Win32/Olmarik.TDL4 trójsky kôň

Zpráva

sawyer25 · #1 Příspěvek od **sawyer25** » 20 říj 2011 00:30

Dobrý večer Eset Nod32 Antivirus mi vyhodil nasledovne :Operačná pamäť - Win32/Olmarik.TDL4 trójsky kôň - nemožno liečiť. Z toho čo som sa dočítal jedná sa o nebezpečnú háveď. Prosím o pomoc.
Prikladám log z RSIT a v dalšom poste log z ComboFix

Logfile of random's system information tool 1.09 (written by random/random)
Run by Brandži at 2011-10-20 01:28:25
Microsoft Windows 7 Professional
System drive C: has 43 GB (43%) free of 100 GB
Total RAM: 1790 MB (42% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HsfXAudioService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe" -service
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c33ca449-fa87-491e-a5fd-bfb800791220 -SystemEventPortName:HostProcess-547fdfe5-81ae-4e6d-b319-a7fac3c7381c -IoCancelEventPortName:HostProcess-89afcc19-f9c3-43b6-98f9-0fdc84579809 -NonStateChangingEventPortName:HostProcess-fb0af79a-dfee-4bdd-b70e-1771943331bc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:70faa054-4839-451c-8d40-85824eb7cdbc
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\Brandži\AppData\Roaming\Dropbox\bin\Dropbox.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
explorer.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2068.c7dafa0.1596075870 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 2068 plugin \\.\pipe\gecko-crash-server-pipe.2068
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe21_ Global\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"D:\Sťahovanie\RSITx64(2).exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\system32\WININET.dll",DispatchAPICall 1

=========Mozilla firefox=========

ProfilePath - C:\Users\Brandži\AppData\Roaming\Mozilla\Firefox\Profiles\zfwz59qo.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files (x86)\Mozilla Firefox\plugins\
npnul32.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 16334368]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1234216]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-04 2919168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"OscarEditor"=C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [2009-12-22 2647040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-12-09 74752]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"380.exe"=C:\Program Files (x86)\Common Files\318D\380.exe []

C:\Users\Brandži\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Brandži\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-10-20 01:11:54 ----D---- C:\Program Files\trend micro
2011-10-20 01:11:51 ----D---- C:\rsit
2011-10-19 22:57:52 ----D---- C:\ProgramData\ESET
2011-10-19 22:57:52 ----D---- C:\Program Files\ESET
2011-10-16 22:07:23 ----A---- C:\Windows\ODBC.INI
2011-10-16 20:59:55 ----D---- C:\Program Files (x86)\CFF72
2011-10-16 20:59:33 ----D---- C:\Users\Brandži\AppData\Roaming\DBECF
2011-10-13 06:40:41 ----A---- C:\Windows\system32\win32k.sys
2011-10-13 06:40:36 ----A---- C:\Windows\system32\ieframe.dll
2011-10-13 06:40:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-13 06:40:31 ----A---- C:\Windows\system32\mshtml.dll
2011-10-13 06:40:29 ----A---- C:\Windows\system32\urlmon.dll
2011-10-13 06:40:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-13 06:40:27 ----A---- C:\Windows\system32\wininet.dll
2011-10-13 06:40:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-13 06:40:25 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-13 06:40:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-10-13 06:40:23 ----A---- C:\Windows\system32\iedkcs32.dll
2011-10-13 06:40:22 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-10-13 06:40:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-10-13 06:40:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-13 06:40:22 ----A---- C:\Windows\system32\mstime.dll
2011-10-13 06:40:22 ----A---- C:\Windows\system32\msfeeds.dll
2011-10-13 06:40:22 ----A---- C:\Windows\system32\ieui.dll
2011-10-13 06:40:22 ----A---- C:\Windows\system32\iertutil.dll
2011-10-13 06:40:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-13 06:40:21 ----A---- C:\Windows\system32\iepeers.dll
2011-10-13 06:40:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-13 06:40:20 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-10-13 06:40:20 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-10-13 06:40:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-13 06:40:20 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-10-13 06:40:20 ----A---- C:\Windows\system32\url.dll
2011-10-13 06:40:20 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-13 06:40:20 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-10-13 06:40:20 ----A---- C:\Windows\system32\licmgr10.dll
2011-10-13 06:40:20 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-13 06:40:19 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-13 06:40:19 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-10-13 06:40:19 ----A---- C:\Windows\system32\msfeedssync.exe
2011-10-13 06:39:28 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-13 06:39:28 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-13 06:39:25 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-13 06:39:25 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-13 06:39:25 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-13 06:39:25 ----A---- C:\Windows\system32\oleacc.dll
2011-10-11 12:18:52 ----D---- C:\ProgramData\Protexis
2011-10-11 12:18:27 ----D---- C:\Users\Brandži\AppData\Roaming\Corel
2011-10-11 12:14:06 ----D---- C:\Program Files (x86)\Microsoft SDKs
2011-10-11 12:14:05 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2011-10-11 12:12:18 ----D---- C:\ProgramData\Corel
2011-10-11 12:07:03 ----D---- C:\Program Files (x86)\Corel
2011-10-11 12:04:54 ----D---- C:\ProgramData\CorelDRAW Graphics Suite X5
2011-10-04 22:52:09 ----D---- C:\Users\Brandži\AppData\Roaming\IGC
2011-10-04 22:51:00 ----N---- C:\Windows\SYSWOW64\unicows.dll
2011-10-04 22:51:00 ----N---- C:\Windows\SYSWOW64\msvcr71.dll
2011-10-04 22:51:00 ----N---- C:\Windows\SYSWOW64\msvcp71.dll
2011-10-04 22:51:00 ----N---- C:\Windows\SYSWOW64\MFC71.dll
2011-10-04 22:50:50 ----D---- C:\Program Files (x86)\IGC
2011-09-29 22:10:44 ----D---- C:\Users\Brandži\AppData\Roaming\vlc
2011-09-29 22:09:46 ----D---- C:\Program Files (x86)\VideoLAN

