Kaspersky:
11:47:46.0121 3108 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
11:47:46.0318 3108 ============================================================
11:47:46.0318 3108 Current date / time: 2012/02/11 11:47:46.0318
11:47:46.0318 3108 SystemInfo:
11:47:46.0318 3108
11:47:46.0318 3108 OS Version: 6.1.7601 ServicePack: 1.0
11:47:46.0318 3108 Product type: Workstation
11:47:46.0318 3108 ComputerName: C2Q
11:47:46.0318 3108 UserName: Pepos7
11:47:46.0318 3108 Windows directory: C:\Windows
11:47:46.0318 3108 System windows directory: C:\Windows
11:47:46.0318 3108 Running under WOW64
11:47:46.0318 3108 Processor architecture: Intel x64
11:47:46.0318 3108 Number of processors: 4
11:47:46.0318 3108 Page size: 0x1000
11:47:46.0318 3108 Boot type: Normal boot
11:47:46.0318 3108 ============================================================
11:47:47.0482 3108 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:47:47.0482 3108 \Device\Harddisk0\DR0:
11:47:47.0482 3108 MBR used
11:47:47.0482 3108 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:47:47.0482 3108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
11:47:47.0497 3108 Initialize success
11:47:47.0497 3108 ============================================================
11:48:12.0171 3276 ============================================================
11:48:12.0171 3276 Scan started
11:48:12.0171 3276 Mode: Manual; SigCheck; TDLFS;
11:48:12.0171 3276 ============================================================
11:48:12.0833 3276 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
11:48:12.0933 3276 1394ohci - ok
11:48:12.0951 3276 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:48:12.0963 3276 ACPI - ok
11:48:12.0976 3276 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:48:13.0023 3276 AcpiPmi - ok
11:48:13.0086 3276 ADIHdAudAddService (71c577ed817c6d8e13f890cd9a2d3ee6) C:\Windows\system32\drivers\ADIHdAud.sys
11:48:13.0117 3276 ADIHdAudAddService - ok
11:48:13.0179 3276 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:48:13.0195 3276 adp94xx - ok
11:48:13.0211 3276 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:48:13.0226 3276 adpahci - ok
11:48:13.0242 3276 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:48:13.0242 3276 adpu320 - ok
11:48:13.0304 3276 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
11:48:13.0351 3276 AFD - ok
11:48:13.0382 3276 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:48:13.0382 3276 agp440 - ok
11:48:13.0398 3276 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:48:13.0413 3276 aliide - ok
11:48:13.0429 3276 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:48:13.0429 3276 amdide - ok
11:48:13.0445 3276 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:48:13.0491 3276 AmdK8 - ok
11:48:13.0491 3276 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:48:13.0523 3276 AmdPPM - ok
11:48:13.0554 3276 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:48:13.0569 3276 amdsata - ok
11:48:13.0585 3276 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:48:13.0585 3276 amdsbs - ok
11:48:13.0616 3276 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:48:13.0616 3276 amdxata - ok
11:48:13.0632 3276 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:48:13.0741 3276 AppID - ok
11:48:13.0772 3276 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:48:13.0772 3276 arc - ok
11:48:13.0803 3276 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:48:13.0803 3276 arcsas - ok
11:48:13.0835 3276 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:48:13.0959 3276 AsyncMac - ok
11:48:13.0975 3276 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:48:13.0982 3276 atapi - ok
11:48:14.0040 3276 atksgt (f88ef61bcd43addf2c9555430c16cd96) C:\Windows\system32\DRIVERS\atksgt.sys
11:48:14.0072 3276 atksgt - ok
11:48:14.0112 3276 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:48:14.0147 3276 b06bdrv - ok
11:48:14.0195 3276 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:48:14.0227 3276 b57nd60a - ok
11:48:14.0250 3276 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:48:14.0312 3276 Beep - ok
11:48:14.0359 3276 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:48:14.0390 3276 blbdrive - ok
11:48:14.0437 3276 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:48:14.0468 3276 bowser - ok
11:48:14.0468 3276 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:48:14.0500 3276 BrFiltLo - ok
11:48:14.0500 3276 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:48:14.0515 3276 BrFiltUp - ok
11:48:14.0562 3276 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:48:14.0609 3276 BridgeMP - ok
11:48:14.0640 3276 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:48:14.0671 3276 Brserid - ok
11:48:14.0687 3276 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:48:14.0702 3276 BrSerWdm - ok
11:48:14.0718 3276 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:48:14.0734 3276 BrUsbMdm - ok
11:48:14.0749 3276 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:48:14.0765 3276 BrUsbSer - ok
11:48:14.0765 3276 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:48:14.0780 3276 BTHMODEM - ok
11:48:14.0796 3276 catchme - ok
11:48:14.0812 3276 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:48:14.0874 3276 cdfs - ok
11:48:14.0917 3276 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:48:14.0945 3276 cdrom - ok
11:48:14.0982 3276 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:48:14.0995 3276 circlass - ok
11:48:15.0025 3276 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:48:15.0037 3276 CLFS - ok
11:48:15.0062 3276 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:48:15.0087 3276 CmBatt - ok
11:48:15.0115 3276 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:48:15.0122 3276 cmdide - ok
11:48:15.0160 3276 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:48:15.0165 3276 CNG - ok
11:48:15.0196 3276 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:48:15.0211 3276 Compbatt - ok
11:48:15.0227 3276 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:48:15.0274 3276 CompositeBus - ok
11:48:15.0274 3276 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:48:15.0289 3276 crcdisk - ok
