Win32/Agent.SDG.Gen tojský kůň

Zpráva

Kronos · #1 Příspěvek od **Kronos** » 21 zář 2011 09:32

Dobrý den,
prosím o pomoc s tímto hlášením Nodu http://imageshack.us/photo/my-images/24/mbr.png/ a pokusu o léčení http://imageshack.us/photo/my-images/83 ... aseni.png/. Než se mi počítač kousnul a pak už nešlo vůbec nabootovat, měl jsem na fyz.disku 0 XP SP3 (rozdělen na tři partitions) a na fyz. disku 1 WIN7 64bit (rozdělen na 4 partitions). Chtěl jsem tedy nainstalovat již pouze WIN7, ale nešlo to z nějakého důvodu na původní partition fyz. disku 1. Instalace se mi podařila na disk 0 kde byly XP - nyní je to tak vidět v Acronis Disk Director http://imageshack.us/photo/my-images/196/acronis.png/. Počítač funguje v pořádku, ale sem tam Nod hlásí tuto chybu a já nevím, je-li to vir nebo jen chyba na disku po těch WIN7. Pustil jsem na to i MBR check, ve spodní části je uvedeno:

Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 RE: Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
931 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: 2112DEB97137CBCC5710EFED18ADC8F308731CFF
Dál už s tím sám raději nechci nic dělat, abych něco nepokazil

RSIT log se sem celý nevešel, zde je odkaz na stažení http://www.uloz.to/10336404/log-txt.

Děkuji za rady.

LOG MBR check:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: Phoenix Technologies, LTD
System Manufacturer: System manufacturer
System Product Name: System Product Name
Logical Drives Mask: 0x000005fc