======List of files/folders modified in the last 1 month======

2011-10-20 01:28:27 ----D---- C:\Windows\Temp
2011-10-20 01:14:35 ----D---- C:\Windows\Prefetch
2011-10-20 01:11:54 ----RD---- C:\Program Files
2011-10-19 23:11:53 ----D---- C:\Windows\system32\config
2011-10-19 23:10:23 ----D---- C:\Users\Brandži\AppData\Roaming\uTorrent
2011-10-19 22:58:56 ----SHD---- C:\Windows\Installer
2011-10-19 22:58:45 ----D---- C:\Windows\system32\drivers
2011-10-19 22:58:44 ----D---- C:\Windows\system32\catroot
2011-10-19 22:58:43 ----D---- C:\Windows\system32\DriverStore
2011-10-19 22:58:43 ----D---- C:\Windows\inf
2011-10-19 22:57:52 ----HD---- C:\ProgramData
2011-10-19 22:57:44 ----SHD---- C:\System Volume Information
2011-10-19 12:36:58 ----D---- C:\Program Files (x86)\Common Files
2011-10-18 18:26:15 ----SD---- C:\Users\Brandži\AppData\Roaming\Microsoft
2011-10-18 13:42:56 ----D---- C:\Windows\System32
2011-10-18 13:42:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-17 20:39:11 ----D---- C:\Windows\Minidump
2011-10-17 20:39:04 ----D---- C:\Windows
2011-10-17 10:52:38 ----D---- C:\Windows\Microsoft.NET
2011-10-17 09:22:45 ----RSD---- C:\Windows\assembly
2011-10-16 22:06:31 ----D---- C:\Windows\SysWOW64
2011-10-16 22:06:28 ----D---- C:\Windows\ShellNew
2011-10-16 22:06:26 ----SD---- C:\ProgramData\Microsoft
2011-10-16 22:06:26 ----D---- C:\Program Files (x86)\Microsoft Office
2011-10-16 22:04:35 ----RD---- C:\Program Files (x86)
2011-10-16 22:04:35 ----D---- C:\Windows\system
2011-10-16 20:59:33 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-16 16:29:07 ----D---- C:\Users\Brandži\AppData\Roaming\Dropbox
2011-10-16 00:00:31 ----D---- C:\Windows\winsxs
2011-10-15 23:58:13 ----D---- C:\Windows\SYSWOW64\migration
2011-10-15 23:58:13 ----D---- C:\Windows\system32\migration
2011-10-15 23:58:13 ----D---- C:\Program Files\Internet Explorer
2011-10-15 17:35:11 ----A---- C:\Windows\system32\MRT.exe
2011-10-15 17:27:15 ----D---- C:\Windows\ehome
2011-10-13 06:39:16 ----D---- C:\Windows\system32\catroot2
2011-10-11 12:17:34 ----D---- C:\ProgramData\Microsoft Help
2011-10-11 12:12:40 ----RSD---- C:\Windows\Fonts
2011-10-04 22:50:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-04 20:00:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-09-26 12:35:07 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-15 834544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-17 17024]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio64.sys [2009-04-29 10240]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-09 1394176]
R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2009-02-12 292864]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2008-10-03 264704]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2009-02-12 1485824]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 324656]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [2009-02-12 740864]
S3 at9rdouq;at9rdouq; C:\Windows\system32\drivers\at9rdouq.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-11-04 810144]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 382496]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 TeamViewer4;TeamViewer 4; C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe [2009-10-07 185640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-04 42360]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1255736]

-----------------EOF-----------------

chodnik74 · #2 Příspěvek od **chodnik74** » 20 říj 2011 05:17

Dobrý den

Malwarebytes' Anti-Malware Obrázek

Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
Vybereme Úplná kontrola a klikneme na tlačítko Prohledat
Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
Objeví se vám log,který mi sem vložte
NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci

Stáhněte si TDSSKiller

Spuste program a klikněte na Start Scan
Pokud program najde infikekci,tak ji bude lecit (Cure), povolte léčení kliknutím na tlačítko Continue
Pokud program najde podezrely soubor (suspicious),bude ho chtít přeskočit (Skip), povolte přeskočení kliknutim na tlačítko Continue
Po dokončení skenování bude možná potřeba restartovat počítač,ten povolíte programu kliknutím na tlačítko Reboot now
Po restartování počítače na vás vyskočí log(pokud se tak nestane,tak ho najdete na disku,kde máte nainstalovaná systém s názvem TDSSKiller.xxxx_log.txt) a vložte mi sem jeho obsah
Pokud nebude program požadovat restartování počítače,klikněte na tlačítko Close a následně na Report , čímž se Vám vytvoří log a jeho obsah mu sem vložte

sawyer25 · #3 Příspěvek od **sawyer25** » 20 říj 2011 06:13

oba programy mi prebehli NTB a tu su logy ... zda sa ale že nič nenašli
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verze databáze: 7622

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

20. 10. 2011 7:03:27
mbam-log-2011-10-20 (07-03-27).txt

Typ: Úplná kontrola (C:\|D:\|E:\|)
Kontrolované objekty: 317645
Uplynulý čas: 35 minut, 51 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

log z tdsskiller:

07:05:18.0907 1664 TDSS rootkit removing tool 2.6.11.0 Oct 19 2011 13:50:27
07:05:19.0001 1664 ============================================================
07:05:19.0001 1664 Current date / time: 2011/10/20 07:05:19.0001
07:05:19.0001 1664 SystemInfo:
07:05:19.0001 1664
07:05:19.0001 1664 OS Version: 6.1.7600 ServicePack: 0.0
07:05:19.0001 1664 Product type: Workstation
07:05:19.0001 1664 ComputerName: BRANDŽI-PC
07:05:19.0001 1664 UserName: Brandži
07:05:19.0001 1664 Windows directory: C:\Windows
07:05:19.0001 1664 System windows directory: C:\Windows
07:05:19.0001 1664 Running under WOW64
07:05:19.0001 1664 Processor architecture: Intel x64
07:05:19.0001 1664 Number of processors: 2
07:05:19.0001 1664 Page size: 0x1000
07:05:19.0001 1664 Boot type: Normal boot
07:05:19.0001 1664 ============================================================
07:05:20.0249 1664 Initialize success
07:05:27.0409 1176 ============================================================
07:05:27.0409 1176 Scan started
07:05:27.0409 1176 Mode: Manual;
07:05:27.0409 1176 ============================================================
07:05:28.0595 1176 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
07:05:28.0595 1176 1394ohci - ok
07:05:28.0657 1176 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
07:05:28.0673 1176 ACPI - ok
07:05:28.0719 1176 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
07:05:28.0719 1176 AcpiPmi - ok
07:05:28.0907 1176 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
07:05:28.0938 1176 adp94xx - ok
07:05:29.0156 1176 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
07:05:29.0156 1176 adpahci - ok
07:05:29.0203 1176 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
07:05:29.0219 1176 adpu320 - ok
07:05:29.0359 1176 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
07:05:29.0390 1176 AFD - ok
07:05:29.0437 1176 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
07:05:29.0437 1176 agp440 - ok
07:05:29.0562 1176 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
07:05:29.0562 1176 aliide - ok
07:05:29.0593 1176 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
07:05:29.0593 1176 amdide - ok
07:05:29.0640 1176 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
07:05:29.0640 1176 AmdK8 - ok
07:05:29.0702 1176 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
07:05:29.0702 1176 AmdPPM - ok
07:05:29.0827 1176 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
07:05:29.0827 1176 amdsata - ok
07:05:29.0874 1176 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
07:05:29.0889 1176 amdsbs - ok
07:05:29.0921 1176 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
07:05:29.0921 1176 amdxata - ok
07:05:29.0999 1176 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
07:05:29.0999 1176 AppID - ok
07:05:30.0123 1176 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
07:05:30.0123 1176 arc - ok
07:05:30.0186 1176 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
07:05:30.0186 1176 arcsas - ok
07:05:30.0264 1176 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
07:05:30.0264 1176 AsyncMac - ok
07:05:30.0326 1176 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
07:05:30.0326 1176 atapi - ok
07:05:30.0435 1176 athr (8c56e93749ba53a4b645963d3439e01e) C:\Windows\system32\DRIVERS\athrx.sys
07:05:30.0482 1176 athr - ok
07:05:30.0623 1176 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
07:05:30.0654 1176 b06bdrv - ok
07:05:30.0732 1176 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
07:05:30.0747 1176 b57nd60a - ok
07:05:30.0810 1176 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
07:05:30.0810 1176 Beep - ok
07:05:30.0903 1176 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
07:05:30.0903 1176 blbdrive - ok
07:05:30.0997 1176 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
07:05:30.0997 1176 bowser - ok
07:05:31.0044 1176 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:05:31.0044 1176 BrFiltLo - ok
07:05:31.0091 1176 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:05:31.0091 1176 BrFiltUp - ok
07:05:31.0184 1176 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
07:05:31.0200 1176 Brserid - ok
07:05:31.0231 1176 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
07:05:31.0231 1176 BrSerWdm - ok
07:05:31.0262 1176 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:05:31.0262 1176 BrUsbMdm - ok
07:05:31.0309 1176 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
07:05:31.0309 1176 BrUsbSer - ok
07:05:31.0371 1176 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
07:05:31.0371 1176 BTHMODEM - ok
07:05:31.0512 1176 catchme - ok
07:05:31.0621 1176 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
07:05:31.0637 1176 CAXHWAZL - ok
07:05:31.0683 1176 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
07:05:31.0683 1176 cdfs - ok
07:05:31.0746 1176 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
07:05:31.0761 1176 cdrom - ok
07:05:31.0871 1176 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
07:05:31.0871 1176 circlass - ok
07:05:31.0933 1176 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
07:05:31.0949 1176 CLFS - ok
07:05:32.0042 1176 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
07:05:32.0042 1176 CmBatt - ok
07:05:32.0136 1176 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
07:05:32.0136 1176 cmdide - ok
07:05:32.0183 1176 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
07:05:32.0214 1176 CNG - ok
07:05:32.0292 1176 CnxtHdAudService (d760753a9b2489a317d722133ce67efc) C:\Windows\system32\drivers\CHDRT64.sys
07:05:32.0307 1176 CnxtHdAudService - ok
07:05:32.0417 1176 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
07:05:32.0417 1176 Compbatt - ok
07:05:32.0463 1176 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
07:05:32.0463 1176 CompositeBus - ok
07:05:32.0526 1176 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
07:05:32.0526 1176 crcdisk - ok
07:05:32.0666 1176 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
07:05:32.0697 1176 CSC - ok
07:05:32.0775 1176 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
07:05:32.0775 1176 DfsC - ok
07:05:32.0822 1176 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
07:05:32.0822 1176 discache - ok
07:05:32.0916 1176 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
07:05:32.0916 1176 Disk - ok
07:05:32.0994 1176 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
07:05:32.0994 1176 drmkaud - ok
07:05:33.0072 1176 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
07:05:33.0119 1176 DXGKrnl - ok
07:05:33.0321 1176 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
07:05:33.0415 1176 ebdrv - ok
07:05:33.0524 1176 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
07:05:33.0540 1176 elxstor - ok
07:05:33.0587 1176 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
07:05:33.0587 1176 ErrDev - ok
07:05:33.0727 1176 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
07:05:33.0727 1176 exfat - ok
07:05:33.0789 1176 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
07:05:33.0805 1176 fastfat - ok
07:05:33.0852 1176 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
07:05:33.0852 1176 fdc - ok
07:05:33.0914 1176 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
