avastsvc.exe win32:patched-wq

[Petrásek]

Přeji hezký další den.
Tak jsem se již doma připojil, ale ani spuštěním AVPTool v normálním, ani v nouzovém režimu se k logu nedopracuji. Vždy se program sám zavře když má otestováno něco kolem 1000 souborů.
Už z toho začínám šílet

[vyosek]

Zacina to byl volaake cudne

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
• Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
• Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
• Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
• Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
• Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

[Petrásek]

Ta sken zkončil, utilita nabídla pouze "Skip", dal jsem Continue.
Reboot to po mě nechtělo, tak jsem klikl na report a ten dávám sem:
2011/07/29 08:44:46.0968 2812 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/29 08:44:47.0171 2812 ================================================================================
2011/07/29 08:44:47.0171 2812 SystemInfo:
2011/07/29 08:44:47.0187 2812
2011/07/29 08:44:47.0187 2812 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/29 08:44:47.0187 2812 Product type: Workstation
2011/07/29 08:44:47.0187 2812 ComputerName: ROMAN
2011/07/29 08:44:47.0187 2812 UserName: Mornštejn Roman
2011/07/29 08:44:47.0187 2812 Windows directory: C:\WINDOWS
2011/07/29 08:44:47.0187 2812 System windows directory: C:\WINDOWS
2011/07/29 08:44:47.0187 2812 Processor architecture: Intel x86
2011/07/29 08:44:47.0187 2812 Number of processors: 2
2011/07/29 08:44:47.0187 2812 Page size: 0x1000
2011/07/29 08:44:47.0187 2812 Boot type: Normal boot
2011/07/29 08:44:47.0187 2812 ================================================================================
2011/07/29 08:44:48.0906 2812 Initialize success
2011/07/29 08:44:55.0359 1312 ================================================================================
2011/07/29 08:44:55.0359 1312 Scan started
2011/07/29 08:44:55.0359 1312 Mode: Manual;
2011/07/29 08:44:55.0359 1312 ================================================================================
2011/07/29 08:44:57.0187 1312 Aavmker4 (31a8ab3deb93e3d90717ad8fb0974c3f) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/07/29 08:44:57.0281 1312 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/29 08:44:57.0312 1312 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/07/29 08:44:57.0375 1312 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/29 08:44:57.0453 1312 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/29 08:44:57.0750 1312 AR5416 (0297af4b89769159058b996c21218421) C:\WINDOWS\system32\DRIVERS\athw.sys
2011/07/29 08:44:57.0984 1312 aswFsBlk (a289930e70f3fa3b07df80d2b052794e) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/07/29 08:44:58.0125 1312 aswMon2 (1aca2b7efe91ca68ceed9c904ed3310d) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/07/29 08:44:58.0156 1312 aswRdr (cc40b9c301af5d145713b2764eec3907) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/07/29 08:44:58.0218 1312 aswSP (67db88b01fc1d815968230458814eb8d) C:\WINDOWS\system32\drivers\aswSP.sys
2011/07/29 08:44:58.0250 1312 aswTdi (ec8ef1ce2d6ca1071be8b7888ffa48c0) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/07/29 08:44:58.0406 1312 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/29 08:44:58.0437 1312 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/29 08:44:58.0500 1312 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/29 08:44:58.0562 1312 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/29 08:44:58.0625 1312 Axtmvflt (59629edd214c35a01e2527ac3b8a7fb3) C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys
2011/07/29 08:44:58.0781 1312 Axtmvmdm (37e23b1756eca768656097f72c0b458d) C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys
2011/07/29 08:44:58.0796 1312 Axtmvprt (2c7170be24eacc0b432eb1832fee0ddc) C:\WINDOWS\system32\Drivers\Axtmvprt.sys
2011/07/29 08:44:58.0859 1312 b57w2k (559ddda2c88459478056174247706deb) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2011/07/29 08:44:58.0921 1312 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/29 08:44:59.0000 1312 btaudio (9e8cf88d340e32fcb3c53955b2df388f) C:\WINDOWS\system32\drivers\btaudio.sys
2011/07/29 08:44:59.0171 1312 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/07/29 08:44:59.0265 1312 BTKRNL (9f704f40cd50ae05bbfc492c0342e765) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/07/29 08:44:59.0437 1312 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/07/29 08:44:59.0484 1312 btwmodem (5922bae0cd84924b9cd7e6bb515ee070) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
2011/07/29 08:44:59.0515 1312 BTWUSB (581ca1a9b6f8cba92e3bc8460c14faab) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/07/29 08:44:59.0859 1312 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/29 08:44:59.0906 1312 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/29 08:44:59.0953 1312 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/29 08:44:59.0984 1312 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/29 08:45:00.0015 1312 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/29 08:45:00.0062 1312 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/07/29 08:45:00.0265 1312 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/07/29 08:45:00.0343 1312 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/29 08:45:00.0390 1312 DKbFltr (060db81dfb79c8244eb65d10b6c7873f) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