Kernel Drivers (total 185):
0x02A02000 \SystemRoot\system32\ntoskrnl.exe
0x02FEB000 \SystemRoot\system32\hal.dll
0x00BD2000 \SystemRoot\system32\kdcom.dll
0x00C3D000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C8C000 \SystemRoot\system32\PSHED.dll
0x00CA0000 \SystemRoot\system32\CLFS.SYS
0x00CFE000 \SystemRoot\system32\CI.dll
0x00E65000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F09000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F18000 \SystemRoot\system32\drivers\ACPI.sys
0x00F6F000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F78000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F82000 \SystemRoot\system32\drivers\pci.sys
0x00FB5000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00FC2000 \SystemRoot\System32\drivers\partmgr.sys
0x00FD7000 \SystemRoot\system32\drivers\volmgr.sys
0x00E00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00E5C000 \SystemRoot\system32\drivers\pciide.sys
0x00FEC000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00DBE000 \SystemRoot\System32\drivers\mountmgr.sys
0x00DD8000 \SystemRoot\system32\drivers\atapi.sys
0x00C00000 \SystemRoot\system32\drivers\ataport.SYS
0x010D6000 \SystemRoot\system32\drivers\nvstor.sys
0x01101000 \SystemRoot\system32\drivers\storport.sys
0x01164000 \SystemRoot\system32\drivers\amdxata.sys
0x0116F000 \SystemRoot\system32\drivers\fltmgr.sys
0x011BB000 \SystemRoot\system32\drivers\fileinfo.sys
0x01236000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01000000 \SystemRoot\System32\Drivers\msrpc.sys
0x013D9000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0105E000 \SystemRoot\System32\Drivers\cng.sys
0x01200000 \SystemRoot\System32\drivers\pcw.sys
0x01211000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01418000 \SystemRoot\system32\drivers\ndis.sys
0x0150B000 \SystemRoot\system32\drivers\NETIO.SYS
0x0156B000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01666000 \SystemRoot\System32\drivers\tcpip.sys
0x0186A000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x018B4000 \SystemRoot\system32\drivers\volsnap.sys
0x01900000 \SystemRoot\System32\Drivers\spldr.sys
0x01908000 \SystemRoot\system32\DRIVERS\snapman.sys
0x0193B000 \SystemRoot\System32\drivers\rdyboost.sys
0x01975000 \SystemRoot\System32\Drivers\mup.sys
0x01987000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01990000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x019CA000 \SystemRoot\system32\DRIVERS\disk.sys
0x01600000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x04062000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x040A8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x040D2000 \SystemRoot\System32\Drivers\Null.SYS
0x040DB000 \SystemRoot\System32\Drivers\Beep.SYS
0x040E2000 \SystemRoot\system32\DRIVERS\ehdrv.sys
0x04107000 \SystemRoot\System32\drivers\vga.sys
0x04115000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x0413A000 \SystemRoot\System32\drivers\watchdog.sys
0x0414A000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x04153000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0415C000 \SystemRoot\system32\drivers\rdprefmp.sys
0x04165000 \SystemRoot\System32\Drivers\Msfs.SYS
0x04170000 \SystemRoot\System32\Drivers\Npfs.SYS
0x04181000 \SystemRoot\system32\DRIVERS\tdx.sys
0x041A3000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x06C56000 \SystemRoot\system32\drivers\afd.sys
0x06CDF000 \SystemRoot\System32\DRIVERS\netbt.sys
0x06D24000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x06D2D000 \SystemRoot\system32\DRIVERS\pacer.sys
0x06D53000 \SystemRoot\system32\DRIVERS\netbios.sys
0x06D62000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x06D7D000 \SystemRoot\system32\drivers\termdd.sys
0x06D91000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x06DE2000 \SystemRoot\system32\drivers\nsiproxy.sys
0x06DEE000 \SystemRoot\system32\drivers\mssmbios.sys
0x06C00000 \SystemRoot\System32\drivers\discache.sys
0x06C0F000 \SystemRoot\System32\Drivers\dfsc.sys
0x06C2D000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x041B0000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x06C3E000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04000000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x0721F000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x06EC8000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x06E00000 \SystemRoot\System32\drivers\dxgmms1.sys
0x06E46000 \SystemRoot\system32\drivers\HDAudBus.sys
0x06E6A000 \SystemRoot\system32\drivers\i8042prt.sys
0x06E88000 \SystemRoot\system32\drivers\kbdclass.sys
0x06E97000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x07C79000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x07CCF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x07CE0000 \SystemRoot\system32\DRIVERS\nvm62x64.sys
0x07D44000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0x07D4C000 \SystemRoot\system32\drivers\CompositeBus.sys
0x07D5C000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x07D72000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x07D96000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x07DA2000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x07DD1000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x07C00000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x07C21000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x07C3B000 \SystemRoot\system32\drivers\mouclass.sys
0x07C4A000 \SystemRoot\system32\drivers\swenum.sys
0x06FBC000 \SystemRoot\system32\drivers\ks.sys
0x07C4C000 \SystemRoot\system32\DRIVERS\umbus.sys
0x08257000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x082B1000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x082C6000 \SystemRoot\system32\drivers\AtihdW76.sys
0x08304000 \SystemRoot\system32\drivers\portcls.sys
0x08341000 \SystemRoot\system32\drivers\drmk.sys
0x08363000 \SystemRoot\system32\drivers\ksthunk.sys
0x08369000 \SystemRoot\system32\drivers\HdAudio.sys
0x00040000 \SystemRoot\System32\win32k.sys
0x083C5000 \SystemRoot\System32\drivers\Dxapi.sys
0x083D1000 \SystemRoot\System32\Drivers\crashdmp.sys
0x083DF000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x08200000 \SystemRoot\System32\Drivers\dump_nvstor.sys
0x0822B000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x06EA2000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0823E000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x08240000 \SystemRoot\system32\drivers\hidusb.sys
0x07C5E000 \SystemRoot\system32\drivers\HIDCLASS.SYS
0x0824E000 \SystemRoot\system32\drivers\HIDPARSE.SYS
0x083E9000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x07DEC000 \SystemRoot\system32\drivers\kbdhid.sys
0x07200000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00460000 \SystemRoot\System32\TSDDD.dll
0x00720000 \SystemRoot\System32\cdd.dll
0x041D6000 \SystemRoot\system32\drivers\luafv.sys
0x034C3000 \SystemRoot\system32\DRIVERS\eamonm.sys
0x0359A000 \SystemRoot\system32\drivers\WudfPf.sys
0x035BB000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x035D0000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0460C000 \SystemRoot\system32\drivers\HTTP.sys
0x046D5000 \SystemRoot\system32\DRIVERS\bowser.sys
0x046F3000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0470B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x04738000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x04786000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x047AA000 \SystemRoot\system32\DRIVERS\epfwwfpr.sys
0x03400000 \SystemRoot\system32\drivers\peauth.sys
0x047CB000 \SystemRoot\System32\Drivers\secdrv.SYS
0x01630000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x047D6000 \SystemRoot\System32\drivers\tcpipreg.sys
0x01596000 \SystemRoot\System32\DRIVERS\srv2.sys
0x08A0B000 \SystemRoot\System32\DRIVERS\srv.sys
0x08AA3000 \??\C:\Windows\system32\Drivers\DRIVER_BIN64
0x08AC8000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x08B56000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77310000 \Windows\System32\ntdll.dll
0x47BD0000 \Windows\System32\smss.exe
0xFF630000 \Windows\System32\apisetschema.dll
0xFF980000 \Windows\System32\autochk.exe
0x774E0000 \Windows\System32\normaliz.dll
0xFF5C0000 \Windows\System32\Wldap32.dll
0xFF540000 \Windows\System32\difxapi.dll
0xFF330000 \Windows\System32\ole32.dll
0xFF250000 \Windows\System32\advapi32.dll
0xFF240000 \Windows\System32\lpk.dll
0xFF210000 \Windows\System32\imm32.dll
0xFF1A0000 \Windows\System32\gdi32.dll
0xFF0D0000 \Windows\System32\usp10.dll
0xFF0B0000 \Windows\System32\sechost.dll
0xFE320000 \Windows\System32\shell32.dll
0xFE2A0000 \Windows\System32\shlwapi.dll
0x77100000 \Windows\System32\iertutil.dll
0xFE290000 \Windows\System32\nsi.dll
0x76FE0000 \Windows\System32\kernel32.dll
0x76E90000 \Windows\System32\urlmon.dll
0xFE270000 \Windows\System32\imagehlp.dll
0xFE220000 \Windows\System32\ws2_32.dll
0x76D90000 \Windows\System32\user32.dll
0xFE140000 \Windows\System32\oleaut32.dll
0x76C30000 \Windows\System32\wininet.dll
0xFE010000 \Windows\System32\rpcrt4.dll
0x774D0000 \Windows\System32\psapi.dll
0xFDF70000 \Windows\System32\clbcatq.dll
0xFDED0000 \Windows\System32\comdlg32.dll
0xFDDC0000 \Windows\System32\msctf.dll
0xFDD20000 \Windows\System32\msvcrt.dll
0xFDB40000 \Windows\System32\setupapi.dll
0xFDAA0000 \Windows\System32\comctl32.dll
0xFDA30000 \Windows\System32\KernelBase.dll
0xFD9F0000 \Windows\System32\wintrust.dll
0xFD880000 \Windows\System32\crypt32.dll
0xFD840000 \Windows\System32\cfgmgr32.dll
0xFD820000 \Windows\System32\devobj.dll
0xFD810000 \Windows\System32\msasn1.dll
0x74D10000 \Windows\SysWOW64\normaliz.dll

