\drivers\ACPIEC.sys 2011/06/05 15:54:38.0906 5864 aec (8bed39e3c35d6a489438b8141717a557) C:\windows\system32\drivers\aec.sys 2011/06/05 15:54:38.0921 5864 AFD (322d0e36693d6e24a2398bee62a268cd) C:\windows\System32\drivers\afd.sys 2011/06/05 15:54:38.0968 5864 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\windows\system32\DRIVERS\arp1394.sys 2011/06/05 15:54:39.0000 5864 aswFsBlk (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\windows\system32\drivers\aswFsBlk.sys 2011/06/05 15:54:39.0015 5864 aswMon2 (a1c52b822b7b8a5c2162d38f579f97b7) C:\windows\system32\drivers\aswMon2.sys 2011/06/05 15:54:39.0031 5864 aswRdr (b6e8c5874377a42756c282fac2e20836) C:\windows\system32\drivers\aswRdr.sys 2011/06/05 15:54:39.0046 5864 aswSP (b93a553c9b0f14263c8f016a44c3258c) C:\windows\system32\drivers\aswSP.sys 2011/06/05 15:54:39.0062 5864 aswTdi (1408421505257846eb336feeef33352d) C:\windows\system32\drivers\aswTdi.sys 2011/06/05 15:54:39.0078 5864 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\windows\system32\DRIVERS\asyncmac.sys 2011/06/05 15:54:39.0093 5864 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\windows\system32\DRIVERS\atapi.sys 2011/06/05 15:54:39.0203 5864 ati2mtag (97129408c8760f3421c1551ba3f3899d) C:\windows\system32\DRIVERS\ati2mtag.sys 2011/06/05 15:54:39.0250 5864 AtiHDAudioService (af7ee20d8ecc163d30bd2ab594a74baf) C:\windows\system32\drivers\AtihdXP3.sys 2011/06/05 15:54:39.0281 5864 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\windows\system32\DRIVERS\atksgt.sys 2011/06/05 15:54:39.0296 5864 Atmarpc (9916c1225104ba14794209cfa8012159) C:\windows\system32\DRIVERS\atmarpc.sys 2011/06/05 15:54:39.0312 5864 audstub (d9f724aa26c010a217c97606b160ed68) C:\windows\system32\DRIVERS\audstub.sys 2011/06/05 15:54:39.0359 5864 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\windows\system32\drivers\Beep.sys 2011/06/05 15:54:39.0375 5864 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\drivers\cbidf2k.sys 2011/06/05 15:54:39.0406 5864 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\windows\system32\drivers\Cdaudio.sys 2011/06/05 15:54:39.0406 5864 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\windows\system32\drivers\Cdfs.sys 2011/06/05 15:54:39.0421 5864 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\windows\system32\DRIVERS\cdrom.sys 2011/06/05 15:54:39.0484 5864 Disk (044452051f3e02e7963599fc8f4f3e25) C:\windows\system32\DRIVERS\disk.sys 2011/06/05 15:54:39.0515 5864 dmboot (bc9219abc5696942e6f9ac8a9b28670f) C:\windows\system32\drivers\dmboot.sys 2011/06/05 15:54:39.0531 5864 dmio (5fa232e3ba6e1346f9f5a7e519320cb0) C:\windows\system32\drivers\dmio.sys 2011/06/05 15:54:39.0546 5864 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\windows\system32\drivers\dmload.sys 2011/06/05 15:54:39.0562 5864 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\windows\system32\drivers\DMusic.sys 2011/06/05 15:54:39.0578 5864 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\windows\system32\drivers\drmkaud.sys 2011/06/05 15:54:39.0609 5864 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\windows\system32\DRIVERS\ENTECH.sys 2011/06/05 15:54:39.0640 5864 Fastfat (38d332a6d56af32635675f132548343e) C:\windows\system32\drivers\Fastfat.sys 2011/06/05 15:54:39.0656 5864 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\windows\system32\drivers\Fdc.sys 2011/06/05 15:54:39.0671 5864 Fips (09e2a4d33f81a06a8aab2ba0a0b5d235) C:\windows\system32\drivers\Fips.sys 2011/06/05 15:54:39.0687 5864 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\windows\system32\drivers\Flpydisk.sys 2011/06/05 15:54:39.0718 5864 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\windows\system32\DRIVERS\fltMgr.sys 2011/06/05 15:54:39.0734 5864 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\windows\system32\FsUsbExDisk.SYS 2011/06/05 15:54:39.0765 5864 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\windows\system32\drivers\Fs_Rec.sys 2011/06/05 15:54:39.0781 5864 Ftdisk (ed6d921d8ab423138fb35beee6d6a6cb) C:\windows\system32\DRIVERS\ftdisk.sys 2011/06/05 15:54:39.0796 5864 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\WINDOWS\gdrv.sys 2011/06/05 15:54:39.0812 5864 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\windows\system32\DRIVERS\msgpc.sys 2011/06/05 15:54:39.0843 5864 hamachi (833051c6c6c42117191935f734cfbd97) C:\windows\system32\DRIVERS\hamachi.sys 2011/06/05 15:54:39.0859 5864 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\windows\system32\DRIVERS\HDAudBus.sys 2011/06/05 15:54:39.0890 5864 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\windows\system32\DRIVERS\hidusb.sys 2011/06/05 15:54:39.0921 5864 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\windows\system32\Drivers\HTTP.sys 2011/06/05 15:54:39.0953 5864 i8042prt (177b372af55c4460d0968b5f1d02aa1c) C:\windows\system32\DRIVERS\i8042prt.sys 2011/06/05 15:54:39.0968 5864 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\windows\system32\DRIVERS\imapi.sys 2011/06/05 15:54:40.0062 5864 IntcAzAudAddService (12cd9f66b64b25cbe18f1bb2c6f54832) C:\windows\system32\drivers\RtkHDAud.sys 2011/06/05 15:54:40.0093 5864 intelppm (da153edc09de8c4f846c085caa39d1cc) C:\windows\system32\DRIVERS\intelppm.sys 2011/06/05 15:54:40.0109 5864 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\windows\system32\DRIVERS\Ip6Fw.sys 2011/06/05 15:54:40.0140 5864 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\windows\system32\DRIVERS\ipfltdrv.sys 2011/06/05 15:54:40.0156 5864 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\windows\system32\DRIVERS\ipinip.sys 2011/06/05 15:54:40.0171 5864 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\windows\system32\DRIVERS\ipnat.sys 2011/06/05 15:54:40.0187 5864 IPSec (23c74d75e36e7158768dd63d92789a91) C:\windows\system32\DRIVERS\ipsec.sys 2011/06/05 15:54:40.0218 5864 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\windows\system32\DRIVERS\irenum.sys 2011/06/05 15:54:40.0234 5864 isapnp (c8eef2e93835b81bd335de2123121283) C:\windows\system32\DRIVERS\isapnp.sys 2011/06/05 15:54:40.0250 5864 Kbdclass (2aeca45d4aeaacbdcb77ad11184e4601) C:\windows\system32\DRIVERS\kbdclass.sys 2011/06/05 15:54:40.0265 5864 kmixer (692bcf44383d056aed41b045a323d378) C:\windows\system32\drivers\kmixer.sys 2011/06/05 15:54:40.0281 5864 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\windows\system32\drivers\KSecDD.sys 2011/06/05 15:54:40.0312 5864 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\windows\system32\DRIVERS\lirsgt.sys 2011/06/05 15:54:40.0343 5864 Mac606 (6660dc05bd94b1e9e0757561a7103ecb) C:\windows\system32\DRIVERS\Mac606.sys 2011/06/05 15:54:40.0375 5864 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\windows\system32\drivers\mbamswissarmy.sys 2011/06/05 15:54:40.0406 5864 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\windows\system32\drivers\mnmdd.sys 2011/06/05 15:54:40.0421 5864 Modem (4a068db7dc37d5afedb6512d2931d7b3) C:\windows\system32\drivers\Modem.sys 2011/06/05 15:54:40.0437 5864 Mouclass (fbed3df6b884f8cf00447b73507f2c48) C:\windows\system32\DRIVERS\mouclass.sys 2011/06/05 15:54:40.0437 5864 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\windows\system32\drivers\MountMgr.sys 2011/06/05 15:54:40.0453 5864 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\windows\system32\DRIVERS\mrxdav.sys 2011/06/05 15:54:40.0468 5864 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\windows\system32\DRIVERS\mrxsmb.sys 2011/06/05 15:54:40.0484 5864 Msfs (c941ea2454ba8350021d774daf0f1027) C:\windows\system32\drivers\Msfs.sys 2011/06/05 15:54:40.0500 5864 MSKSSRV (85736f804191cb420a31aca2a7f0674f) C:\windows\system32\drivers\MSKSSRV.sys 2011/06/05 15:54:40.0515 5864 MSPCLOCK (e943adb93d83c5cbc0ca3f53f53b48cc) C:\windows\system32\drivers\MSPCLOCK.sys 2011/06/05 15:54:40.0531 5864 MSPQM (f6a726b8832db1f88326b8be98b11981) C:\windows\system32\drivers\MSPQM.sys 2011/06/05 15:54:40.0531 5864 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\windows\system32\DRIVERS\mssmbios.sys 2011/06/05 15:54:40.0546 5864 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\windows\system32\drivers\Mup.sys 2011/06/05 15:54:40.0562 5864 NDIS (1df7f42665c94b825322fae71721130d) C:\windows\system32\drivers\NDIS.sys 2011/06/05 15:54:40.0562 5864 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\windows\system32\DRIVERS\ndistapi.sys 2011/06/05 15:54:40.0578 5864 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\windows\system32\DRIVERS\ndisuio.sys 2011/06/05 15:54:40.0593 5864 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\windows\system32\DRIVERS\ndiswan.sys 2011/06/05 15:54:40.0609 5864 