2011/07/29 08:45:00.0468 1312 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/29 08:45:00.0640 1312 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/29 08:45:00.0687 1312 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/29 08:45:00.0750 1312 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/29 08:45:00.0796 1312 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/29 08:45:00.0859 1312 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/29 08:45:01.0031 1312 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/07/29 08:45:01.0062 1312 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/29 08:45:01.0062 1312 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/07/29 08:45:01.0140 1312 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/29 08:45:01.0187 1312 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/29 08:45:01.0218 1312 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/29 08:45:01.0406 1312 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/29 08:45:01.0468 1312 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/29 08:45:01.0531 1312 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/29 08:45:01.0640 1312 HSFHWAZL (7d33d2b81bd8b4bc51b536b113295d51) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2011/07/29 08:45:01.0843 1312 HSF_DPV (fb6ad8a16e22c91d5978b26e0300a331) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/07/29 08:45:02.0062 1312 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/29 08:45:02.0156 1312 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/29 08:45:02.0421 1312 ialm (b2768350bb50469aeb1afe694372b613) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/07/29 08:45:02.0812 1312 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/29 08:45:03.0031 1312 IntcAzAudAddService (74b482f8b2a9ebe8473381a7a58f801d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/29 08:45:03.0218 1312 IntcHdmiAddService (331244286fa249f2456e6d78fda4a93e) C:\WINDOWS\system32\drivers\IntcHdmi.sys
2011/07/29 08:45:03.0281 1312 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/29 08:45:03.0296 1312 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/29 08:45:03.0375 1312 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/29 08:45:03.0546 1312 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/29 08:45:03.0578 1312 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/29 08:45:03.0625 1312 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/29 08:45:03.0765 1312 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/29 08:45:04.0078 1312 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/29 08:45:04.0187 1312 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/29 08:45:04.0296 1312 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/29 08:45:04.0375 1312 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/29 08:45:04.0593 1312 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011/07/29 08:45:04.0671 1312 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/07/29 08:45:04.0734 1312 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/29 08:45:04.0875 1312 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/29 08:45:04.0937 1312 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/29 08:45:05.0015 1312 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/29 08:45:05.0046 1312 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/29 08:45:05.0234 1312 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/29 08:45:05.0343 1312 MRxSmb (f9ed0276a9d7f32f7d374d034abe4ee6) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/29 08:45:05.0343 1312 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\mrxsmb.sys. Real md5: f9ed0276a9d7f32f7d374d034abe4ee6, Fake md5: 0dc719e9b15e902346e87e9dcd5751fa
2011/07/29 08:45:05.0343 1312 MRxSmb - detected ForgedFile.Multi.Generic (1)
2011/07/29 08:45:05.0531 1312 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/29 08:45:05.0562 1312 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/29 08:45:05.0578 1312 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/29 08:45:05.0593 1312 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/29 08:45:05.0656 1312 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/29 08:45:05.0703 1312 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/29 08:45:05.0734 1312 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/29 08:45:05.0781 1312 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/29 08:45:05.0953 1312 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/29 08:45:05.0968 1312 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/29 08:45:05.0984 1312 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/29 08:45:06.0015 1312 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/29 08:45:06.0031 1312 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/29 08:45:06.0093 1312 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/29 08:45:06.0109 1312 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/29 08:45:06.0296 1312 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/29 08:45:06.0328 1312 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/29 08:45:06.0359 1312 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/29 08:45:06.0562 1312 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/29 08:45:06.0578 1312 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/29 08:45:06.0593 1312 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/29 08:45:06.0656 1312 O2MDRDR (f1072a203fb1e246be62d736a5b88dfd) C:\WINDOWS\system32\DRIVERS\o2media.sys
2011/07/29 08:45:06.0671 1312 O2SDRDR (5472c48f44b49f07b16b421899e550f8) C:\WINDOWS\system32\DRIVERS\o2sd.sys
2011/07/29 08:45:06.0750 1312 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
2011/07/29 08:45:06.0875 1312 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/29 08:45:06.0953 1312 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/29 08:45:06.0968 1312 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/29 08:45:07.0015 1312 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/29 08:45:07.0046 1312 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/07/29 08:45:07.0187 1312 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/29 08:45:07.0234 1312 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/29 08:45:07.0406 1312 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/29 08:45:07.0453 1312 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/29 08:45:07.0562 1312 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/29 08:45:07.0578 1312 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/29 08:45:07.0593 1312 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/29 08:45:07.0609 1312 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/29 08:45:07.0656 1312 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/29 08:45:07.0671 1312 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/29 08:45:07.0718 1312 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/29 08:45:07.0843 1312 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/29 08:45:07.0906 1312 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/29 08:45:07.0968 1312 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/07/29 08:45:08.0015 1312 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/29 08:45:08.0062 1312 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