Processes (total 64):
0 System Idle Process
4 System
376 C:\Windows\System32\smss.exe
484 csrss.exe
552 C:\Windows\System32\wininit.exe
568 csrss.exe
600 C:\Windows\System32\services.exe
624 C:\Windows\System32\lsass.exe
632 C:\Windows\System32\lsm.exe
764 C:\Windows\System32\winlogon.exe
792 C:\Windows\System32\svchost.exe
868 C:\Windows\System32\svchost.exe
916 C:\Windows\System32\atiesrxx.exe
988 C:\Windows\System32\svchost.exe
344 C:\Windows\System32\svchost.exe
396 C:\Windows\System32\svchost.exe
1056 C:\Windows\System32\svchost.exe
1096 C:\Windows\System32\atieclxx.exe
1160 C:\Windows\System32\svchost.exe
1308 C:\Windows\System32\spoolsv.exe
1392 C:\Windows\System32\svchost.exe
1544 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1576 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1620 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
1672 C:\Windows\System32\svchost.exe
1728 C:\Windows\SysWOW64\svchost.exe
1748 C:\Windows\System32\svchost.exe
1788 C:\Windows\System32\svchost.exe
1832 C:\Windows\System32\svchost.exe
1112 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
2700 C:\Windows\System32\taskhost.exe
2832 C:\Windows\System32\dwm.exe
2864 C:\Windows\explorer.exe
3056 C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
2088 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
1496 C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe
2260 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
1476 C:\Users\tata\AppData\Local\Google\Update\1.3.21.69\GoogleCrashHandler.exe
2904 C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
808 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2556 C:\Windows\System32\SearchIndexer.exe
2128 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
3920 C:\Program Files\Windows Media Player\wmpnetwk.exe
4004 C:\Windows\System32\svchost.exe
3608 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
2524 C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
3428 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
1840 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
3604 C:\Windows\System32\svchost.exe
2332 C:\Windows\System32\wuauclt.exe
1408 C:\Users\tata\AppData\Local\Google\Chrome\Application\chrome.exe
1588 C:\Users\tata\AppData\Local\Google\Chrome\Application\chrome.exe
3216 C:\Windows\SysWOW64\rundll32.exe
1924 C:\Users\tata\AppData\Local\Google\Chrome\Application\chrome.exe
1092 C:\Users\tata\AppData\Local\Google\Chrome\Application\chrome.exe
3980 C:\Users\tata\AppData\Local\Google\Chrome\Application\chrome.exe
1980 C:\Windows\SysWOW64\notepad.exe
1532 C:\Users\tata\AppData\Local\Google\Chrome\Application\chrome.exe
544 C:\Users\tata\AppData\Local\Google\Chrome\Application\chrome.exe
1492 C:\Users\tata\AppData\Local\Google\Chrome\Application\chrome.exe
2076 C:\Users\tata\AppData\Local\Google\Chrome\Application\chrome.exe
4048 I:\Download filez form net all browsers\MBRCheck.exe
2536 C:\Windows\System32\conhost.exe
2808 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000016`93bc2400 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000047`67875400 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x00000000`007e0000 (NTFS)
\\.\H: --> \\.\PhysicalDrive1 at offset 0x0000004b`df510200 (NTFS)
\\.\I: --> \\.\PhysicalDrive1 at offset 0x00000099`2fcce800 (NTFS)

PhysicalDrive0 Model Number: WDC WD6400AAKS-00A7B, Rev: 01.0
PhysicalDrive1 Model Number: SAMSUNGHD103SJ, Rev: 1AJ1

Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 RE: Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
931 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: 2112DEB97137CBCC5710EFED18ADC8F308731CFF

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice:

#2 Příspěvek od **vyosek** » 21 zář 2011 10:04

Zdravim a pekny den preji

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Kronos · #3 Příspěvek od **Kronos** » 21 zář 2011 13:25

Děkuji, vyzkouším zítra dopoledne a log přiložím.

Kronos · #4 Příspěvek od **Kronos** » 21 zář 2011 13:31

Tak jsem to ještě stihnul:

2011/09/21 14:26:27.0728 2772 TDSS rootkit removing tool 2.5.23.0 Sep 20 2011 08:53:10
2011/09/21 14:26:27.0773 2772 ================================================================================
2011/09/21 14:26:27.0774 2772 SystemInfo:
2011/09/21 14:26:27.0774 2772
2011/09/21 14:26:27.0774 2772 OS Version: 6.1.7601 ServicePack: 1.0
2011/09/21 14:26:27.0774 2772 Product type: Workstation
2011/09/21 14:26:27.0774 2772 ComputerName: ONE
2011/09/21 14:26:27.0774 2772 UserName: tata
2011/09/21 14:26:27.0774 2772 Windows directory: C:\Windows
2011/09/21 14:26:27.0774 2772 System windows directory: C:\Windows
2011/09/21 14:26:27.0774 2772 Running under WOW64
2011/09/21 14:26:27.0774 2772 Processor architecture: Intel x64
2011/09/21 14:26:27.0774 2772 Number of processors: 2
2011/09/21 14:26:27.0774 2772 Page size: 0x1000
2011/09/21 14:26:27.0774 2772 Boot type: Normal boot
2011/09/21 14:26:27.0774 2772 ================================================================================
2011/09/21 14:26:28.0876 2772 Initialize success
2011/09/21 14:26:37.0896 0748 ================================================================================
2011/09/21 14:26:37.0896 0748 Scan started
2011/09/21 14:26:37.0896 0748 Mode: Manual;
2011/09/21 14:26:37.0896 0748 ================================================================================
2011/09/21 14:26:38.0806 0748 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/09/21 14:26:38.0899 0748 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/09/21 14:26:38.0930 0748 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/09/21 14:26:38.0995 0748 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/09/21 14:26:39.0053 0748 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/09/21 14:26:39.0111 0748 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/09/21 14:26:39.0160 0748 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/09/21 14:26:39.0229 0748 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/09/21 14:26:39.0283 0748 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/09/21 14:26:39.0324 0748 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/09/21 14:26:39.0372 0748 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/09/21 14:26:39.0617 0748 amdkmdag (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/21 14:26:39.0966 0748 amdkmdap (35d2184a99ad4cd5d17284d6c9f382c9) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/09/21 14:26:40.0007 0748 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/09/21 14:26:40.0062 0748 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/09/21 14:26:40.0113 0748 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/09/21 14:26:40.0154 0748 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/09/21 14:26:40.0251 0748 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/09/21 14:26:40.0289 0748 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/09/21 14:26:40.0319 0748 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/09/21 14:26:40.0347 0748 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/21 14:26:40.0389 0748 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/09/21 14:26:40.0445 0748 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
2011/09/21 14:26:40.0514 0748 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/09/21 14:26:40.0552 0748 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/09/21 14:26:40.0598 0748 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/09/21 14:26:40.0638 0748 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/09/21 14:26:40.0700 0748 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/21 14:26:40.0745 0748 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/09/21 14:26:40.0762 0748 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/09/21 14:26:40.0794 0748 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/09/21 14:26:40.0831 0748 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/09/21 14:26:40.0861 0748 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/09/21 14:26:40.0892 0748 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/09/21 14:26:40.0913 0748 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/09/21 14:26:40.0952 0748 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/21 14:26:40.0986 0748 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/21 14:26:41.0029 0748 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/21 14:26:41.0058 0748 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/09/21 14:26:41.0153 0748 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/21 14:26:41.0183 0748 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/09/21 14:26:41.0227 0748 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/09/21 14:26:41.0270 0748 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/21 14:26:41.0318 0748 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/09/21 14:26:41.0350 0748 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/09/21 14:26:41.0432 0748 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/09/21 14:26:41.0452 0748 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/09/21 14:26:41.0516 0748 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/09/21 14:26:41.0583 0748 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/09/21 14:26:41.0623 0748 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/09/21 14:26:41.0666 0748 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/09/21 14:26:41.0759 0748 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/09/21 14:26:41.0811 0748 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/09/21 14:26:41.0854 0748 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/21 14:26:41.0897 0748 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
2011/09/21 14:26:41.0986 0748 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/09/21 14:26:42.0100 0748 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
2011/09/21 14:26:42.0185 0748 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/09/21 14:26:42.0221 0748 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
2011/09/21 14:26:42.0271 0748 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/09/21 14:26:42.0316 0748 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/09/21 14:26:42.0363 0748 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/09/21 14:26:42.0421 0748 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/21 14:26:42.0480 0748 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/09/21 14:26:42.0508 0748 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/09/21 14:26:42.0542 0748 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/21 14:26:42.0577 0748 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/09/21 14:26:42.0645 0748 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/09/21 14:26:42.0673 0748 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/21 14:26:42.0718 0748 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/09/21 14:26:42.0778 0748 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/09/21 14:26:42.0854 0748 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/09/21 14:26:42.0906 0748 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/09/21 14:26:42.0934 0748 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/09/21 14:26:42.0948 0748 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/09/21 14:26:42.0994 0748 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/09/21 14:26:43.0036 0748 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/21 14:26:43.0111 0748 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/09/21 14:26:43.0173 0748 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/09/21 14:26:43.0225 0748 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/09/21 14:26:43.0270 0748 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/09/21 14:26:43.0298 0748 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/09/21 14:26:43.0353 0748 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/09/21 14:26:43.0413 0748 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/09/21 14:26:43.0441 0748 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/09/21 14:26:43.0456 0748 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/21 14:26:43.0494 0748 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/21 14:26:43.0525 0748 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/09/21 14:26:43.0551 0748 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/09/21 14:26:43.0591 0748 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/09/21 14:26:43.0612 0748 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/09/21 14:26:43.0650 0748 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/09/21 14:26:43.0689 0748 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/09/21 14:26:43.0713 0748 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/09/21 14:26:43.0735 0748 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/21 14:26:43.0765 0748 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/09/21 14:26:43.0788 0748 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/09/21 14:26:43.0847 0748 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/21 14:26:43.0894 0748 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/09/21 14:26:43.0926 0748 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/09/21 14:26:43.0960 0748 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/09/21 14:26:43.0992 0748 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/09/21 14:26:44.0030 0748 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/09/21 14:26:44.0057 0748 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/09/21 14:26:44.0111 0748 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/09/21 14:26:44.0151 0748 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/09/21 14:26:44.0189 0748 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/21 14:26:44.0222 0748 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/09/21 14:26:44.0241 0748 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/21 14:26:44.0273 0748 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/09/21 14:26:44.0300 0748 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/09/21 14:26:44.0329 0748 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/21 14:26:44.0375 0748 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/09/21 14:26:44.0408 0748 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/21 14:26:44.0426 0748 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/21 14:26:44.0487 0748 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/21 14:26:44.0525 0748 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/09/21 14:26:44.0579 0748 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/09/21 14:26:44.0640 0748 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/09/21 14:26:44.0654 0748 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/09/21 14:26:44.0674 0748 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/09/21 