11:48:15.0352 3276 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
11:48:15.0383 3276 CSC - ok
11:48:15.0430 3276 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:48:15.0477 3276 DfsC - ok
11:48:15.0508 3276 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:48:15.0555 3276 discache - ok
11:48:15.0586 3276 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:48:15.0586 3276 Disk - ok
11:48:15.0617 3276 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
11:48:15.0617 3276 dmvsc - ok
11:48:15.0648 3276 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:48:15.0679 3276 drmkaud - ok
11:48:15.0726 3276 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:48:15.0742 3276 dtsoftbus01 - ok
11:48:15.0773 3276 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:48:15.0789 3276 DXGKrnl - ok
11:48:15.0837 3276 eamonm (13533557d01b88c83110d5cf749f14d7) C:\Windows\system32\DRIVERS\eamonm.sys
11:48:15.0844 3276 eamonm - ok
11:48:15.0914 3276 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:48:15.0969 3276 ebdrv - ok
11:48:16.0019 3276 ehdrv (e097728129e7b79bf1089d7aef42332b) C:\Windows\system32\DRIVERS\ehdrv.sys
11:48:16.0027 3276 ehdrv - ok
11:48:16.0069 3276 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:48:16.0079 3276 elxstor - ok
11:48:16.0095 3276 epfw (198c6fbc30bbd9632ea051203dccf204) C:\Windows\system32\DRIVERS\epfw.sys
11:48:16.0110 3276 epfw - ok
11:48:16.0142 3276 EpfwLWF (56de463f517710a8aa44eef82c35b3c9) C:\Windows\system32\DRIVERS\EpfwLWF.sys
11:48:16.0157 3276 EpfwLWF - ok
11:48:16.0204 3276 epfwwfp (710b0442bb2f99278d7b8e02a8849c11) C:\Windows\system32\DRIVERS\epfwwfp.sys
11:48:16.0204 3276 epfwwfp - ok
11:48:16.0220 3276 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:48:16.0266 3276 ErrDev - ok
11:48:16.0298 3276 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:48:16.0329 3276 exfat - ok
11:48:16.0344 3276 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:48:16.0391 3276 fastfat - ok
11:48:16.0407 3276 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:48:16.0438 3276 fdc - ok
11:48:16.0469 3276 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:48:16.0485 3276 FileInfo - ok
11:48:16.0485 3276 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:48:16.0547 3276 Filetrace - ok
11:48:16.0547 3276 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:48:16.0563 3276 flpydisk - ok
11:48:16.0610 3276 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:48:16.0610 3276 FltMgr - ok
11:48:16.0641 3276 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:48:16.0656 3276 FsDepends - ok
11:48:16.0672 3276 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:48:16.0688 3276 Fs_Rec - ok
11:48:16.0719 3276 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:48:16.0719 3276 fvevol - ok
11:48:16.0734 3276 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:48:16.0750 3276 gagp30kx - ok
11:48:16.0766 3276 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:48:16.0797 3276 hcw85cir - ok
11:48:16.0828 3276 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:48:16.0859 3276 HdAudAddService - ok
11:48:16.0890 3276 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:48:16.0937 3276 HDAudBus - ok
11:48:16.0937 3276 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:48:16.0953 3276 HidBatt - ok
11:48:16.0984 3276 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:48:17.0015 3276 HidBth - ok
11:48:17.0036 3276 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:48:17.0048 3276 HidIr - ok
11:48:17.0086 3276 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:48:17.0111 3276 HidUsb - ok
11:48:17.0141 3276 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:48:17.0151 3276 HpSAMD - ok
11:48:17.0191 3276 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:48:17.0241 3276 HTTP - ok
11:48:17.0271 3276 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:48:17.0278 3276 hwpolicy - ok
11:48:17.0293 3276 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:48:17.0306 3276 i8042prt - ok
11:48:17.0337 3276 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\drivers\iaStor.sys
11:48:17.0353 3276 iaStor - ok
11:48:17.0384 3276 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:48:17.0399 3276 iaStorV - ok
11:48:17.0431 3276 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:48:17.0431 3276 iirsp - ok
11:48:17.0446 3276 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:48:17.0462 3276 intelide - ok
11:48:17.0477 3276 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:48:17.0509 3276 intelppm - ok
11:48:17.0555 3276 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:48:17.0602 3276 IpFilterDriver - ok
11:48:17.0618 3276 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:48:17.0665 3276 IPMIDRV - ok
11:48:17.0680 3276 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:48:17.0727 3276 IPNAT - ok
11:48:17.0743 3276 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:48:17.0789 3276 IRENUM - ok
11:48:17.0821 3276 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:48:17.0821 3276 isapnp - ok
11:48:17.0852 3276 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:48:17.0852 3276 iScsiPrt - ok
11:48:17.0883 3276 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:48:17.0899 3276 kbdclass - ok
11:48:17.0914 3276 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
11:48:17.0914 3276 kbdhid - ok
11:48:17.0965 3276 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:48:17.0973 3276 KSecDD - ok
11:48:17.0993 3276 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:48:18.0003 3276 KSecPkg - ok
11:48:18.0015 3276 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:48:18.0060 3276 ksthunk - ok
11:48:18.0113 3276 lirsgt (8e4ca9afd55ef6b509c80a8715abf8c6) C:\Windows\system32\DRIVERS\lirsgt.sys
11:48:18.0120 3276 lirsgt - ok
11:48:18.0145 3276 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:48:18.0198 3276 lltdio - ok
11:48:18.0220 3276 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:48:18.0236 3276 LSI_FC - ok
11:48:18.0252 3276 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:48:18.0267 3276 LSI_SAS - ok
11:48:18.0283 3276 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:48:18.0298 3276 LSI_SAS2 - ok