2011/07/29 08:45:08.0250 1312 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/29 08:45:08.0312 1312 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/29 08:45:08.0390 1312 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/29 08:45:08.0421 1312 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/29 08:45:08.0468 1312 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/29 08:45:08.0687 1312 StillCam (06cda2a5a549bc455d004461e6bc5b33) C:\WINDOWS\system32\DRIVERS\serscan.sys
2011/07/29 08:45:08.0765 1312 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/29 08:45:08.0796 1312 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/29 08:45:08.0859 1312 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/29 08:45:09.0109 1312 SynTP (0389b6b5ba4bd0ddf9e1744b6adc8c97) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/07/29 08:45:09.0171 1312 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/29 08:45:09.0359 1312 Tcpip (4afb3b0919649f95c1964aa1fad27d73) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/29 08:45:09.0406 1312 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/29 08:45:09.0406 1312 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/29 08:45:09.0453 1312 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/29 08:45:09.0500 1312 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/29 08:45:09.0578 1312 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/29 08:45:09.0750 1312 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/29 08:45:09.0781 1312 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/29 08:45:09.0812 1312 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/29 08:45:09.0859 1312 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/29 08:45:09.0906 1312 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/29 08:45:09.0937 1312 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/29 08:45:10.0109 1312 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/29 08:45:10.0171 1312 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/29 08:45:10.0203 1312 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/29 08:45:10.0234 1312 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/29 08:45:10.0312 1312 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/29 08:45:10.0359 1312 winachsf (9692ab8ba2dcd649a86b1b9b81154278) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/07/29 08:45:10.0578 1312 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/07/29 08:45:10.0656 1312 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/07/29 08:45:10.0703 1312 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/29 08:45:10.0765 1312 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/29 08:45:10.0781 1312 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/29 08:45:10.0843 1312 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
2011/07/29 08:45:10.0968 1312 Boot (0x1200) (bd9f2bb8638a8004196c7214281f1969) \Device\Harddisk0\DR0\Partition0
2011/07/29 08:45:10.0984 1312 ================================================================================
2011/07/29 08:45:10.0984 1312 Scan finished
2011/07/29 08:45:10.0984 1312 ================================================================================
2011/07/29 08:45:11.0000 2992 Detected object count: 1
2011/07/29 08:45:11.0000 2992 Actual detected object count: 1
2011/07/29 08:46:14.0781 2992 ForgedFile.Multi.Generic(MRxSmb) - User select action: Skip
2011/07/29 08:46:42.0390 2240 ================================================================================
2011/07/29 08:46:42.0390 2240 Scan started
2011/07/29 08:46:42.0390 2240 Mode: Manual;
2011/07/29 08:46:42.0390 2240 ================================================================================
2011/07/29 08:46:42.0875 2240 Aavmker4 (31a8ab3deb93e3d90717ad8fb0974c3f) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/07/29 08:46:42.0968 2240 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/29 08:46:43.0000 2240 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/07/29 08:46:43.0062 2240 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/29 08:46:43.0125 2240 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/29 08:46:43.0421 2240 AR5416 (0297af4b89769159058b996c21218421) C:\WINDOWS\system32\DRIVERS\athw.sys
2011/07/29 08:46:43.0656 2240 aswFsBlk (a289930e70f3fa3b07df80d2b052794e) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/07/29 08:46:43.0687 2240 aswMon2 (1aca2b7efe91ca68ceed9c904ed3310d) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/07/29 08:46:43.0828 2240 aswRdr (cc40b9c301af5d145713b2764eec3907) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/07/29 08:46:43.0875 2240 aswSP (67db88b01fc1d815968230458814eb8d) C:\WINDOWS\system32\drivers\aswSP.sys
2011/07/29 08:46:43.0890 2240 aswTdi (ec8ef1ce2d6ca1071be8b7888ffa48c0) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/07/29 08:46:43.0937 2240 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/29 08:46:43.0968 2240 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/29 08:46:44.0156 2240 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/29 08:46:44.0218 2240 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/29 08:46:44.0296 2240 Axtmvflt (59629edd214c35a01e2527ac3b8a7fb3) C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys
2011/07/29 08:46:44.0328 2240 Axtmvmdm (37e23b1756eca768656097f72c0b458d) C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys
2011/07/29 08:46:44.0343 2240 Axtmvprt (2c7170be24eacc0b432eb1832fee0ddc) C:\WINDOWS\system32\Drivers\Axtmvprt.sys