14:26:44.0719 0748 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/21 14:26:44.0753 0748 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/21 14:26:44.0767 0748 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/09/21 14:26:44.0815 0748 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/09/21 14:26:44.0837 0748 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/09/21 14:26:44.0860 0748 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/09/21 14:26:44.0874 0748 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/09/21 14:26:44.0916 0748 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/09/21 14:26:44.0953 0748 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/09/21 14:26:45.0003 0748 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/21 14:26:45.0103 0748 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/09/21 14:26:45.0137 0748 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/09/21 14:26:45.0170 0748 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/21 14:26:45.0208 0748 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/21 14:26:45.0244 0748 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/21 14:26:45.0298 0748 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/09/21 14:26:45.0358 0748 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/21 14:26:45.0406 0748 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/21 14:26:45.0454 0748 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/09/21 14:26:45.0507 0748 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/09/21 14:26:45.0541 0748 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/21 14:26:45.0605 0748 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/09/21 14:26:45.0692 0748 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/09/21 14:26:45.0754 0748 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
2011/09/21 14:26:45.0815 0748 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/09/21 14:26:45.0872 0748 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/09/21 14:26:45.0897 0748 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/09/21 14:26:45.0949 0748 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/09/21 14:26:46.0017 0748 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/09/21 14:26:46.0068 0748 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/09/21 14:26:46.0110 0748 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/09/21 14:26:46.0132 0748 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/09/21 14:26:46.0176 0748 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/09/21 14:26:46.0215 0748 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/09/21 14:26:46.0308 0748 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/09/21 14:26:46.0424 0748 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/21 14:26:46.0492 0748 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/09/21 14:26:46.0561 0748 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/21 14:26:46.0642 0748 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/09/21 14:26:46.0690 0748 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/09/21 14:26:46.0710 0748 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/21 14:26:46.0751 0748 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/21 14:26:46.0795 0748 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/09/21 14:26:46.0826 0748 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/21 14:26:46.0891 0748 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/21 14:26:46.0912 0748 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/21 14:26:46.0958 0748 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/21 14:26:46.0983 0748 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/09/21 14:26:47.0026 0748 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/21 14:26:47.0048 0748 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/21 14:26:47.0069 0748 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/09/21 14:26:47.0106 0748 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/09/21 14:26:47.0163 0748 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/09/21 14:26:47.0236 0748 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
2011/09/21 14:26:47.0291 0748 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/21 14:26:47.0353 0748 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/09/21 14:26:47.0425 0748 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/09/21 14:26:47.0472 0748 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/09/21 14:26:47.0515 0748 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/21 14:26:47.0545 0748 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/09/21 14:26:47.0622 0748 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/09/21 14:26:47.0690 0748 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/09/21 14:26:47.0721 0748 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/21 14:26:47.0751 0748 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/21 14:26:47.0768 0748 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/09/21 14:26:47.0818 0748 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/09/21 14:26:47.0862 0748 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/09/21 14:26:47.0903 0748 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/09/21 14:26:47.0956 0748 snapman (b84440e7554fc85e900eef0a7aaba228) C:\Windows\system32\DRIVERS\snapman.sys
2011/09/21 14:26:47.0978 0748 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/09/21 14:26:48.0092 0748 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/09/21 14:26:48.0171 0748 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/21 14:26:48.0229 0748 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/21 14:26:48.0263 0748 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/09/21 14:26:48.0293 0748 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/09/21 14:26:48.0391 0748 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
2011/09/21 14:26:48.0482 0748 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/21 14:26:48.0555 0748 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/21 14:26:48.0583 0748 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/09/21 14:26:48.0611 0748 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/09/21 14:26:48.0645 0748 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/21 14:26:48.0686 0748 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/09/21 14:26:48.0764 0748 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/21 14:26:48.0809 0748 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/09/21 14:26:48.0889 0748 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/21 14:26:48.0924 0748 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/09/21 14:26:48.0970 0748 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/21 14:26:49.0007 0748 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/21 14:26:49.0067 0748 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/21 14:26:49.0106 0748 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/09/21 14:26:49.0150 0748 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/21 14:26:49.0199 0748 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/09/21 14:26:49.0221 0748 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/21 14:26:49.0254 0748 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/21 14:26:49.0294 0748 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
2011/09/21 14:26:49.0341 0748 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/21 14:26:49.0382 0748 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/21 14:26:49.0406 0748 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/21 14:26:49.0456 0748 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2011/09/21 14:26:49.0480 0748 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/09/21 14:26:49.0532 0748 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/21 14:26:49.0549 0748 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/09/21 14:26:49.0588 0748 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/09/21 14:26:49.0633 0748 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/09/21 14:26:49.0669 0748 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/09/21 14:26:49.0737 0748 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/09/21 14:26:49.0777 0748 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/09/21 14:26:49.0834 0748 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/09/21 14:26:49.0876 0748 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/09/21 14:26:49.0914 0748 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/09/21 14:26:49.0950 0748 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/21 14:26:49.0978 0748 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/21 14:26:50.0031 0748 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/09/21 14:26:50.0063 0748 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/21 14:26:50.0118 0748 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/09/21 14:26:50.0147 0748 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/09/21 14:26:50.0218 0748 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/21 14:26:50.0270 0748 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/21 14:26:50.0332 0748 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/09/21 14:26:50.0376 0748 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/21 14:26:50.0438 0748 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/09/21 14:26:50.0448 0748 MBR (0x1B8) (9c603bc3977968c891de319283e1e7af) \Device\Harddisk1\DR1
2011/09/21 14:26:50.0545 0748 \Device\Harddisk1\DR1 - detected Rootkit.Win32.BackBoot.gen (1)
2011/09/21 14:26:50.0556 0748 Boot (0x1200) (11bbed070294e233f4d679f248102b61) \Device\Harddisk0\DR0\Partition0
2011/09/21 14:26:50.0579 0748 Boot (0x1200) (c875220ef26b4a1a493e13d27d01d682) \Device\Harddisk0\DR0\Partition1
2011/09/21 14:26:50.0670 0748 Boot (0x1200) (68ed62e0837fa5a350a4ffcc590f7699) \Device\Harddisk0\DR0\Partition2
2011/09/21 14:26:50.0689 0748 Boot (0x1200) (715df791c3c30554e111ac25832c3a8a) \Device\Harddisk1\DR1\Partition0
2011/09/21 14:26:50.0704 0748 Boot (0x1200) (1cc433662a9675552e39ad6f9f5a476c) \Device\Harddisk1\DR1\Partition1
2011/09/21 14:26:50.0717 0748 Boot (0x1200) (0e5a1c095045817ed5eebdaa54442c6a) \Device\Harddisk1\DR1\Partition2
2011/09/21 14:26:50.0724 0748 ================================================================================
2011/09/21 14:26:50.0724 0748 Scan finished
2011/09/21 14:26:50.0724 0748 ================================================================================
2011/09/21 14:26:50.0737 1076 Detected object count: 1
2011/09/21 14:26:50.0737 1076 Actual detected object count: 1
2011/09/21 14:27:04.0253 1076 Rootkit.Win32.BackBoot.gen(\Device\Harddisk1\DR1) - User select action: Skip
2011/09/21 14:27:32.0768 0420 Deinitialize success