11:48:18.0314 3276 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:48:18.0330 3276 LSI_SCSI - ok
11:48:18.0345 3276 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:48:18.0392 3276 luafv - ok
11:48:18.0423 3276 MCfilt (754c8bf43f0dd4b54865f174a62761e9) C:\Windows\system32\drivers\MCfilt64.sys
11:48:18.0454 3276 MCfilt - ok
11:48:18.0486 3276 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:48:18.0486 3276 megasas - ok
11:48:18.0517 3276 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:48:18.0532 3276 MegaSR - ok
11:48:18.0564 3276 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:48:18.0610 3276 Modem - ok
11:48:18.0642 3276 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:48:18.0673 3276 monitor - ok
11:48:18.0704 3276 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:48:18.0720 3276 mouclass - ok
11:48:18.0735 3276 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:48:18.0751 3276 mouhid - ok
11:48:18.0766 3276 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:48:18.0782 3276 mountmgr - ok
11:48:18.0798 3276 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:48:18.0813 3276 mpio - ok
11:48:18.0829 3276 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:48:18.0872 3276 mpsdrv - ok
11:48:18.0905 3276 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:48:18.0920 3276 MRxDAV - ok
11:48:18.0960 3276 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:48:18.0992 3276 mrxsmb - ok
11:48:19.0035 3276 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:48:19.0047 3276 mrxsmb10 - ok
11:48:19.0082 3276 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:48:19.0095 3276 mrxsmb20 - ok
11:48:19.0107 3276 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:48:19.0117 3276 msahci - ok
11:48:19.0135 3276 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:48:19.0135 3276 msdsm - ok
11:48:19.0166 3276 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:48:19.0197 3276 Msfs - ok
11:48:19.0213 3276 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:48:19.0260 3276 mshidkmdf - ok
11:48:19.0275 3276 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:48:19.0275 3276 msisadrv - ok
11:48:19.0322 3276 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:48:19.0369 3276 MSKSSRV - ok
11:48:19.0385 3276 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:48:19.0416 3276 MSPCLOCK - ok
11:48:19.0416 3276 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:48:19.0447 3276 MSPQM - ok
11:48:19.0478 3276 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:48:19.0494 3276 MsRPC - ok
11:48:19.0509 3276 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:48:19.0509 3276 mssmbios - ok
11:48:19.0525 3276 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:48:19.0572 3276 MSTEE - ok
11:48:19.0587 3276 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:48:19.0587 3276 MTConfig - ok
11:48:19.0634 3276 MTsensor (2219a3d695405e7ba2186ba6b9ede14a) C:\Windows\system32\DRIVERS\ASACPI.sys
11:48:19.0634 3276 MTsensor - ok
11:48:19.0650 3276 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:48:19.0665 3276 Mup - ok
11:48:19.0697 3276 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:48:19.0728 3276 NativeWifiP - ok
11:48:19.0777 3276 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:48:19.0797 3276 NDIS - ok
11:48:19.0815 3276 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:48:19.0845 3276 NdisCap - ok
11:48:19.0865 3276 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:48:19.0937 3276 NdisTapi - ok
11:48:19.0957 3276 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:48:19.0985 3276 Ndisuio - ok
11:48:20.0012 3276 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:48:20.0050 3276 NdisWan - ok
11:48:20.0081 3276 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:48:20.0112 3276 NDProxy - ok
11:48:20.0128 3276 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:48:20.0174 3276 NetBIOS - ok
11:48:20.0206 3276 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:48:20.0237 3276 NetBT - ok
11:48:20.0268 3276 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:48:20.0284 3276 nfrd960 - ok
11:48:20.0346 3276 nmwcdcx64 (2c761cc067acf0fb4ea13930b09bfeea) C:\Windows\system32\drivers\ccdcmbox64.sys
11:48:20.0393 3276 nmwcdcx64 - ok
11:48:20.0440 3276 nmwcdnsucx64 (ce90d1dd60db810a45e13fccea47e890) C:\Windows\system32\drivers\nmwcdnsucx64.sys
11:48:20.0471 3276 nmwcdnsucx64 - ok
11:48:20.0502 3276 nmwcdnsux64 (f5a8219ea8a6b67280308fae169b65c0) C:\Windows\system32\drivers\nmwcdnsux64.sys
11:48:20.0518 3276 nmwcdnsux64 - ok
11:48:20.0564 3276 nmwcdx64 (63051819d5cac0fa49c425fc5e1a2b5c) C:\Windows\system32\drivers\ccdcmbx64.sys
11:48:20.0580 3276 nmwcdx64 - ok
11:48:20.0596 3276 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:48:20.0642 3276 Npfs - ok
11:48:20.0674 3276 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:48:20.0720 3276 nsiproxy - ok
11:48:20.0783 3276 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:48:20.0814 3276 Ntfs - ok
11:48:20.0830 3276 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:48:20.0876 3276 Null - ok
11:48:21.0124 3276 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:48:21.0276 3276 nvlddmkm - ok
11:48:21.0323 3276 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:48:21.0323 3276 nvraid - ok
11:48:21.0339 3276 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:48:21.0354 3276 nvstor - ok
11:48:21.0385 3276 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:48:21.0401 3276 nv_agp - ok
11:48:21.0417 3276 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:48:21.0417 3276 ohci1394 - ok
11:48:21.0432 3276 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:48:21.0463 3276 Parport - ok
11:48:21.0495 3276 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:48:21.0495 3276 partmgr - ok
11:48:21.0541 3276 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
11:48:21.0573 3276 pccsmcfd - ok
11:48:21.0588 3276 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:48:21.0611 3276 pci - ok
11:48:21.0624 3276 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:48:21.0634 3276 pciide - ok
11:48:21.0644 3276 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:48:21.0654 3276 pcmcia - ok