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\windows\system32\drivers\NDProxy.sys 2011/06/05 15:54:40.0609 5864 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\windows\system32\DRIVERS\netbios.sys 2011/06/05 15:54:40.0640 5864 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\windows\system32\DRIVERS\netbt.sys 2011/06/05 15:54:40.0656 5864 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\windows\system32\DRIVERS\nic1394.sys 2011/06/05 15:54:40.0671 5864 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\windows\system32\drivers\Npfs.sys 2011/06/05 15:54:40.0687 5864 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\windows\system32\drivers\Ntfs.sys 2011/06/05 15:54:40.0703 5864 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\windows\system32\drivers\Null.sys 2011/06/05 15:54:40.0718 5864 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\windows\system32\DRIVERS\nwlnkflt.sys 2011/06/05 15:54:40.0734 5864 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\windows\system32\DRIVERS\nwlnkfwd.sys 2011/06/05 15:54:40.0734 5864 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\windows\system32\DRIVERS\ohci1394.sys 2011/06/05 15:54:40.0750 5864 Parport (2d4cdaebced17743aa9e25d3016dc229) C:\windows\system32\DRIVERS\parport.sys 2011/06/05 15:54:40.0765 5864 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\windows\system32\drivers\PartMgr.sys 2011/06/05 15:54:40.0765 5864 ParVdm (453ec2c2a20a1382f564541918520eeb) C:\windows\system32\drivers\ParVdm.sys 2011/06/05 15:54:40.0781 5864 PCI (6862c69168d787b85a7d95ccd33c694e) C:\windows\system32\DRIVERS\pci.sys 2011/06/05 15:54:40.0796 5864 PCIIde (548cf2d6369eae441a4c6baa75bc4f0a) C:\windows\system32\DRIVERS\pciide.sys 2011/06/05 15:54:40.0812 5864 Pcmcia (8db27f1ae9593c94095485305a583862) C:\windows\system32\drivers\Pcmcia.sys 2011/06/05 15:54:40.0890 5864 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\windows\system32\DRIVERS\raspptp.sys 2011/06/05 15:54:40.0906 5864 PSched (09298ec810b07e5d582cb3a3f9255424) C:\windows\system32\DRIVERS\psched.sys 2011/06/05 15:54:40.0906 5864 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\windows\system32\DRIVERS\ptilink.sys 2011/06/05 15:54:40.0921 5864 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys 2011/06/05 15:54:40.0968 5864 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\windows\system32\DRIVERS\rasacd.sys 2011/06/05 15:54:40.0984 5864 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\windows\system32\DRIVERS\rasl2tp.sys 2011/06/05 15:54:40.0984 5864 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\windows\system32\DRIVERS\raspppoe.sys 2011/06/05 15:54:41.0000 5864 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\windows\system32\DRIVERS\raspti.sys 2011/06/05 15:54:41.0015 5864 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\windows\system32\DRIVERS\rdbss.sys 2011/06/05 15:54:41.0015 5864 RDPCDD (4912d5b403614ce99c28420f75353332) C:\windows\system32\DRIVERS\RDPCDD.sys 2011/06/05 15:54:41.0046 5864 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\windows\system32\DRIVERS\rdpdr.sys 2011/06/05 15:54:41.0062 5864 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\windows\system32\drivers\RDPWD.sys 2011/06/05 15:54:41.0078 5864 redbook (e0c7bbd18040b58651bac700c804861d) C:\windows\system32\DRIVERS\redbook.sys 2011/06/05 15:54:41.0171 5864 RTHDMIAzAudService (1674a34f0084bffdec2dcdb1625a87f0) C:\windows\system32\drivers\RtKHDMI.sys 2011/06/05 15:54:41.0203 5864 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\windows\system32\DRIVERS\Rtenicxp.sys 2011/06/05 15:54:41.0234 5864 SCDEmu (f441ba47bd8610cb9536965bd7d1f943) C:\windows\system32\drivers\SCDEmu.sys 2011/06/05 15:54:41.0265 5864 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\DRIVERS\secdrv.sys 2011/06/05 15:54:41.0281 5864 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\windows\system32\DRIVERS\serenum.sys 2011/06/05 15:54:41.0296 5864 Serial (d07b02f88165e69b9f17162cf592c8a6) C:\windows\system32\DRIVERS\serial.sys 2011/06/05 15:54:41.0328 5864 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\windows\system32\drivers\sfdrv01.sys 2011/06/05 15:54:41.0343 5864 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\windows\system32\drivers\sfhlp02.sys 2011/06/05 15:54:41.0343 5864 