#5 Příspěvek od **vyosek** » 21 zář 2011 15:52

TDSSKiller nenabizel moznost Cure

Kronos · #6 Příspěvek od **Kronos** » 21 zář 2011 16:25

Postupoval jsem podle návodu, ale tuto možnost jsem neviděl. Schválně jsem si dával pozor, protože píšete, že je lepší se 3x zeptat, než něco zmotat. Vyzkouším postup znovu a dám vědět, bude to zítra dopoledne, jsem v práci.
Děkuji Vám za spolupráci.

#7 Příspěvek od **vyosek** » 21 zář 2011 16:26

OK, zatim neni zac...

Kronos · #8 Příspěvek od **Kronos** » 22 zář 2011 08:48

Dobrý den,
celý postup jsem vyzkoušel znovu, CURE aplikace nenabízí vůbec, nenabízí ani restart. Nafotil jsem obrazovky, jak jdou za sebou. Nod hlásí pořád stejnou infikaci.
Postup: http://imageshack.us/photo/my-images/84 ... iller.png/, http://imageshack.us/photo/my-images/84 ... ller2.png/, http://imageshack.us/photo/my-images/600/backdoor.png/, http://imageshack.us/photo/my-images/56 ... ller3.png/.

2011/09/22 09:41:26.0339 3648 TDSS rootkit removing tool 2.5.23.0 Sep 20 2011 08:53:10
2011/09/22 09:41:26.0370 3648 ================================================================================
2011/09/22 09:41:26.0370 3648 SystemInfo:
2011/09/22 09:41:26.0370 3648
2011/09/22 09:41:26.0370 3648 OS Version: 6.1.7601 ServicePack: 1.0
2011/09/22 09:41:26.0370 3648 Product type: Workstation
2011/09/22 09:41:26.0370 3648 ComputerName: ONE
2011/09/22 09:41:26.0370 3648 UserName: tata
2011/09/22 09:41:26.0370 3648 Windows directory: C:\Windows
2011/09/22 09:41:26.0370 3648 System windows directory: C:\Windows
2011/09/22 09:41:26.0370 3648 Running under WOW64
2011/09/22 09:41:26.0370 3648 Processor architecture: Intel x64
2011/09/22 09:41:26.0370 3648 Number of processors: 2
2011/09/22 09:41:26.0370 3648 Page size: 0x1000
2011/09/22 09:41:26.0370 3648 Boot type: Normal boot
2011/09/22 09:41:26.0370 3648 ================================================================================
2011/09/22 09:41:27.0930 3648 Initialize success
2011/09/22 09:41:29.0631 3680 ================================================================================
2011/09/22 09:41:29.0631 3680 Scan started
2011/09/22 09:41:29.0631 3680 Mode: Manual;
2011/09/22 09:41:29.0631 3680 ================================================================================
2011/09/22 09:41:30.0364 3680 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/09/22 09:41:30.0426 3680 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/09/22 09:41:30.0473 3680 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/09/22 09:41:30.0535 3680 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/09/22 09:41:30.0613 3680 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/09/22 09:41:30.0676 3680 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/09/22 09:41:30.0723 3680 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/09/22 09:41:30.0785 3680 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/09/22 09:41:30.0816 3680 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/09/22 09:41:30.0863 3680 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/09/22 09:41:30.0894 3680 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/09/22 09:41:31.0113 3680 amdkmdag (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/22 09:41:31.0315 3680 amdkmdap (35d2184a99ad4cd5d17284d6c9f382c9) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/09/22 09:41:31.0347 3680 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/09/22 09:41:31.0409 3680 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/09/22 09:41:31.0471 3680 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/09/22 09:41:31.0503 3680 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/09/22 09:41:31.0565 3680 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/09/22 09:41:31.0612 3680 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/09/22 09:41:31.0643 3680 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/09/22 09:41:31.0659 3680 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/22 09:41:31.0705 3680 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/09/22 09:41:31.0752 3680 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
2011/09/22 09:41:31.0830 3680 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/09/22 09:41:31.0846 3680 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/09/22 09:41:31.0893 3680 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/09/22 09:41:31.0924 3680 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/09/22 09:41:31.0986 3680 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/22 09:41:32.0033 3680 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/09/22 09:41:32.0049 3680 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/09/22 09:41:32.0080 3680 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/09/22 09:41:32.0111 3680 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/09/22 09:41:32.0142 3680 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/09/22 09:41:32.0173 3680 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/09/22 09:41:32.0189 3680 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/09/22 09:41:32.0236 3680 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/22 09:41:32.0267 3680 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/22 09:41:32.0314 3680 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/22 09:41:32.0345 3680 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/09/22 09:41:32.0423 3680 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/22 09:41:32.0454 3680 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/09/22 09:41:32.0501 3680 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/09/22 09:41:32.0532 3680 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/22 09:41:32.0579 3680 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/09/22 09:41:32.0610 3680 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/09/22 09:41:32.0673 3680 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/09/22 09:41:32.0688 3680 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/09/22 09:41:32.0766 3680 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/09/22 09:41:32.0829 3680 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/09/22 09:41:32.0860 3680 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/09/22 09:41:32.0907 3680 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/09/22 09:41:33.0000 3680 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/09/22 09:41:33.0047 3680 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/09/22 09:41:33.0094 3680 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/22 09:41:33.0125 3680 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
2011/09/22 09:41:33.0203 3680 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/09/22 09:41:33.0312 3680 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
2011/09/22 09:41:33.0406 3680 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/09/22 09:41:33.0453 3680 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
2011/09/22 09:41:33.0484 3680 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/09/22 09:41:33.0531 3680 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/09/22 09:41:33.0577 3680 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/09/22 09:41:33.0640 3680 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/22 09:41:33.0702 3680 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/09/22 09:41:33.0733 3680 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/09/22 09:41:33.0765 3680 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/22 09:41:33.0796 3680 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/09/22 09:41:33.0874 3680 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/09/22 09:41:33.0905 3680 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/22 09:41:33.0952 3680 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/09/22 09:41:34.0014 3680 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/09/22 09:41:34.0092 3680 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/09/22 09:41:34.0155 3680 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/09/22 09:41:34.0201 3680 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/09/22 09:41:34.0233 3680 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/09/22 09:41:34.0295 3680 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/09/22 09:41:34.0373 3680 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/22 09:41:34.0467 3680 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/09/22 09:41:34.0576 3680 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/09/22 09:41:34.0716 3680 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/09/22 09:41:34.0794 3680 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/09/22 09:41:34.0872 3680 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/09/22 09:41:34.0935 3680 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/09/22 09:41:35.0044 3680 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/09/22 09:41:35.0091 3680 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/09/22 09:41:35.0153 3680 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/22 09:41:35.0231 3680 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/22 09:41:35.0293 3680 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/09/22 09:41:35.0325 3680 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/09/22 09:41:35.0403 3680 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/09/22 09:41:35.0434 3680 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/09/22 09:41:35.0496 3680 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/09/22 09:41:35.0574 3680 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/09/22 09:41:35.0621 3680 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/09/22 09:41:35.0699 3680 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/22 09:41:35.0793 3680 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/09/22 09:41:35.0871 3680 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/09/22 09:41:36.0089 3680 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/22 09:41:36.0432 3680 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/09/22 09:41:36.0541 3680 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/09/22 09:41:36.0604 3680 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/09/22 09:41:36.0713 3680 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/09/22 09:41:36.0822 3680 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/09/22 09:41:37.0025 3680 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/09/22 09:41:37.0134 3680 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/09/22 09:41:37.0431 3680 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/09/22 09:41:37.0711 3680 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/22 09:41:37.0852 3680 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/09/22 09:41:37.0977 3680 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/22 09:41:38.0086 3680 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/09/22 09:41:38.0460 3680 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/09/22 09:41:38.0725 3680 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/22 09:41:38.0928 3680 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/09/22 09:41:39.0084 3680 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/22 09:41:39.0240 3680 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/22 