11:48:21.0669 3276 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:48:21.0676 3276 pcw - ok
11:48:21.0704 3276 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:48:21.0754 3276 PEAUTH - ok
11:48:21.0839 3276 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:48:21.0884 3276 PptpMiniport - ok
11:48:21.0911 3276 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:48:21.0941 3276 Processor - ok
11:48:21.0986 3276 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:48:22.0031 3276 Psched - ok
11:48:22.0076 3276 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:48:22.0104 3276 ql2300 - ok
11:48:22.0121 3276 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:48:22.0131 3276 ql40xx - ok
11:48:22.0154 3276 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:48:22.0169 3276 QWAVEdrv - ok
11:48:22.0179 3276 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:48:22.0210 3276 RasAcd - ok
11:48:22.0226 3276 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:48:22.0257 3276 RasAgileVpn - ok
11:48:22.0272 3276 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:48:22.0304 3276 Rasl2tp - ok
11:48:22.0335 3276 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:48:22.0382 3276 RasPppoe - ok
11:48:22.0413 3276 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:48:22.0444 3276 RasSstp - ok
11:48:22.0460 3276 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:48:22.0506 3276 rdbss - ok
11:48:22.0538 3276 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:48:22.0569 3276 rdpbus - ok
11:48:22.0600 3276 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:48:22.0631 3276 RDPCDD - ok
11:48:22.0662 3276 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
11:48:22.0694 3276 RDPDR - ok
11:48:22.0725 3276 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:48:22.0772 3276 RDPENCDD - ok
11:48:22.0787 3276 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:48:22.0828 3276 RDPREFMP - ok
11:48:22.0851 3276 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
11:48:22.0876 3276 RdpVideoMiniport - ok
11:48:22.0908 3276 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
11:48:22.0936 3276 RDPWD - ok
11:48:22.0956 3276 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:48:22.0966 3276 rdyboost - ok
11:48:23.0001 3276 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:48:23.0051 3276 rspndr - ok
11:48:23.0088 3276 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
11:48:23.0093 3276 s3cap - ok
11:48:23.0109 3276 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:48:23.0125 3276 sbp2port - ok
11:48:23.0140 3276 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:48:23.0187 3276 scfilter - ok
11:48:23.0218 3276 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:48:23.0265 3276 secdrv - ok
11:48:23.0296 3276 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:48:23.0327 3276 Serenum - ok
11:48:23.0359 3276 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:48:23.0374 3276 Serial - ok
11:48:23.0390 3276 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:48:23.0405 3276 sermouse - ok
11:48:23.0452 3276 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:48:23.0483 3276 sffdisk - ok
11:48:23.0483 3276 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:48:23.0499 3276 sffp_mmc - ok
11:48:23.0515 3276 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:48:23.0530 3276 sffp_sd - ok
11:48:23.0530 3276 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:48:23.0546 3276 sfloppy - ok
11:48:23.0577 3276 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:48:23.0593 3276 SiSRaid2 - ok
11:48:23.0608 3276 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:48:23.0624 3276 SiSRaid4 - ok
11:48:23.0624 3276 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:48:23.0686 3276 Smb - ok
11:48:23.0717 3276 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:48:23.0717 3276 spldr - ok
11:48:23.0764 3276 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:48:23.0780 3276 srv - ok
11:48:23.0795 3276 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:48:23.0811 3276 srv2 - ok
11:48:23.0842 3276 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:48:23.0873 3276 srvnet - ok
11:48:23.0936 3276 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:48:23.0951 3276 stexstor - ok
11:48:23.0983 3276 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
11:48:23.0983 3276 storflt - ok
11:48:23.0998 3276 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
11:48:24.0014 3276 storvsc - ok
11:48:24.0029 3276 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:48:24.0029 3276 swenum - ok
11:48:24.0060 3276 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys
11:48:24.0067 3276 Synth3dVsc - ok
11:48:24.0137 3276 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:48:24.0167 3276 Tcpip - ok
11:48:24.0212 3276 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:48:24.0242 3276 TCPIP6 - ok
11:48:24.0260 3276 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:48:24.0287 3276 tcpipreg - ok
11:48:24.0305 3276 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:48:24.0351 3276 TDPIPE - ok
11:48:24.0351 3276 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:48:24.0382 3276 TDTCP - ok
11:48:24.0429 3276 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:48:24.0476 3276 tdx - ok
11:48:24.0507 3276 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
11:48:24.0523 3276 TermDD - ok
11:48:24.0523 3276 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
11:48:24.0554 3276 terminpt - ok
11:48:24.0585 3276 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:48:24.0632 3276 tssecsrv - ok
11:48:24.0663 3276 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:48:24.0694 3276 TsUsbFlt - ok
11:48:24.0726 3276 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:48:24.0726 3276 TsUsbGD - ok
11:48:24.0741 3276 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
11:48:24.0772 3276 tsusbhub - ok
11:48:24.0819 3276 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:48:24.0850 3276 tunnel - ok
11:48:24.0850 3276 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:48:24.0866 3276 uagp35 - ok
11:48:24.0882 3276 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:48:24.0928 3276 udfs - ok