2011/07/29 08:46:44.0390 2240 b57w2k (559ddda2c88459478056174247706deb) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2011/07/29 08:46:44.0562 2240 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/29 08:46:44.0656 2240 btaudio (9e8cf88d340e32fcb3c53955b2df388f) C:\WINDOWS\system32\drivers\btaudio.sys
2011/07/29 08:46:44.0812 2240 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/07/29 08:46:44.0906 2240 BTKRNL (9f704f40cd50ae05bbfc492c0342e765) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/07/29 08:46:45.0078 2240 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/07/29 08:46:45.0140 2240 btwmodem (5922bae0cd84924b9cd7e6bb515ee070) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
2011/07/29 08:46:45.0171 2240 BTWUSB (581ca1a9b6f8cba92e3bc8460c14faab) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/07/29 08:46:45.0500 2240 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/29 08:46:45.0531 2240 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/29 08:46:45.0578 2240 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/29 08:46:45.0593 2240 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/29 08:46:45.0625 2240 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/29 08:46:45.0687 2240 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/07/29 08:46:45.0859 2240 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/07/29 08:46:45.0937 2240 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/29 08:46:45.0984 2240 DKbFltr (060db81dfb79c8244eb65d10b6c7873f) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
2011/07/29 08:46:46.0046 2240 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/29 08:46:46.0218 2240 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/29 08:46:46.0265 2240 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/29 08:46:46.0312 2240 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/29 08:46:46.0359 2240 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/29 08:46:46.0406 2240 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/29 08:46:46.0437 2240 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/07/29 08:46:46.0609 2240 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/29 08:46:46.0609 2240 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/07/29 08:46:46.0687 2240 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/29 08:46:46.0734 2240 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/29 08:46:46.0765 2240 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/29 08:46:46.0796 2240 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/29 08:46:46.0968 2240 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/29 08:46:47.0046 2240 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/29 08:46:47.0125 2240 HSFHWAZL (7d33d2b81bd8b4bc51b536b113295d51) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2011/07/29 08:46:47.0203 2240 HSF_DPV (fb6ad8a16e22c91d5978b26e0300a331) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/07/29 08:46:47.0390 2240 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/29 08:46:47.0484 2240 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/29 08:46:47.0750 2240 ialm (b2768350bb50469aeb1afe694372b613) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/07/29 08:46:47.0953 2240 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/29 08:46:48.0187 2240 IntcAzAudAddService (74b482f8b2a9ebe8473381a7a58f801d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/29 08:46:48.0375 2240 IntcHdmiAddService (331244286fa249f2456e6d78fda4a93e) C:\WINDOWS\system32\drivers\IntcHdmi.sys
2011/07/29 08:46:48.0421 2240 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/29 08:46:48.0453 2240 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/29 08:46:48.0484 2240 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/29 08:46:48.0515 2240 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/29 08:46:48.0562 2240 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/29 08:46:48.0734 2240 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/29 08:46:48.0781 2240 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/29 08:46:48.0812 2240 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/29 08:46:48.0843 2240 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/29 08:46:48.0921 2240 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/29 08:46:49.0078 2240 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/29 08:46:49.0171 2240 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011/07/29 08:46:49.0218 2240 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/07/29 08:46:49.0265 2240 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/29 08:46:49.0328 2240 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/29 08:46:49.0453 2240 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/29 08:46:49.0515 2240 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/29 08:46:49.0546 2240 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/29 08:46:49.0578 2240 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/29 08:46:49.0640 2240 MRxSmb (f9ed0276a9d7f32f7d374d034abe4ee6) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/29 08:46:49.0640 2240 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\mrxsmb.sys. Real md5: f9ed0276a9d7f32f7d374d034abe4ee6, Fake md5: 0dc719e9b15e902346e87e9dcd5751fa
2011/07/29 08:46:49.0656 2240 MRxSmb - detected ForgedFile.Multi.Generic (1)