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\windows\system32\drivers\Sfloppy.sys 2011/06/05 15:54:41.0375 5864 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\windows\system32\drivers\sfvfs02.sys 2011/06/05 15:54:41.0390 5864 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\windows\system32\drivers\splitter.sys 2011/06/05 15:54:41.0421 5864 sr (eb032822be406ef220d546ddffcf0002) C:\windows\system32\DRIVERS\sr.sys 2011/06/05 15:54:41.0437 5864 Srv (5252605079810904e31c332e241cd59b) C:\windows\system32\DRIVERS\srv.sys 2011/06/05 15:54:41.0453 5864 ss_bbus (7d5d8db6196e6b32277553dcd1648f2e) C:\windows\system32\DRIVERS\ss_bbus.sys 2011/06/05 15:54:41.0484 5864 ss_bmdfl (56e2f50d93012799d6fd0328c7e0d105) C:\windows\system32\DRIVERS\ss_bmdfl.sys 2011/06/05 15:54:41.0500 5864 ss_bmdm (578f256d5297be0ea0bbd8d5a3f500f9) C:\windows\system32\DRIVERS\ss_bmdm.sys 2011/06/05 15:54:41.0500 5864 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\windows\system32\DRIVERS\swenum.sys 2011/06/05 15:54:41.0515 5864 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\windows\system32\drivers\swmidi.sys 2011/06/05 15:54:41.0562 5864 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\windows\system32\drivers\sysaudio.sys 2011/06/05 15:54:41.0578 5864 Tcpip (accf5a9a1ffaa490f33dba1c632b95e1) C:\windows\system32\DRIVERS\tcpip.sys 2011/06/05 15:54:41.0609 5864 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\windows\system32\drivers\TDPIPE.sys 2011/06/05 15:54:41.0625 5864 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\windows\system32\drivers\TDTCP.sys 2011/06/05 15:54:41.0640 5864 TermDD (88155247177638048422893737429d9e) C:\windows\system32\DRIVERS\termdd.sys 2011/06/05 15:54:41.0671 5864 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\windows\system32\drivers\Udfs.sys 2011/06/05 15:54:41.0718 5864 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\windows\system32\DRIVERS\update.sys 2011/06/05 15:54:41.0750 5864 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\windows\system32\DRIVERS\usbccgp.sys 2011/06/05 15:54:41.0765 5864 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\windows\system32\DRIVERS\usbehci.sys 2011/06/05 15:54:41.0781 5864 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\windows\system32\DRIVERS\usbhub.sys 2011/06/05 15:54:41.0812 5864 usbprint (a717c8721046828520c9edf31288fc00) C:\windows\system32\DRIVERS\usbprint.sys 2011/06/05 15:54:41.0843 5864 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\windows\system32\DRIVERS\usbscan.sys 2011/06/05 15:54:41.0859 5864 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\windows\system32\DRIVERS\USBSTOR.SYS 2011/06/05 15:54:41.0875 5864 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\windows\system32\DRIVERS\usbuhci.sys 2011/06/05 15:54:41.0890 5864 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\windows\System32\drivers\vga.sys 2011/06/05 15:54:41.0906 5864 VolSnap (56b191ac5fc0df219949c95a6c87afe7) C:\windows\system32\drivers\VolSnap.sys 2011/06/05 15:54:41.0921 5864 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\windows\system32\DRIVERS\wanarp.sys 2011/06/05 15:54:41.0968 5864 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\windows\system32\Drivers\wdf01000.sys 2011/06/05 15:54:42.0000 5864 wdmaud (6768acf64b18196494413695f0c3a00f) C:\windows\system32\drivers\wdmaud.sys 2011/06/05 15:54:42.0031 5864 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\windows\system32\DRIVERS\WudfPf.sys 2011/06/05 15:54:42.0031 5864 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\windows\system32\DRIVERS\wudfrd.sys 2011/06/05 15:54:42.0062 5864 xusb21 (09e5340bd9b2cb730bf4dc6be7721291) C:\windows\system32\DRIVERS\xusb21.sys 2011/06/05 15:54:42.0078 5864 MBR (0x1B8) (6d16556bad153ed1661ac09df9f59375) \Device\Harddisk0\DR0 2011/06/05 15:54:42.0078 5864 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/06/05 15:54:42.0078 5864 ================================================================================ 2011/06/05 15:54:42.0078 5864 Scan finished 2011/06/05 15:54:42.0078 5864 ================================================================================ 2011/06/05 15:54:42.0078 2928 Detected object count: 1 2011/06/05 15:54:42.0078 2928 Actual detected object count: 1 2011/06/05 15:54:46.0125 2928 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Skip