11:48:24.0944 3276 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:48:24.0965 3276 uliagpkx - ok
11:48:24.0992 3276 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:48:25.0025 3276 umbus - ok
11:48:25.0035 3276 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:48:25.0047 3276 UmPass - ok
11:48:25.0105 3276 upperdev (bcd611d240604ceee7f90805361fab50) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
11:48:25.0142 3276 upperdev - ok
11:48:25.0187 3276 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
11:48:25.0197 3276 usbccgp - ok
11:48:25.0207 3276 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:48:25.0235 3276 usbcir - ok
11:48:25.0266 3276 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
11:48:25.0297 3276 usbehci - ok
11:48:25.0328 3276 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:48:25.0359 3276 usbhub - ok
11:48:25.0406 3276 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:48:25.0422 3276 usbohci - ok
11:48:25.0437 3276 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:48:25.0453 3276 usbprint - ok
11:48:25.0484 3276 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
11:48:25.0500 3276 usbser - ok
11:48:25.0515 3276 UsbserFilt (d91be2644b18b4e3c69982fe0e1e97d6) C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
11:48:25.0562 3276 UsbserFilt - ok
11:48:25.0593 3276 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:48:25.0625 3276 USBSTOR - ok
11:48:25.0656 3276 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
11:48:25.0687 3276 usbuhci - ok
11:48:25.0718 3276 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:48:25.0734 3276 vdrvroot - ok
11:48:25.0734 3276 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:48:25.0749 3276 vga - ok
11:48:25.0781 3276 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:48:25.0796 3276 VgaSave - ok
11:48:25.0812 3276 VGPU - ok
11:48:25.0843 3276 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:48:25.0843 3276 vhdmp - ok
11:48:25.0859 3276 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:48:25.0874 3276 viaide - ok
11:48:25.0899 3276 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
11:48:25.0909 3276 vmbus - ok
11:48:25.0922 3276 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
11:48:25.0949 3276 VMBusHID - ok
11:48:25.0977 3276 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:48:25.0987 3276 volmgr - ok
11:48:26.0029 3276 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:48:26.0039 3276 volmgrx - ok
11:48:26.0057 3276 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:48:26.0069 3276 volsnap - ok
11:48:26.0099 3276 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:48:26.0109 3276 vsmraid - ok
11:48:26.0127 3276 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
11:48:26.0149 3276 vwifibus - ok
11:48:26.0180 3276 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:48:26.0212 3276 WacomPen - ok
11:48:26.0243 3276 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:48:26.0290 3276 WANARP - ok
11:48:26.0305 3276 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:48:26.0321 3276 Wanarpv6 - ok
11:48:26.0383 3276 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:48:26.0383 3276 Wd - ok
11:48:26.0414 3276 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:48:26.0430 3276 Wdf01000 - ok
11:48:26.0461 3276 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:48:26.0492 3276 WfpLwf - ok
11:48:26.0508 3276 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:48:26.0524 3276 WIMMount - ok
11:48:26.0555 3276 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:48:26.0586 3276 WinUsb - ok
11:48:26.0602 3276 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:48:26.0602 3276 WmiAcpi - ok
11:48:26.0648 3276 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:48:26.0680 3276 ws2ifsl - ok
11:48:26.0695 3276 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:48:26.0742 3276 WudfPf - ok
11:48:26.0801 3276 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:48:26.0829 3276 WUDFRd - ok
11:48:26.0866 3276 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
11:48:26.0881 3276 yukonw7 - ok
11:48:26.0896 3276 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:48:27.0009 3276 \Device\Harddisk0\DR0 - ok
11:48:27.0011 3276 Boot (0x1200) (d2f185d1e059d9c9af7455608f6ac31c) \Device\Harddisk0\DR0\Partition0
11:48:27.0011 3276 \Device\Harddisk0\DR0\Partition0 - ok
11:48:27.0031 3276 Boot (0x1200) (f8a24ce96d293af8904b3e771a4a02cc) \Device\Harddisk0\DR0\Partition1
11:48:27.0034 3276 \Device\Harddisk0\DR0\Partition1 - ok
11:48:27.0034 3276 ============================================================
11:48:27.0034 3276 Scan finished
11:48:27.0034 3276 ============================================================
11:48:27.0041 3568 Detected object count: 0
11:48:27.0041 3568 Actual detected object count: 0
11:48:37.0424 1060 Deinitialize success
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu - trojan Win32/Patched.NBG
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o kontrolu - trojan Win32/Patched.NBG
Kód: Vybrat vše
MBRScan v1.1.0
OS : Windows 7 Service Pack 1 (64 bit)
PROCESSOR : Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
BOOT : Normal Boot
DATE : 2012/02/11 (ISO 8601) at 11:50:24
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __WDC WD5001AALS-00L3B2 (01.03B01)
BUS_TYPE : (0x03) P-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 465.8 Go [Fixed] ==> 7 MBR Code
MBR_MD5 : 076F3549EDE0D39887669178D2E65F33
MBR_SHA1 : 3DFB8A8C0509661B37D17B11EE6DEACEF5C39B40
Device\Harddisk0\Partition1 100.0 Mo 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 465.7 Go 0x07 NTFS / HPFS
________________________________________________________________________________
############################### Additional scan ################################
DRIVER : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x02FF1000
SIZE : 292.0 Ko
DRIVER : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00B9B000
SIZE : 40.0 Ko
DRIVER : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00C95000
SIZE : 316.0 Ko
DRIVER : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00CF8000
SIZE : 376.0 Ko