2011/07/29 08:46:49.0828 2240 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/29 08:46:49.0890 2240 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/29 08:46:49.0890 2240 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/29 08:46:49.0921 2240 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/29 08:46:49.0984 2240 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/29 08:46:50.0015 2240 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/29 08:46:50.0046 2240 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/29 08:46:50.0093 2240 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/29 08:46:50.0265 2240 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/29 08:46:50.0281 2240 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/29 08:46:50.0296 2240 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/29 08:46:50.0328 2240 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/29 08:46:50.0343 2240 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/29 08:46:50.0406 2240 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/29 08:46:50.0421 2240 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/29 08:46:50.0593 2240 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/29 08:46:50.0625 2240 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/29 08:46:50.0671 2240 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/29 08:46:50.0796 2240 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/29 08:46:50.0828 2240 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/29 08:46:50.0921 2240 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/29 08:46:51.0046 2240 O2MDRDR (f1072a203fb1e246be62d736a5b88dfd) C:\WINDOWS\system32\DRIVERS\o2media.sys
2011/07/29 08:46:51.0093 2240 O2SDRDR (5472c48f44b49f07b16b421899e550f8) C:\WINDOWS\system32\DRIVERS\o2sd.sys
2011/07/29 08:46:51.0171 2240 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
2011/07/29 08:46:51.0250 2240 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/29 08:46:51.0328 2240 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/29 08:46:51.0343 2240 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/29 08:46:51.0406 2240 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/29 08:46:51.0421 2240 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/07/29 08:46:51.0578 2240 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/29 08:46:51.0671 2240 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/29 08:46:51.0750 2240 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/29 08:46:51.0796 2240 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/29 08:46:51.0906 2240 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/29 08:46:51.0953 2240 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/29 08:46:52.0046 2240 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/29 08:46:52.0140 2240 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/29 08:46:52.0187 2240 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/29 08:46:52.0203 2240 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/29 08:46:52.0234 2240 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/29 08:46:52.0281 2240 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/29 08:46:52.0406 2240 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/29 08:46:52.0515 2240 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/07/29 08:46:52.0562 2240 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/29 08:46:52.0609 2240 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
2011/07/29 08:46:52.0671 2240 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/29 08:46:52.0828 2240 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/29 08:46:52.0921 2240 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/29 08:46:52.0937 2240 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/29 08:46:52.0984 2240 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/29 08:46:53.0140 2240 StillCam (06cda2a5a549bc455d004461e6bc5b33) C:\WINDOWS\system32\DRIVERS\serscan.sys
2011/07/29 08:46:53.0187 2240 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/29 08:46:53.0234 2240 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/29 08:46:53.0296 2240 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/29 08:46:53.0500 2240 SynTP (0389b6b5ba4bd0ddf9e1744b6adc8c97) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/07/29 08:46:53.0531 2240 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/29 08:46:53.0593 2240 Tcpip (4afb3b0919649f95c1964aa1fad27d73) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/29 08:46:53.0671 2240 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/29 08:46:53.0734 2240 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/29 08:46:53.0781 2240 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/29 08:46:53.0843 2240 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/29 08:46:53.0921 2240 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/29 08:46:53.0984 2240 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/29 08:46:54.0000 2240 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/29 08:46:54.0078 2240 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/29 08:46:54.0156 2240 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/29 08:46:54.0187 2240 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/29 08:46:54.0250 2240 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/29 08:46:54.0312 2240 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/29 08:46:54.0421 2240 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/29 08:46:54.0515 2240 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/29 08:46:54.0546 2240 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/29 08:46:54.0625 2240 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/29 08:46:54.0718 2240 winachsf (9692ab8ba2dcd649a86b1b9b81154278) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/07/29 08:46:54.0906 2240 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/07/29 08:46:54.0984 2240 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/07/29 08:46:55.0015 2240 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/29 08:46:55.0078 2240 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/29 08:46:55.0093 2240 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/29 08:46:55.0156 2240 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
2011/07/29 08:46:55.0281 2240 Boot (0x1200) (bd9f2bb8638a8004196c7214281f1969) \Device\Harddisk0\DR0\Partition0
2011/07/29 08:46:55.0296 2240 ================================================================================
2011/07/29 08:46:55.0296 2240 Scan finished
2011/07/29 08:46:55.0296 2240 ================================================================================
2011/07/29 08:46:55.0312 3352 Detected object count: 1
2011/07/29 08:46:55.0312 3352 Actual detected object count: 1
2011/07/29 08:48:04.0734 3352 ForgedFile.Multi.Generic(MRxSmb) - User select action: Skip