07:05:33.0914 1176 FileInfo - ok
07:05:34.0008 1176 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
07:05:34.0023 1176 Filetrace - ok
07:05:34.0039 1176 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
07:05:34.0039 1176 flpydisk - ok
07:05:34.0101 1176 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
07:05:34.0117 1176 FltMgr - ok
07:05:34.0179 1176 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
07:05:34.0179 1176 FsDepends - ok
07:05:34.0289 1176 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
07:05:34.0289 1176 Fs_Rec - ok
07:05:34.0351 1176 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
07:05:34.0367 1176 fvevol - ok
07:05:34.0413 1176 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
07:05:34.0413 1176 gagp30kx - ok
07:05:34.0507 1176 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
07:05:34.0523 1176 hcw85cir - ok
07:05:34.0585 1176 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
07:05:34.0585 1176 HdAudAddService - ok
07:05:34.0616 1176 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:05:34.0616 1176 HDAudBus - ok
07:05:34.0725 1176 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
07:05:34.0725 1176 HidBatt - ok
07:05:34.0757 1176 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
07:05:34.0757 1176 HidBth - ok
07:05:34.0788 1176 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
07:05:34.0803 1176 HidIr - ok
07:05:34.0850 1176 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
07:05:34.0850 1176 HidUsb - ok
07:05:35.0006 1176 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
07:05:35.0006 1176 HpSAMD - ok
07:05:35.0131 1176 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
07:05:35.0178 1176 HSF_DPV - ok
07:05:35.0240 1176 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
07:05:35.0287 1176 HTTP - ok
07:05:35.0365 1176 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
07:05:35.0365 1176 hwpolicy - ok
07:05:35.0412 1176 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
07:05:35.0412 1176 i8042prt - ok
07:05:35.0490 1176 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
07:05:35.0521 1176 iaStorV - ok
07:05:35.0615 1176 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
07:05:35.0615 1176 iirsp - ok
07:05:35.0677 1176 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
07:05:35.0693 1176 intelide - ok
07:05:35.0739 1176 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
07:05:35.0739 1176 intelppm - ok
07:05:35.0771 1176 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:05:35.0786 1176 IpFilterDriver - ok
07:05:35.0802 1176 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
07:05:35.0817 1176 IPMIDRV - ok
07:05:35.0880 1176 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
07:05:35.0895 1176 IPNAT - ok
07:05:35.0958 1176 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
07:05:35.0958 1176 IRENUM - ok
07:05:35.0989 1176 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
07:05:35.0989 1176 isapnp - ok
07:05:36.0036 1176 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
07:05:36.0051 1176 iScsiPrt - ok
07:05:36.0145 1176 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
07:05:36.0145 1176 kbdclass - ok
07:05:36.0223 1176 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
07:05:36.0223 1176 kbdhid - ok
07:05:36.0270 1176 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
07:05:36.0285 1176 KSecDD - ok
07:05:36.0332 1176 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
07:05:36.0332 1176 KSecPkg - ok
07:05:36.0410 1176 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
07:05:36.0426 1176 ksthunk - ok
07:05:36.0535 1176 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
07:05:36.0535 1176 lltdio - ok
07:05:36.0613 1176 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
07:05:36.0613 1176 LSI_FC - ok
07:05:36.0707 1176 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
07:05:36.0707 1176 LSI_SAS - ok
07:05:36.0769 1176 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:05:36.0769 1176 LSI_SAS2 - ok
07:05:36.0847 1176 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:05:36.0863 1176 LSI_SCSI - ok
07:05:36.0909 1176 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
07:05:36.0909 1176 luafv - ok
07:05:37.0019 1176 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
07:05:37.0019 1176 mdmxsdk - ok
07:05:37.0081 1176 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
07:05:37.0097 1176 megasas - ok
07:05:37.0143 1176 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
07:05:37.0143 1176 MegaSR - ok
07:05:37.0237 1176 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
07:05:37.0237 1176 Modem - ok
07:05:37.0299 1176 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
07:05:37.0299 1176 monitor - ok
07:05:37.0362 1176 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
07:05:37.0362 1176 mouclass - ok
07:05:37.0455 1176 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
07:05:37.0455 1176 mouhid - ok
07:05:37.0502 1176 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
07:05:37.0502 1176 mountmgr - ok
07:05:37.0549 1176 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
07:05:37.0565 1176 mpio - ok
07:05:37.0611 1176 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
07:05:37.0611 1176 mpsdrv - ok
07:05:37.0721 1176 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
07:05:37.0721 1176 MRxDAV - ok
07:05:37.0783 1176 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:05:37.0783 1176 mrxsmb - ok
07:05:37.0861 1176 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:05:37.0877 1176 mrxsmb10 - ok
07:05:37.0923 1176 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:05:37.0923 1176 mrxsmb20 - ok
07:05:38.0033 1176 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
07:05:38.0033 1176 msahci - ok
07:05:38.0095 1176 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
07:05:38.0095 1176 msdsm - ok
07:05:38.0157 1176 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
07:05:38.0157 1176 Msfs - ok
07:05:38.0204 1176 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
07:05:38.0204 1176 mshidkmdf - ok
07:05:38.0298 1176 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
07:05:38.0313 1176 msisadrv - ok
07:05:38.0376 1176 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
07:05:38.0376 1176 MSKSSRV - ok
07:05:38.0423 1176 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
07:05:38.0423 1176 MSPCLOCK - ok
07:05:38.0469 1176 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
07:05:38.0469 1176 MSPQM - ok
07:05:38.0579 1176 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
07:05:38.0594 1176 MsRPC - ok
07:05:38.0641 1176 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
07:05:38.0641 1176 mssmbios - ok
07:05:38.0703 1176 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
07:05:38.0703 1176 MSTEE - ok
07:05:38.0735 1176 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
07:05:38.0735 1176 MTConfig - ok
07:05:38.0844 1176 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
07:05:38.0844 1176 Mup - ok
07:05:38.0906 1176 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
07:05:38.0906 1176 NativeWifiP - ok