DRIVER : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00EFC000
SIZE : 768.0 Ko
DRIVER : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE : 656.0 Ko
DRIVER : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00EA4000
SIZE : 60.0 Ko
DRIVER : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00D56000
SIZE : 348.0 Ko
DRIVER : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00EB3000
SIZE : 36.0 Ko
DRIVER : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00EBC000
SIZE : 40.0 Ko
DRIVER : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00EC6000
SIZE : 204.0 Ko
DRIVER : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00FBC000
SIZE : 52.0 Ko
DRIVER : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00FC9000
SIZE : 84.0 Ko
DRIVER : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00FDE000
SIZE : 84.0 Ko
DRIVER : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE : 368.0 Ko
DRIVER : C:\Windows\system32\drivers\pciide.sys => Invisible on the disk
ADDRESS : 0x00FF3000
SIZE : 28.0 Ko
DRIVER : C:\Windows\system32\drivers\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x00C5C000
SIZE : 64.0 Ko
DRIVER : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00C6C000
SIZE : 104.0 Ko
DRIVER : C:\Windows\system32\drivers\iaStor.sys => Invisible on the disk
ADDRESS : 0x010E2000
SIZE : 1.11 Mo
DRIVER : C:\Windows\system32\drivers\atapi.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE : 36.0 Ko
DRIVER : C:\Windows\system32\drivers\ataport.SYS => Invisible on the disk
ADDRESS : 0x01009000
SIZE : 168.0 Ko
DRIVER : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x01033000
SIZE : 44.0 Ko
DRIVER : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x0103E000
SIZE : 304.0 Ko
DRIVER : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x0108A000
SIZE : 80.0 Ko
DRIVER : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01229000
SIZE : 1.64 Mo
DRIVER : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x01488000
SIZE : 376.0 Ko
DRIVER : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x014E6000
SIZE : 108.0 Ko
DRIVER : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x01501000
SIZE : 456.0 Ko
DRIVER : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x01573000
SIZE : 68.0 Ko
DRIVER : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x01584000
SIZE : 40.0 Ko
DRIVER : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x01602000
SIZE : 972.0 Ko
DRIVER : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x016F5000
SIZE : 384.0 Ko
DRIVER : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01755000
SIZE : 172.0 Ko
DRIVER : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x0182C000
SIZE : 2.02 Mo
DRIVER : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01A30000
SIZE : 296.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\epfwwfp.sys => Invisible on the disk
ADDRESS : 0x01A7A000
SIZE : 84.0 Ko
DRIVER : C:\Windows\system32\drivers\vmstorfl.sys => Invisible on the disk
ADDRESS : 0x01A8F000
SIZE : 64.0 Ko
DRIVER : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01A9F000
SIZE : 304.0 Ko
DRIVER : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x01AEB000
SIZE : 32.0 Ko
DRIVER : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x01AF3000
SIZE : 232.0 Ko
DRIVER : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x01B2D000
SIZE : 72.0 Ko
DRIVER : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x01B3F000
SIZE : 36.0 Ko
DRIVER : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01B48000
SIZE : 232.0 Ko
DRIVER : C:\Windows\system32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x01B82000
SIZE : 88.0 Ko
DRIVER : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01B98000
SIZE : 192.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x01800000
SIZE : 168.0 Ko
DRIVER : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x01780000
SIZE : 36.0 Ko
DRIVER : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x01789000
SIZE : 28.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\ehdrv.sys => Invisible on the disk
ADDRESS : 0x01790000
SIZE : 156.0 Ko
DRIVER : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x017B7000
SIZE : 56.0 Ko
DRIVER : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x017C5000
SIZE : 148.0 Ko
DRIVER : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x017EA000
SIZE : 64.0 Ko
DRIVER : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x0158E000
SIZE : 36.0 Ko
DRIVER : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x01597000
SIZE : 36.0 Ko
DRIVER : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x015A0000
SIZE : 36.0 Ko
DRIVER : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x015A9000
SIZE : 44.0 Ko
DRIVER : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x015B4000
SIZE : 68.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x015C5000
SIZE : 136.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x015E7000
SIZE : 52.0 Ko
DRIVER : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x040E2000
SIZE : 548.0 Ko
DRIVER : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x0416B000
SIZE : 276.0 Ko
DRIVER : C:\Windows\system32\drivers\ws2ifsl.sys => Invisible on the disk
ADDRESS : 0x041B0000
SIZE : 44.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x041BB000
SIZE : 36.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x041C4000
SIZE : 152.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\EpfwLWF.sys => Invisible on the disk
ADDRESS : 0x041EA000
SIZE : 52.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x04000000
SIZE : 60.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\dtsoftbus01.sys => Invisible on the disk
ADDRESS : 0x0400F000
SIZE : 268.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x04052000
SIZE : 108.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk
ADDRESS : 0x0406D000
SIZE : 80.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x04081000
SIZE : 324.0 Ko
DRIVER : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x040D2000
SIZE : 48.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk
ADDRESS : 0x015F4000
SIZE : 44.0 Ko
DRIVER : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE : 60.0 Ko
DRIVER : C:\Windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x06EB5000
SIZE : 524.0 Ko