09:41:39.0365 3680 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/22 09:41:39.0459 3680 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/09/22 09:41:39.0583 3680 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/09/22 09:41:39.0786 3680 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/09/22 09:41:39.0880 3680 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/09/22 09:41:39.0973 3680 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/09/22 09:41:40.0083 3680 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/22 09:41:40.0223 3680 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/22 09:41:40.0332 3680 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/09/22 09:41:40.0707 3680 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/09/22 09:41:41.0097 3680 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/09/22 09:41:41.0471 3680 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/09/22 09:41:41.0752 3680 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/09/22 09:41:41.0970 3680 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/09/22 09:41:42.0189 3680 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/09/22 09:41:42.0360 3680 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/22 09:41:42.0797 3680 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/09/22 09:41:43.0171 3680 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/09/22 09:41:43.0437 3680 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/22 09:41:43.0624 3680 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/22 09:41:43.0733 3680 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/22 09:41:43.0998 3680 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/09/22 09:41:44.0263 3680 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/22 09:41:44.0435 3680 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/22 09:41:44.0669 3680 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/09/22 09:41:44.0887 3680 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/09/22 09:41:45.0012 3680 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/22 09:41:45.0231 3680 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/09/22 09:41:45.0433 3680 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/09/22 09:41:45.0589 3680 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
2011/09/22 09:41:45.0714 3680 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/09/22 09:41:45.0870 3680 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/09/22 09:41:45.0933 3680 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/09/22 09:41:46.0026 3680 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/09/22 09:41:46.0291 3680 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/09/22 09:41:46.0401 3680 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/09/22 09:41:46.0510 3680 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/09/22 09:41:46.0619 3680 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/09/22 09:41:46.0775 3680 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/09/22 09:41:47.0009 3680 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/09/22 09:41:47.0134 3680 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/09/22 09:41:47.0368 3680 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/22 09:41:47.0508 3680 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/09/22 09:41:47.0773 3680 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/22 09:41:47.0992 3680 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/09/22 09:41:48.0397 3680 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/09/22 09:41:48.0585 3680 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/22 09:41:48.0741 3680 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/22 09:41:48.0865 3680 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/09/22 09:41:49.0006 3680 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/22 09:41:49.0099 3680 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/22 09:41:49.0193 3680 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/22 09:41:49.0255 3680 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/22 09:41:49.0396 3680 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/09/22 09:41:49.0505 3680 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/22 09:41:49.0599 3680 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/22 09:41:49.0645 3680 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/09/22 09:41:49.0692 3680 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/09/22 09:41:49.0801 3680 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/09/22 09:41:49.0895 3680 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
2011/09/22 09:41:49.0989 3680 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/22 09:41:50.0051 3680 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/09/22 09:41:50.0129 3680 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/09/22 09:41:50.0207 3680 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/09/22 09:41:50.0285 3680 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/22 09:41:50.0332 3680 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/09/22 09:41:50.0425 3680 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/09/22 09:41:50.0519 3680 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/09/22 09:41:50.0550 3680 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/22 09:41:50.0597 3680 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/22 09:41:50.0628 3680 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/09/22 09:41:50.0706 3680 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/09/22 09:41:50.0769 3680 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/09/22 09:41:50.0815 3680 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/09/22 09:41:50.0878 3680 snapman (b84440e7554fc85e900eef0a7aaba228) C:\Windows\system32\DRIVERS\snapman.sys
2011/09/22 09:41:50.0925 3680 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/09/22 09:41:51.0018 3680 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/09/22 09:41:51.0096 3680 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/22 09:41:51.0174 3680 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/22 09:41:51.0252 3680 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/09/22 09:41:51.0299 3680 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/09/22 09:41:51.0439 3680 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
2011/09/22 09:41:51.0549 3680 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/22 09:41:51.0611 3680 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/22 09:41:51.0658 3680 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/09/22 09:41:51.0705 3680 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/09/22 09:41:51.0751 3680 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/22 09:41:51.0845 3680 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/09/22 09:41:51.0970 3680 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/22 09:41:52.0048 3680 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/09/22 09:41:52.0141 3680 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/22 09:41:52.0266 3680 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/09/22 09:41:52.0360 3680 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/22 09:41:52.0453 3680 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/22 09:41:52.0563 3680 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/22 09:41:52.0656 3680 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/09/22 09:41:52.0719 3680 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/22 09:41:52.0781 3680 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/09/22 09:41:52.0797 3680 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/22 09:41:52.0843 3680 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/22 09:41:52.0875 3680 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
2011/09/22 09:41:52.0921 3680 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/22 09:41:52.0984 3680 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/22 09:41:52.0999 3680 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/22 09:41:53.0062 3680 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2011/09/22 09:41:53.0124 3680 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/09/22 09:41:53.0187 3680 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/22 09:41:53.0202 3680 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/09/22 09:41:53.0249 3680 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/09/22 09:41:53.0296 3680 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/09/22 09:41:53.0343 3680 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/09/22 09:41:53.0514 3680 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/09/22 09:41:53.0545 3680 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/09/22 09:41:53.0608 3680 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/09/22 09:41:53.0670 3680 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/09/22 09:41:53.0717 3680 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/09/22 09:41:53.0779 3680 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/22 09:41:53.0826 3680 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/22 09:41:53.0889 3680 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/09/22 09:41:53.0935 3680 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/22 09:41:54.0045 3680 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/09/22 09:41:54.0091 3680 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/09/22 09:41:54.0216 3680 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/22 09:41:54.0310 3680 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/22 09:41:54.0435 3680 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/09/22 09:41:54.0513 3680 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/22 09:41:54.0606 3680 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/09/22 09:41:54.0622 3680 MBR (0x1B8) (9c603bc3977968c891de319283e1e7af) \Device\Harddisk1\DR1
2011/09/22 09:41:54.0731 3680 \Device\Harddisk1\DR1 - detected Rootkit.Win32.BackBoot.gen (1)
2011/09/22 09:41:54.0762 3680 Boot (0x1200) (11bbed070294e233f4d679f248102b61) \Device\Harddisk0\DR0\Partition0
2011/09/22 09:41:54.0793 3680 Boot (0x1200) (c875220ef26b4a1a493e13d27d01d682) \Device\Harddisk0\DR0\Partition1
2011/09/22 09:41:54.0825 3680 Boot (0x1200) (68ed62e0837fa5a350a4ffcc590f7699) \Device\Harddisk0\DR0\Partition2
2011/09/22 09:41:54.0871 3680 Boot (0x1200) (715df791c3c30554e111ac25832c3a8a) \Device\Harddisk1\DR1\Partition0
2011/09/22 09:41:54.0887 3680 Boot (0x1200) (1cc433662a9675552e39ad6f9f5a476c) \Device\Harddisk1\DR1\Partition1
2011/09/22 09:41:54.0903 3680 Boot (0x1200) (0e5a1c095045817ed5eebdaa54442c6a) \Device\Harddisk1\DR1\Partition2
2011/09/22 09:41:54.0918 3680 ================================================================================
2011/09/22 09:41:54.0918 3680 Scan finished
2011/09/22 09:41:54.0918 3680 ================================================================================
2011/09/22 09:41:54.0934 3672 Detected object count: 1
2011/09/22 09:41:54.0934 3672 Actual detected object count: 1
2011/09/22 09:42:00.0728 3672 Rootkit.Win32.BackBoot.gen(\Device\Harddisk1\DR1) - User select action: Skip
2011/09/22 09:42:07.0607 3644 Deinitialize success