07:05:39.0015 1176 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
07:05:39.0047 1176 NDIS - ok
07:05:39.0140 1176 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
07:05:39.0140 1176 NdisCap - ok
07:05:39.0187 1176 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
07:05:39.0203 1176 NdisTapi - ok
07:05:39.0234 1176 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
07:05:39.0234 1176 Ndisuio - ok
07:05:39.0281 1176 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
07:05:39.0296 1176 NdisWan - ok
07:05:39.0390 1176 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
07:05:39.0390 1176 NDProxy - ok
07:05:39.0437 1176 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
07:05:39.0437 1176 NetBIOS - ok
07:05:39.0483 1176 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
07:05:39.0483 1176 NetBT - ok
07:05:39.0593 1176 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
07:05:39.0593 1176 nfrd960 - ok
07:05:39.0686 1176 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
07:05:39.0702 1176 Npfs - ok
07:05:39.0733 1176 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
07:05:39.0749 1176 nsiproxy - ok
07:05:39.0858 1176 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
07:05:39.0905 1176 Ntfs - ok
07:05:39.0998 1176 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
07:05:39.0998 1176 Null - ok
07:05:40.0076 1176 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
07:05:40.0092 1176 NVENETFD - ok
07:05:40.0451 1176 nvlddmkm (e63279a205da5c225369770e400904a8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
07:05:40.0778 1176 nvlddmkm - ok
07:05:40.0903 1176 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\Windows\system32\DRIVERS\nvmf6264.sys
07:05:40.0919 1176 NVNET - ok
07:05:40.0981 1176 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
07:05:40.0981 1176 nvraid - ok
07:05:41.0043 1176 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
07:05:41.0043 1176 nvstor - ok
07:05:41.0168 1176 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
07:05:41.0184 1176 nv_agp - ok
07:05:41.0246 1176 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
07:05:41.0246 1176 ohci1394 - ok
07:05:41.0309 1176 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
07:05:41.0309 1176 Parport - ok
07:05:41.0355 1176 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
07:05:41.0355 1176 partmgr - ok
07:05:41.0465 1176 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
07:05:41.0465 1176 pci - ok
07:05:41.0496 1176 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
07:05:41.0496 1176 pciide - ok
07:05:41.0558 1176 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
07:05:41.0558 1176 pcmcia - ok
07:05:41.0589 1176 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
07:05:41.0589 1176 pcw - ok
07:05:41.0699 1176 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
07:05:41.0730 1176 PEAUTH - ok
07:05:41.0855 1176 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
07:05:41.0870 1176 PptpMiniport - ok
07:05:41.0901 1176 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
07:05:41.0901 1176 Processor - ok
07:05:42.0057 1176 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
07:05:42.0057 1176 Psched - ok
07:05:42.0151 1176 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
07:05:42.0198 1176 ql2300 - ok
07:05:42.0245 1176 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
07:05:42.0260 1176 ql40xx - ok
07:05:42.0291 1176 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
07:05:42.0291 1176 QWAVEdrv - ok
07:05:42.0401 1176 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
07:05:42.0401 1176 RasAcd - ok
07:05:42.0463 1176 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:05:42.0463 1176 RasAgileVpn - ok
07:05:42.0510 1176 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:05:42.0510 1176 Rasl2tp - ok
07:05:42.0557 1176 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
07:05:42.0572 1176 RasPppoe - ok
07:05:42.0666 1176 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
07:05:42.0666 1176 RasSstp - ok
07:05:42.0713 1176 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
07:05:42.0728 1176 rdbss - ok
07:05:42.0775 1176 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
07:05:42.0775 1176 rdpbus - ok
07:05:42.0806 1176 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:05:42.0806 1176 RDPCDD - ok
07:05:42.0869 1176 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
07:05:42.0869 1176 RDPDR - ok
07:05:42.0978 1176 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
07:05:42.0978 1176 RDPENCDD - ok
07:05:43.0025 1176 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
07:05:43.0040 1176 RDPREFMP - ok
07:05:43.0071 1176 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
07:05:43.0087 1176 RDPWD - ok
07:05:43.0134 1176 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
07:05:43.0149 1176 rdyboost - ok
07:05:43.0274 1176 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
07:05:43.0274 1176 rspndr - ok
07:05:43.0337 1176 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
07:05:43.0337 1176 s3cap - ok
07:05:43.0399 1176 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
07:05:43.0415 1176 sbp2port - ok
07:05:43.0461 1176 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
07:05:43.0461 1176 scfilter - ok
07:05:43.0571 1176 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
07:05:43.0571 1176 secdrv - ok
07:05:43.0633 1176 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
07:05:43.0633 1176 Serenum - ok
07:05:43.0680 1176 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
07:05:43.0695 1176 Serial - ok
07:05:43.0727 1176 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
07:05:43.0727 1176 sermouse - ok
07:05:43.0789 1176 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
07:05:43.0789 1176 sffdisk - ok
07:05:43.0867 1176 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
07:05:43.0867 1176 sffp_mmc - ok
07:05:43.0898 1176 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
07:05:43.0898 1176 sffp_sd - ok
07:05:43.0945 1176 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
07:05:43.0945 1176 sfloppy - ok
07:05:44.0023 1176 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:05:44.0023 1176 SiSRaid2 - ok
07:05:44.0117 1176 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
07:05:44.0117 1176 SiSRaid4 - ok
07:05:44.0179 1176 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
07:05:44.0179 1176 Smb - ok
07:05:44.0241 1176 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
07:05:44.0257 1176 spldr - ok
07:05:44.0429 1176 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
07:05:44.0429 1176 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
07:05:44.0429 1176 sptd ( LockedFile.Multi.Generic ) - warning
07:05:44.0429 1176 sptd - detected LockedFile.Multi.Generic (1)
07:05:44.0522 1176 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
07:05:44.0538 1176 srv - ok
07:05:44.0647 1176 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
07:05:44.0663 1176 srv2 - ok
07:05:44.0741 1176 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
07:05:44.0756 1176 SrvHsfHDA - ok
07:05:44.0850 1176 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
