pro vyosek

[vajko]

Zdravim Vyosek,

Dakujem za privitanie a promptnu odpoved.

Tu je log z toho bootkitu:

Bootkit Remover
(c) 2009 eSage Lab
www.esagelab.com

Program version: 1.2.0.0
OS Version: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...

[vyosek]

Zdravim a pekny vecer preji

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
• Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
• Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
• Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
• Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
• Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

[vajko]

uspesne prevedene, log je tu:

2011/09/18 18:48:49.0828 0272 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/18 18:48:50.0093 0272 ================================================================================
2011/09/18 18:48:50.0093 0272 SystemInfo:
2011/09/18 18:48:50.0093 0272
2011/09/18 18:48:50.0093 0272 OS Version: 5.1.2600 ServicePack: 3.0
2011/09/18 18:48:50.0093 0272 Product type: Workstation
2011/09/18 18:48:50.0093 0272 ComputerName: DOMA-77B03D6B91
2011/09/18 18:48:50.0093 0272 UserName: Michal
2011/09/18 18:48:50.0093 0272 Windows directory: C:\WINDOWS
2011/09/18 18:48:50.0093 0272 System windows directory: C:\WINDOWS
2011/09/18 18:48:50.0093 0272 Processor architecture: Intel x86
2011/09/18 18:48:50.0093 0272 Number of processors: 2
2011/09/18 18:48:50.0093 0272 Page size: 0x1000
2011/09/18 18:48:50.0093 0272 Boot type: Normal boot
2011/09/18 18:48:50.0093 0272 ================================================================================
2011/09/18 18:48:51.0734 0272 Initialize success
2011/09/18 18:49:01.0843 0920 ================================================================================
2011/09/18 18:49:01.0843 0920 Scan started
2011/09/18 18:49:01.0843 0920 Mode: Manual;
2011/09/18 18:49:01.0843 0920 ================================================================================
2011/09/18 18:49:02.0390 0920 a347bus (61c7faa37417ca5bafa0490a49cc84d6) C:\WINDOWS\system32\DRIVERS\a347bus.sys
2011/09/18 18:49:02.0453 0920 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys
2011/09/18 18:49:02.0515 0920 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/09/18 18:49:02.0656 0920 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/18 18:49:02.0687 0920 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/18 18:49:02.0718 0920 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/18 18:49:02.0765 0920 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/18 18:49:02.0875 0920 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/09/18 18:49:02.0953 0920 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/09/18 18:49:02.0984 0920 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/09/18 18:49:03.0015 0920 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/09/18 18:49:03.0062 0920 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/09/18 18:49:03.0093 0920 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
2011/09/18 18:49:03.0140 0920 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/09/18 18:49:03.0171 0920 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/18 18:49:03.0187 0920 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/18 18:49:03.0359 0920 ati2mtag (97129408c8760f3421c1551ba3f3899d) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/09/18 18:49:03.0484 0920 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/18 18:49:03.0531 0920 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/18 18:49:03.0562 0920 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/18 18:49:03.0609 0920 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/18 18:49:03.0640 0920 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/18 18:49:03.0671 0920 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/18 18:49:03.0703 0920 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/18 18:49:03.0875 0920 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/18 18:49:03.0921 0920 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/18 18:49:03.0968 0920 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/18 18:49:04.0015 0920 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/18 18:49:04.0046 0920 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/18 18:49:04.0125 0920 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/18 18:49:04.0156 0920 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2011/09/18 18:49:04.0234 0920 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/18 18:49:04.0250 0920 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/09/18 18:49:04.0281 0920 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/18 18:49:04.0296 0920 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/09/18 18:49:04.0375 0920 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/18 18:49:04.0500 0920 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/18 18:49:04.0531 0920 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/18 18:49:04.0546 0920 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/18 18:49:04.0593 0920 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/18 18:49:04.0609 0920 HECI (19e26d0402e6d29e67fa74650187567e) C:\WINDOWS\system32\DRIVERS\HECI.sys
2011/09/18 18:49:04.0656 0920 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/18 18:49:04.0718 0920 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/18 18:49:04.0781 0920 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/18 18:49:04.0859 0920 ialm (88164ba0e3fc4172ff3a1bd82b756454) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/09/18 18:49:04.0921 0920 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/18 18:49:04.0984 0920 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/18 18:49:05.0000 0920 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/18 18:49:05.0031 0920 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/18 18:49:05.0046 0920 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/18 18:49:05.0078 0920 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/18 18:49:05.0109 0920 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/18 18:49:05.0125 0920 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/18 18:49:05.0140 0920 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/18 18:49:05.0171 0920 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/18 18:49:05.0203 0920 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/18 18:49:05.0234 0920 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/18 18:49:05.0265 0920 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/18 18:49:05.0328 0920 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/18 18:49:05.0343 0920 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/18 18:49:05.0375 0920 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/18 18:49:05.0421 0920 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/18 18:49:05.0421 0920 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/18 18:49:05.0453 0920 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/18 18:49:05.0515 0920 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/18 18:49:05.0546 0920 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/18 18:49:05.0562 0920 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/18 18:49:05.0578 0920 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/18 18:49:05.0593 0920 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/18 18:49:05.0609 0920 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/18 18:49:05.0625 0920 