DRIVER : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x06F38000
SIZE : 120.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x06F56000
SIZE : 68.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x06F67000
SIZE : 152.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x06F8D000
SIZE : 88.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk
ADDRESS : 0x0F250000
SIZE : 12.46 Mo
DRIVER : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x0FEC7000
SIZE : 976.0 Ko
DRIVER : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x0F200000
SIZE : 280.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\usbuhci.sys => Invisible on the disk
ADDRESS : 0x0FFBB000
SIZE : 52.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x06FA3000
SIZE : 344.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x0FFC8000
SIZE : 68.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x0FFD9000
SIZE : 144.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\yk62x64.sys => Invisible on the disk
ADDRESS : 0x06E00000
SIZE : 404.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\1394ohci.sys => Invisible on the disk
ADDRESS : 0x06E65000
SIZE : 248.0 Ko
DRIVER : C:\Windows\system32\DRIVERS\ASACPI.sys => Invisible on the disk
ADDRESS : 0x0F246000
SIZE : 32.0 Ko
DRIVER : C:\Windows\syste________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.fas.þ
0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².ë.
0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2ä.V.Í.]ë..>þ}U
0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°Ñæd
0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßæ`è|.°.ædèu
0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT
0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.».
0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf
0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f
0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öê.|..Í
0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.ë..¶.ë..µ.2ä
0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....ð¬<.t.»..´.Í
0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ëòôëý+Éädë.$.àø
0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ÃInvalid parti
0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error
0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati
0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin
0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x000001B0 65 6D 00 00 00 63 7B 9A 23 5E 6F EC 00 00 80 20 em...c{.#^oì...
0x000001C0 21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF !..ß....... ...ß
0x000001D0 14 0C 07 FE FF FF 00 28 03 00 00 30 35 3A 00 00 ...þ...(...05:..
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
__________________________16_BIT_ASM_CODE
0x0000 33c0 XOR AX, AX
0x0002 8ed0 MOV SS, AX
0x0004 bc 007c MOV SP, 0x7c00
0x0007 8ec0 MOV ES, AX
0x0009 8ed8 MOV DS, AX
0x000B be 007c MOV SI, 0x7c00
0x000E bf 0006 MOV DI, 0x600
0x0011 b9 0002 MOV CX, 0x200
0x0014 fc CLD
0x0015 f3 a4 REP MOVSB
0x0017 50 PUSH AX
0x0018 68 1c06 PUSH 0x61c
0x001B cb RETF
0x001C fb STI
0x001D b9 0400 MOV CX, 0x4
0x0020 bd be07 MOV BP, 0x7be
0x0023 807e 00 00 CMP BYTE [BP+0x0], 0x0
0x0027 7c 0b JL 0x34
0x0029 0f85 0e01 JNZ 0x13b
0x002D 83c5 10 ADD BP, 0x10
0x0030 e2 f1 LOOP 0x23
0x0032 cd 18 INT 0x18
0x0034 8856 00 MOV [BP+0x0], DL
0x0037 55 PUSH BP
0x0038 c646 11 05 MOV BYTE [BP+0x11], 0x5
0x003C c646 10 00 MOV BYTE [BP+0x10], 0x0
0x0040 b4 41 MOV AH, 0x41
0x0042 bb aa55 MOV BX, 0x55aa
0x0045 cd 13 INT 0x13
0x0047 5d POP BP
0x0048 72 0f JB 0x59
0x004A 81fb 55aa CMP BX, 0xaa55
0x004E 75 09 JNZ 0x59
0x0050 f7c1 0100 TEST CX, 0x1
0x0054 74 03 JZ 0x59
0x0056 fe46 10 INC BYTE [BP+0x10]
0x0059 66 60 PUSHAD
0x005B 807e 10 00 CMP BYTE [BP+0x10], 0x0
0x005F 74 26 JZ 0x87
0x0061 66 68 00000000 PUSH 0x0
0x0067 66 ff76 08 PUSH DWORD [BP+0x8]
0x006B 68 0000 PUSH 0x0
0x006E 68 007c PUSH 0x7c00
0x0071 68 0100 PUSH 0x1
0x0074 68 1000 PUSH 0x10
0x0077 b4 42 MOV AH, 0x42
0x0079 8a56 00 MOV DL, [BP+0x0]
0x007C 8bf4 MOV SI, SP
0x007E cd 13 INT 0x13
0x0080 9f LAHF
0x0081 83c4 10 ADD SP, 0x10
0x0084 9e SAHF
0x0085 eb 14 JMP 0x9b
0x0087 b8 0102 MOV AX, 0x201
0x008A bb 007c MOV BX, 0x7c00
0x008D 8a56 00 MOV DL, [BP+0x0]
0x0090 8a76 01 MOV DH, [BP+0x1]
0x0093 8a4e 02 MOV CL, [BP+0x2]
0x0096 8a6e 03 MOV CH, [BP+0x3]
0x0099 cd 13 INT 0x13
0x009B 66 61 POPAD
0x009D 73 1c JAE 0xbb
0x009F fe4e 11 DEC BYTE [BP+0x11]
0x00A2 75 0c JNZ 0xb0
0x00A4 807e 00 80 CMP BYTE [BP+0x0], 0x80
0x00A8 0f84 8a00 JZ 0x136
0x00AC b2 80 MOV DL, 0x80
0x00AE eb 84 JMP 0x34
0x00B0 55 PUSH BP
0x00B1 32e4 XOR AH, AH
0x00B3 8a56 00 MOV DL, [BP+0x0]
0x00B6 cd 13 INT 0x13
0x00B8 5d POP BP
0x00B9 eb 9e JMP 0x59
0x00BB 813e fe7d 55aa CMP WORD [0x7dfe], 0xaa55
0x00C1 75 6e JNZ 0x131
0x00C3 ff76 00 PUSH WORD [BP+0x0]
0x00C6 e8 8d00 CALL 0x156
0x00C9 75 17 JNZ 0xe2
0x00CB fa CLI
0x00CC b0 d1 MOV AL, 0xd1
0x00CE e6 64 OUT 0x64, AL
0x00D0 e8 8300 CALL 0x156
0x00D3 b0 df MOV AL, 0xdf
0x00D5 e6 60 OUT 0x60, AL
0x00D7 e8 7c00 CALL 0x156
0x00DA b0 ff MOV AL, 0xff
0x00DC e6 64 OUT 0x64, AL
0x00DE e8 7500 CALL 0x156
0x00E1 fb STI
0x00E2 b8 00bb MOV AX, 0xbb00
0x00E5 cd 1a INT 0x1a
0x00E7 66 23c0 AND EAX, EAX
0x00EA 75 3b JNZ 0x127
0x00EC 66 81fb 54435041CMP EBX, 0x41504354
0x00F3 75 32 JNZ 0x127
0x00F5 81f9 0201 CMP CX, 0x102
0x00F9 72 2c JB 0x127
0x00FB 66 68 07bb0000 PUSH 0xbb07
0x0101 66 68 00020000 PUSH 0x200
0x0107 66 68 08000000 PUSH 0x8
0x010D 66 53 PUSH EBX
0x010F 66 53 PUSH EBX
0x0111 66 55 PUSH EBP
0x0113 66 68 00000000 PUSH 0x0
0x0119 66 68 007c0000 PUSH 0x7c00
0x011F 66 61 POPAD
0x0121 68 0000 PUSH 0x0
0x0124 07 POP ES
0x0125 cd 1a INT 0x1a
0x0127 5a POP DX
0x0128 32f6 XOR DH, DH
0x012A ea 007c 0000 JMP FAR 0x0:0x7c00
0x012F cd 18 INT 0x18
0x0131 a0 b707 MOV AL, [0x7b7]
0x0134 eb 08 JMP 0x13e
0x0136 a0 b607 MOV AL, [0x7b6]
0x0139 eb 03 JMP 0x13e
0x013B a0 b507 MOV AL, [0x7b5]
0x013E 32e4 XOR AH, AH
0x0140 05 0007 ADD AX, 0x700
0x0143 8bf0 MOV SI, AX
0x0145 ac LODSB
0x0146 3c 00 CMP AL, 0x0
0x0148 74 09 JZ 0x153
0x014A bb 0700 MOV BX, 0x7
0x014D b4 0e MOV AH, 0xe
0x014F cd 10 INT 0x10
0x0151 eb f2 JMP 0x145
0x0153 f4 HLT
0x0154 eb fd JMP 0x153
0x0156 2bc9 SUB CX, CX
0x0158 e4 64 IN AL, 0x64
0x015A eb 00 JMP 0x15c
0x015C 24 02 AND AL, 0x2