07:05:44.0897 1176 SrvHsfV92 - ok
07:05:44.0975 1176 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
07:05:45.0006 1176 SrvHsfWinac - ok
07:05:45.0099 1176 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
07:05:45.0099 1176 srvnet - ok
07:05:45.0162 1176 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
07:05:45.0177 1176 stexstor - ok
07:05:45.0271 1176 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
07:05:45.0271 1176 storflt - ok
07:05:45.0349 1176 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
07:05:45.0349 1176 storvsc - ok
07:05:45.0380 1176 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
07:05:45.0380 1176 swenum - ok
07:05:45.0489 1176 SynTP (c52b05821884f9a0ebee38c45dbd73cd) C:\Windows\system32\DRIVERS\SynTP.sys
07:05:45.0505 1176 SynTP - ok
07:05:45.0661 1176 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
07:05:45.0708 1176 Tcpip - ok
07:05:45.0848 1176 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
07:05:45.0864 1176 TCPIP6 - ok
07:05:45.0926 1176 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
07:05:45.0926 1176 tcpipreg - ok
07:05:45.0973 1176 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
07:05:45.0973 1176 TDPIPE - ok
07:05:46.0020 1176 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
07:05:46.0020 1176 TDTCP - ok
07:05:46.0098 1176 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
07:05:46.0098 1176 tdx - ok
07:05:46.0176 1176 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
07:05:46.0191 1176 TermDD - ok
07:05:46.0269 1176 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:05:46.0269 1176 tssecsrv - ok
07:05:46.0347 1176 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
07:05:46.0347 1176 tunnel - ok
07:05:46.0394 1176 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
07:05:46.0394 1176 uagp35 - ok
07:05:46.0457 1176 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
07:05:46.0472 1176 udfs - ok
07:05:46.0566 1176 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
07:05:46.0566 1176 uliagpkx - ok
07:05:46.0628 1176 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
07:05:46.0644 1176 umbus - ok
07:05:46.0691 1176 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
07:05:46.0691 1176 UmPass - ok
07:05:46.0769 1176 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
07:05:46.0784 1176 usbccgp - ok
07:05:46.0862 1176 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
07:05:46.0862 1176 usbcir - ok
07:05:46.0925 1176 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
07:05:46.0925 1176 usbehci - ok
07:05:47.0018 1176 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
07:05:47.0018 1176 usbhub - ok
07:05:47.0096 1176 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
07:05:47.0096 1176 usbohci - ok
07:05:47.0159 1176 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
07:05:47.0159 1176 usbprint - ok
07:05:47.0221 1176 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:05:47.0221 1176 USBSTOR - ok
07:05:47.0283 1176 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
07:05:47.0299 1176 usbuhci - ok
07:05:47.0408 1176 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
07:05:47.0408 1176 usbvideo - ok
07:05:47.0471 1176 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
07:05:47.0486 1176 vdrvroot - ok
07:05:47.0549 1176 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
07:05:47.0549 1176 vga - ok
07:05:47.0580 1176 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
07:05:47.0580 1176 VgaSave - ok
07:05:47.0658 1176 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
07:05:47.0673 1176 vhdmp - ok
07:05:47.0705 1176 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
07:05:47.0720 1176 viaide - ok
07:05:47.0783 1176 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
07:05:47.0783 1176 vmbus - ok
07:05:47.0845 1176 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
07:05:47.0845 1176 VMBusHID - ok
07:05:47.0939 1176 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
07:05:47.0939 1176 volmgr - ok
07:05:47.0985 1176 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
07:05:47.0985 1176 volmgrx - ok
07:05:48.0048 1176 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
07:05:48.0063 1176 volsnap - ok
07:05:48.0141 1176 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
07:05:48.0141 1176 vsmraid - ok
07:05:48.0235 1176 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
07:05:48.0235 1176 vwifibus - ok
07:05:48.0282 1176 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
07:05:48.0297 1176 vwififlt - ok
07:05:48.0344 1176 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
07:05:48.0344 1176 WacomPen - ok
07:05:48.0407 1176 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
07:05:48.0407 1176 WANARP - ok
07:05:48.0407 1176 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
07:05:48.0422 1176 Wanarpv6 - ok
07:05:48.0547 1176 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
07:05:48.0547 1176 Wd - ok
07:05:48.0625 1176 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
07:05:48.0641 1176 Wdf01000 - ok
07:05:48.0734 1176 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
07:05:48.0734 1176 WfpLwf - ok
07:05:48.0781 1176 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
07:05:48.0781 1176 WIMMount - ok
07:05:48.0875 1176 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
07:05:48.0906 1176 winachsf - ok
07:05:49.0015 1176 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
07:05:49.0015 1176 WinUsb - ok
07:05:49.0093 1176 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
07:05:49.0093 1176 WmiAcpi - ok
07:05:49.0218 1176 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
07:05:49.0218 1176 ws2ifsl - ok
07:05:49.0296 1176 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
07:05:49.0296 1176 WudfPf - ok
07:05:49.0358 1176 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:05:49.0358 1176 WUDFRd - ok
07:05:49.0421 1176 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
07:05:49.0421 1176 XAudio - ok
07:05:49.0467 1176 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
07:05:49.0483 1176 \Device\Harddisk0\DR0 - ok
07:05:49.0483 1176 Boot (0x1200) (dab84794ba51d1f1281e636fef518dcf) \Device\Harddisk0\DR0\Partition0
07:05:49.0499 1176 \Device\Harddisk0\DR0\Partition0 - ok
07:05:49.0514 1176 Boot (0x1200) (0665678ba0a80b4be678ff367b9de04b) \Device\Harddisk0\DR0\Partition1
07:05:49.0514 1176 \Device\Harddisk0\DR0\Partition1 - ok
07:05:49.0530 1176 Boot (0x1200) (f20dc54206da5d481f1d34a181a50466) \Device\Harddisk0\DR0\Partition2
07:05:49.0530 1176 \Device\Harddisk0\DR0\Partition2 - ok
07:05:49.0561 1176 Boot (0x1200) (cb74a47b8c4bf0fa9e207aa3d6dc77dd) \Device\Harddisk0\DR0\Partition3
07:05:49.0561 1176 \Device\Harddisk0\DR0\Partition3 - ok
07:05:49.0561 1176 ============================================================
07:05:49.0561 1176 Scan finished
07:05:49.0561 1176 ============================================================
07:05:49.0592 2752 Detected object count: 1
07:05:49.0592 2752 Actual detected object count: 1
07:06:02.0431 2752 sptd ( LockedFile.Multi.Generic ) - skipped by user
07:06:02.0431 2752 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