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/18 18:49:05.0656 0920 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/18 18:49:05.0687 0920 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/18 18:49:05.0718 0920 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/18 18:49:05.0734 0920 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/18 18:49:05.0765 0920 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/18 18:49:05.0796 0920 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/18 18:49:05.0828 0920 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/18 18:49:05.0890 0920 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/09/18 18:49:05.0921 0920 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/09/18 18:49:05.0937 0920 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/18 18:49:05.0968 0920 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/18 18:49:06.0031 0920 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/18 18:49:06.0062 0920 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/18 18:49:06.0078 0920 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/18 18:49:06.0109 0920 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
2011/09/18 18:49:06.0156 0920 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
2011/09/18 18:49:06.0187 0920 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
2011/09/18 18:49:06.0218 0920 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/09/18 18:49:06.0265 0920 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/18 18:49:06.0281 0920 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/18 18:49:06.0328 0920 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/18 18:49:06.0343 0920 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/18 18:49:06.0375 0920 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/18 18:49:06.0406 0920 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/18 18:49:06.0515 0920 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/18 18:49:06.0546 0920 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/18 18:49:06.0562 0920 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/18 18:49:06.0656 0920 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/18 18:49:06.0671 0920 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/18 18:49:06.0687 0920 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/18 18:49:06.0703 0920 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/18 18:49:06.0718 0920 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/18 18:49:06.0750 0920 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/18 18:49:06.0781 0920 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/18 18:49:06.0812 0920 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/18 18:49:06.0859 0920 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/09/18 18:49:06.0906 0920 sea1bus (d2654321192037bae90204e2fa6697ce) C:\WINDOWS\system32\DRIVERS\sea1bus.sys
2011/09/18 18:49:06.0921 0920 sea1mdfl (8146d9ec5142bd364956d3807f09ca9a) C:\WINDOWS\system32\DRIVERS\sea1mdfl.sys
2011/09/18 18:49:06.0953 0920 sea1mdm (afe065da777dc4408c64df5c87472bb9) C:\WINDOWS\system32\DRIVERS\sea1mdm.sys
2011/09/18 18:49:06.0968 0920 sea1mgmt (a0bbd60222ad053d52f3a5c4f79904c7) C:\WINDOWS\system32\DRIVERS\sea1mgmt.sys
2011/09/18 18:49:06.0984 0920 sea1nd5 (6549babfc3362f1621a8c0eff288fb14) C:\WINDOWS\system32\DRIVERS\sea1nd5.sys
2011/09/18 18:49:07.0031 0920 sea1obex (957510ab44e84497733f53322351f6e8) C:\WINDOWS\system32\DRIVERS\sea1obex.sys
2011/09/18 18:49:07.0062 0920 sea1unic (c1517e6a7ce1191ab076472bdf1b0e6e) C:\WINDOWS\system32\DRIVERS\sea1unic.sys
2011/09/18 18:49:07.0093 0920 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/18 18:49:07.0125 0920 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/18 18:49:07.0156 0920 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/18 18:49:07.0203 0920 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/18 18:49:07.0234 0920 sfng32 (5fe18fff6fbcf218290042009eab023d) C:\WINDOWS\system32\drivers\sfng32.sys
2011/09/18 18:49:07.0328 0920 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/18 18:49:07.0375 0920 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\system32\Drivers\sptd.sys
2011/09/18 18:49:07.0390 0920 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2011/09/18 18:49:07.0406 0920 sptd - detected LockedFile.Multi.Generic (1)
2011/09/18 18:49:07.0421 0920 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/18 18:49:07.0500 0920 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
2011/09/18 18:49:07.0562 0920 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/18 18:49:07.0578 0920 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/18 18:49:07.0656 0920 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/18 18:49:07.0703 0920 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/18 18:49:07.0734 0920 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/18 18:49:07.0781 0920 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/18 18:49:07.0796 0920 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/18 18:49:07.0843 0920 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/18 18:49:07.0906 0920 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/18 18:49:07.0953 0920 usbbus (8ef48ff1c23b1ce6f96d09a45959eb20) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
2011/09/18 18:49:08.0015 0920 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/18 18:49:08.0046 0920 UsbDiag (a0e24c5c2d0cff04bbd3753a72fae80b) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
2011/09/18 18:49:08.0109 0920 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/18 18:49:08.0156 0920 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/18 18:49:08.0187 0920 USBModem (cc09a1132b1f6a8362107cc134e90d0b) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
2011/09/18 18:49:08.0234 0920 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/18 18:49:08.0265 0920 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/18 18:49:08.0296 0920 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/18 18:49:08.0328 0920 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/18 18:49:08.0390 0920 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/18 18:49:08.0406 0920 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/18 18:49:08.0453 0920 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/18 18:49:08.0531 0920 MBR (0x1B8) (9c603bc3977968c891de319283e1e7af) \Device\Harddisk0\DR0
2011/09/18 18:49:08.0562 0920 \Device\Harddisk0\DR0 - detected Trojan-Clicker.Win32.Wistler.c (0)
2011/09/18 18:49:08.0562 0920 Boot (0x1200) (ac5de7b30f669e7d526db34446c2ad36) \Device\Harddisk0\DR0\Partition0
2011/09/18 18:49:08.0593 0920 Boot (0x1200) (819cdfa416d02cdaac64058a9f86fcc4) \Device\Harddisk0\DR0\Partition1
2011/09/18 18:49:08.0593 0920 ================================================================================
2011/09/18 18:49:08.0593 0920 Scan finished
2011/09/18 18:49:08.0593 0920 ================================================================================
2011/09/18 18:49:08.0609 2984 Detected object count: 2
2011/09/18 18:49:08.0609 2984 Actual detected object count: 2
2011/09/18 18:49:44.0921 2984 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/09/18 18:49:44.0968 2984 \Device\Harddisk0\DR0 (Trojan-Clicker.Win32.Wistler.c) - will be cured after reboot
2011/09/18 18:49:44.0968 2984 \Device\Harddisk0\DR0 - ok
2011/09/18 18:49:44.0968 2984 Trojan-Clicker.Win32.Wistler.c(\Device\Harddisk0\DR0) - User select action: Cure
2011/09/18 18:49:57.0593 2932 Deinitialize success