0x015E e0 f8 LOOPNZ 0x158
0x0160 24 02 AND AL, 0x2
0x0162 c3 RET
0x0163 49 DEC CX
0x0164 6e OUTSB
0x0165 76 61 JBE 0x1c8
0x0167 6c INSB
0x0168 6964 20 7061 IMUL SP, [SI+0x20], 0x6170
0x016D 72 74 JB 0x1e3
0x016F 6974 69 6f6e IMUL SI, [SI+0x69], 0x6e6f
0x0174 2074 61 AND [SI+0x61], DH
0x0177 626c 65 BOUND BP, [SI+0x65]
0x017A 0045 72 ADD [DI+0x72], AL
0x017D 72 6f JB 0x1ee
0x017F 72 20 JB 0x1a1
0x0181 6c INSB
0x0182 6f OUTSW
0x0183 61 POPA
0x0184 64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20
0x018A 70 65 JO 0x1f1
0x018C 72 61 JB 0x1ef
0x018E 74 69 JZ 0x1f9
0x0190 6e OUTSB
0x0191 67 2073 79 AND [EBX+0x79], DH
0x0195 73 74 JAE 0x20b
0x0197 65 6d INS WORD GS:[DI], DX
0x0199 004d 69 ADD [DI+0x69], CL
0x019C 73 73 JAE 0x211
0x019E 696e 67 206f IMUL BP, [BP+0x67], 0x6f20
0x01A3 70 65 JO 0x20a
0x01A5 72 61 JB 0x208
0x01A7 74 69 JZ 0x212
0x01A9 6e OUTSB
0x01AA 67 2073 79 AND [EBX+0x79], DH
0x01AE 73 74 JAE 0x224
0x01B0 65 6d INS WORD GS:[DI], DX
0x01B2 0000 ADD [BX+SI], AL
0x01B4 0063 7b ADD [BP+DI+0x7b], AH
0x01B7 9a 235e 6fec CALL FAR 0xec6f:0x5e23
0x01BC 0000 ADD [BX+SI], AL
0x01BE 8020 21 AND BYTE [BX+SI], 0x21
0x01C1 0007 ADD [BX], AL
0x01C3 df13 FIST WORD [BP+DI]
0x01C5 0c 00 OR AL, 0x0
0x01C7 0800 OR [BX+SI], AL
0x01C9 0000 ADD [BX+SI], AL
0x01CB 2003 AND [BP+DI], AL
0x01CD 0000 ADD [BX+SI], AL
0x01CF df14 FIST WORD [SI]
0x01D1 0c 07 OR AL, 0x7
0x01D3 fe DB 0xfe
0x01D4 ff DB 0xff
0x01D5 ff00 INC WORD [BX+SI]
0x01D7 2803 SUB [BP+DI], AL
0x01D9 0000 ADD [BX+SI], AL
0x01DB 3035 XOR [DI], DH
0x01DD 3a00 CMP AL, [BX+SI]
0x01DF 0000 ADD [BX+SI], AL
0x01E1 0000 ADD [BX+SI], AL
0x01E3 0000 ADD [BX+SI], AL
0x01E5 0000 ADD [BX+SI], AL
0x01E7 0000 ADD [BX+SI], AL
0x01E9 0000 ADD [BX+SI], AL
0x01EB 0000 ADD [BX+SI], AL
0x01ED 0000 ADD [BX+SI], AL
0x01EF 0000 ADD [BX+SI], AL
0x01F1 0000 ADD [BX+SI], AL
0x01F3 0000 ADD [BX+SI], AL
0x01F5 0000 ADD [BX+SI], AL
0x01F7 0000 ADD [BX+SI], AL
0x01F9 0000 ADD [BX+SI], AL
0x01FB 0000 ADD [BX+SI], AL
0x01FD 0055 aa ADD [DI-0x56], DL
Re: prosím o kontrolu - trojan Win32/Patched.NBG
Je to švagrovo PC.. přinesl mi to že neví jak to tam dostal. na xxx nechodí, má ESS.
Na warez nechodí.. tak ja nevím, není to žádnej počítačovej expert, tak bůhví kde to stáhnul.. kliknul na nějakou reklamu a bylo asi..
Co sem koukal co ma nainstalovano v PC takove ty listy do net.prohlizece a jine balasty tak sem to hned odinstaloval.
Děkuji za pomoc pri odstraneni trojana.
Na warez nechodí.. tak ja nevím, není to žádnej počítačovej expert, tak bůhví kde to stáhnul.. kliknul na nějakou reklamu a bylo asi..
Co sem koukal co ma nainstalovano v PC takove ty listy do net.prohlizece a jine balasty tak sem to hned odinstaloval.
Děkuji za pomoc pri odstraneni trojana.
Re: prosím o kontrolu - trojan Win32/Patched.NBG
V dnešní době chytnou vira je úmění si myslim 
Re: prosím o kontrolu - trojan Win32/Patched.NBG
Tak teď si mě rozesmál 
Re: prosím o kontrolu - trojan Win32/Patched.NBG
Skvělý 
)
podobně zaneřáděnej PC má soused.. ale dokavaď mu to jede tak mu to nevadí..
hlavně že mu po startu na pozadí běhá nahatá ženská
)podobně zaneřáděnej PC má soused.. ale dokavaď mu to jede tak mu to nevadí..
hlavně že mu po startu na pozadí běhá nahatá ženská
Re: prosím o kontrolu - trojan Win32/Patched.NBG
1screen 1000slov
talent
nejlepsi na tom je umazany uz.jmeno
Asi nakej 007
talent
nejlepsi na tom je umazany uz.jmeno
Asi nakej 007
Re: prosím o kontrolu - trojan Win32/Patched.NBG
Neni problém, napiš mi co potřebuješ
Re: prosím o kontrolu - trojan Win32/Patched.NBG
Pri spusteni softu mi to nahlasilo chybu ze to nelze spustit - nepodporuje to 64bit.. ))
))Re: prosím o kontrolu - trojan Win32/Patched.NBG
Tak jsem dal otestovat disky ESS 5.0 a našlo to ještě nějakou havěť.
Můžeš se mi na to prosim kouknout?
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\24385960-59a91105 » ZIP » Idmer.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\24385960-59a91105 » ZIP » Ooo$1.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\24385960-59a91105 » ZIP » Ooo.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\24385960-59a91105 » ZIP » fftubny.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\24385960-59a91105 » ZIP » jy1gjdg.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\4e7c8568-7a45fe25 » ZIP » Idmer.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\4e7c8568-7a45fe25 » ZIP » Ooo.class - varianta infiltrace Java/Exploit.CVE-2011-3544.AI trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\4e7c8568-7a45fe25 » ZIP » fftubny.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\4e7c8568-7a45fe25 » ZIP » jy1gjdg.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\3950f448-6a05f830 - varianta infiltrace Win32/Kryptik.AAJE trojský kůň - vyléčen smazáním - uložen do karantény (tak ten je snad pryč)
Díky
Můžeš se mi na to prosim kouknout?
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\24385960-59a91105 » ZIP » Idmer.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\24385960-59a91105 » ZIP » Ooo$1.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\24385960-59a91105 » ZIP » Ooo.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\24385960-59a91105 » ZIP » fftubny.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\24385960-59a91105 » ZIP » jy1gjdg.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\4e7c8568-7a45fe25 » ZIP » Idmer.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\4e7c8568-7a45fe25 » ZIP » Ooo.class - varianta infiltrace Java/Exploit.CVE-2011-3544.AI trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\4e7c8568-7a45fe25 » ZIP » fftubny.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Users\Pepos7\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\4e7c8568-7a45fe25 » ZIP » jy1gjdg.class - Java/TrojanDownloader.Agent.AC trojský kůň
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\3950f448-6a05f830 - varianta infiltrace Win32/Kryptik.AAJE trojský kůň - vyléčen smazáním - uložen do karantény (tak ten je snad pryč)
Díky
Re: prosím o kontrolu - trojan Win32/Patched.NBG
Opraveno, ESS uz nic nehlasi..
Dekuji-ti
Jestli mohu nekterak pomoc tak mi pisni SZ. thx
Dekuji-ti
Jestli mohu nekterak pomoc tak mi pisni SZ. thx
Přispějete na provoz fóra?