[vyosek]

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

• C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
• Kliknete na Prochazet
• Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
• Kliknete na Send File
• Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
  
• Vysledek analyzy sem vlozte (jako odkaz)

[Petrásek]

Tak jsem klikl na procházet, vložil jsem cestu kterou jste uvedl a klikl na Send file a nic nezměnilo, stále tam mám tu stránku s tou cestou k souboru a procházet.

[vyosek]

Jelikoz nam skenery padaji, budem muset to udelat jinak..

Zvladnete vytvorit boot CD Kasperskyho http://support.kaspersky.com/viruses/rescuedisk

[Petrásek]

Myslím, že by to neměl být problém.
Kterou variantu na té stránce z odkazu mám vybrat?

[vyosek]

Zde link primo na iso soubor http://rescuedisk.kaspersky-labs.com/re ... updatable/

[Petrásek]

OK, děkuji, až ho vypálím, jaký bude dále postup?

[vyosek]

Nabootujete z toho CD a spustite sken

[Petrásek]

Při skenování to něco našlo a ptá se mě to, jestli chci delete nebo skip, mám dát delete?
Našlo to "Backdoor.Win32.ZAccess.dg"

[vyosek]

Delete Kaspersky nemiva falesne detekce

[Petrásek]

Tak test byl dokončen, ale žádný log, to je dobře?
Mám ho restrtovat do nermálního režimu?

[vyosek]

Log se nedela, nasel toho hodne

Ano, nabootujte nyni normalne Vas system a napiste co PC

[Petrásek]

OK, tam je v normálním režimu, už z něj píšu.
Našel toho cca 15 infikovaných souborů, z toho cca 5 druhů Win32.....
Je o poznání rychlejší, ale avast má na ikonce vpravo dole stále na sobě křížek.