[vyosek]

Tak TDSSKiller nam jej polecil, nyni overime

Stahnete SPTD http://www.duplexsecure.com/en/downloads

• Vyberte z uvedene stranky verzi dle sveho operacniho systemu (32(x86)bit ci 64(x64)bit)
• Ulozte na plochu a spustte
• Zvolte moznost Uninstall a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte

Stahnete Defogger http://www.jpshortstuff.247fixes.com/Defogger.exe

• Ulozte na plochu a spustte
• Kliknete na Disable a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte

Stahnete MBR na plochu http://www2.gmer.net/mbr/mbr.exe ale nespoustejte

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

• Vyskoci na Vas okenko, do ktereho zkopirujte text nize

• Kód: Vybrat vše

  "%userprofile%\plocha\mbr" -t -s

• Kliknete na OK
• Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

• Utilitu spustte a prikazte ji, at skenuje - klik na Scan
• Kliknutim na Save log ulozte log aswMBR na plochu
• Obsah logu aswMBR mi sem vlozte

[vajko]

Momentalne nie som na danom pocitaci (je to svokrin pocitac u nej doma). Avastu som zatial zakazal dany problem zobrazovat, a svokre som odporucil zatial nezapinat PC, tak snad sa do zajtra nic nestane. Zajtra okolo obeda tam pojdem a skusim tie tooly ktore ste sem postli.

Zatial Vam dakujem pekne, excelentny pristup! Velmi si to cenim.

[vyosek]

Ok, ja tu zitra budu nakukovat zrejme prubezne cely den...takze pak udelejte ty skeny at overime ci se tam nevratil...

Nemate prozatim zac