Děkuji za spolupráci.

#9 Příspěvek od **vyosek** » 22 zář 2011 12:13

A prekliknout Skip na Cure nejde

Stahnete SPTD http://www.duplexsecure.com/en/downloads

Vyberte z uvedene stranky verzi dle sveho operacniho systemu (32(x86)bit ci 64(x64)bit)
Ulozte na plochu a spustte
Zvolte moznost Uninstall a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte

Stahnete Defogger http://www.jpshortstuff.247fixes.com/Defogger.exe

Ulozte na plochu a spustte
Kliknete na Disable a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte

Stahnete MBR na plochu http://www2.gmer.net/mbr/mbr.exe ale nespoustejte

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
```
"%userprofile%\plocha\mbr" -t -s
```
Kliknete na OK
Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

Utilitu spustte a prikazte ji, at skenuje - klik na Scan
Po dokonceni skenu kliknutim na Save log ulozte log aswMBR na plochu
Obsah logu aswMBR mi sem vlozte

Kronos · #10 Příspěvek od **Kronos** » 22 zář 2011 13:08

Nepodařil se spustit ten kód, který jsem měl napsat na spuštění:
http://imageshack.us/photo/my-images/695/mbrnen.png/
http://imageshack.us/photo/my-images/809/mbrnen2.png/

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-22 14:00:22
-----------------------------
14:00:22.759 OS Version: Windows x64 6.1.7601 Service Pack 1
14:00:22.759 Number of processors: 2 586 0xF0B
14:00:22.759 ComputerName: ONE UserName:
14:00:23.134 Initialize success
14:01:08.655 AVAST engine defs: 11092200
14:01:11.290 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000059
14:01:11.290 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
14:01:11.306 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000005b
14:01:11.306 Disk 1 Vendor: SAMSUNG_ 1AJ1 Size: 953869MB BusType: 3
14:01:13.334 Disk 0 MBR read successfully
14:01:13.334 Disk 0 MBR scan
14:01:13.334 Disk 0 Windows 7 default MBR code
14:01:13.334 Service scanning
14:01:19.339 Modules scanning
14:01:19.345 Disk 0 trace - called modules:
14:01:19.366 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor.sys
14:01:19.369 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800490f060]
14:01:19.372 3 CLASSPNP.SYS[fffff8800166c43f] -> nt!IofCallDriver -> [0xfffffa8004788a60]
14:01:19.377 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\00000059[0xfffffa80039f39c0]
14:01:20.073 AVAST engine scan C:\Windows
14:01:21.274 AVAST engine scan C:\Windows\system32
14:02:18.975 AVAST engine scan C:\Windows\system32\drivers
14:02:27.072 AVAST engine scan C:\Users\tata
14:04:26.504 AVAST engine scan C:\ProgramData
14:04:43.636 Scan finished successfully
14:06:11.200 Disk 0 MBR has been saved successfully to "C:\Users\tata\Desktop\MBR.dat"
14:06:11.207 The log file has been saved successfully to "C:\Users\tata\Desktop\aswMBR.txt"

Kronos · #11 Příspěvek od **Kronos** » 22 zář 2011 16:01

Pro doplnění "A prekliknout Skip na Cure nejde" skutečně nejde.

#12 Příspěvek od **vyosek** » 22 zář 2011 17:52

Ja jsem vuuuul

Tam jsou W7, ty nemaji plochu ale desktop

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
```
"%userprofile%\Desktop\mbr" -t -s
```
Kliknete na OK
Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte

#13 Příspěvek od **vyosek** » 22 zář 2011 18:10

Jeste jsem poprosil kolegu Naughtyho, ktery je na rootkity specialista, takze snad vypomuze a poradi efektivni a ucinny zpusob...

Kronos · #14 Příspěvek od **Kronos** » 22 zář 2011 18:14

Ale nejste

, logů je moc, údajů také, řešíte toho víc.... Vyzkouším zase ráno, páč teď jsem v práci.
Děkuju a mějte se....

#15 Příspěvek od **vyosek** » 22 zář 2011 18:18

Tohle je typicka chyba u XP a W7, co druhy uzivatel, tak to skonim

Udelejte rano, pokud kolega neprijde s lepsim resenim, jakoze asi i ano...

VIRY.CZ

Win32/Agent.SDG.Gen tojský kůň

Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň

Re: Win32/Agent.SDG.Gen tojský kůň