chodnik74 · #4 Příspěvek od **chodnik74** » 20 říj 2011 06:46

Ověřte tento soubor na VIRUSTOTAL Obrázek

klikneme na "Procházet" a do zadávacího pole "Název souboru" jen zkopírujeme(pokud nepůjde tak najdeme tento soubor):
Kód: Vybrat vše
```
C:\Program Files (x86)\Common Files\318D\380.exe
```
soubor odešleme tak,že klikneme na "Send file" (pokud byl již testován, nechte testovat znovu - Reanalyse)
Trpělivě vyčkej dokončení scanu dokud se neobjeví konečný výsledek např.0/41
Do fóra zkopíruj výsledný log. nebo odkaz z adresního řádku na stránku.

Stáhněte SPTD

Vyberte si verzi svého operačního systému,jestli máte 32 bitů nebo 64 bitů
Stáhněte si program na plochu a spuste
Zvolte možnost Uninstall,poté restartujte PC (Kdyby nešlo na tlačítko Uninstall kliknou a bylo šedé,tak tento krok přeskočte

Stáhněte Defogger

Stáhněte si program a uložte na plochu
Spuste program
Kliknete na tlačítko Disable,poté restartujte PC(Kdyby nešlo na tlačítko Disable kliknou a bylo šedé,tak tento krok přeskočte

Stáhněte MBR

Přesuňte soubor mbr.exe na vaši Plochu
Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: %userprofile%\plocha\mbr" -t -s a dejte enter
Na Ploše se Vám vytvoří log s názvem mbr.txt a jeho obsah mi sem vložte

sawyer25 · #5 Příspěvek od **sawyer25** » 20 říj 2011 06:58

Ďakujem určite to urobím, avšak bohužial na predmetnom NTB nebudem mať prístup na net až do zajtra večera.

chodnik74 · #6 Příspěvek od **chodnik74** » 20 říj 2011 07:01

V pořádku, až u něho budete, tak budete

sawyer25 · #7 Příspěvek od **sawyer25** » 20 říj 2011 14:43

Predsa len som sa dostal k internetu, otvoril som subor na VirusTotal - prechadzat - skopiroval som nazov suboru no vypisalo mi 380.exe tento subor nebyl nalezen, tak som to skusil rucne ale zložka C:\Program Files (x86)\Common Files\318D je prázdna (zobrazenie skrytych systemovych suborov mam zapnute) co teraz?

chodnik74 · #8 Příspěvek od **chodnik74** » 20 říj 2011 14:49

Přeskočte tento krok

sawyer25 · #9 Příspěvek od **sawyer25** » 20 říj 2011 16:30

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Neplatný popisovač.
kernel: error reading MBR

spravil som všetko podľa postupu no nevyzerá to ako by malo

chodnik74 · #10 Příspěvek od **chodnik74** » 21 říj 2011 11:14

Vždyť já jsem pako

vy máte windows 7 , omlouvám se. Na tomto OS nefunguje tato utilita jak by měla

Udělejte mi log z gmeru dle návodu: http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

sawyer25 · #11 Příspěvek od **sawyer25** » 21 říj 2011 16:48

Dnes ráno mi bohuzial system "umrel"

tj totalne krachol nesiel spustit v normalnom ani v nudzovom rezime a volba oprava systemu taktiez nepomohla, nakolko som spravil zalohu vsetkych potrebnych dat skor ako sme tento problem zacali riesit, rozhodol som sa pre reinstal Win7 ... po reinštalácii som nainstaloval AV eset nod 32 - 5 a kontrola nenasla ziadne infiltracie, ani Malwarebytes nic nenasiel.... chcel by som vediet ci som sa teda tejto havede zbavil

... resp ako mam postupovat aby som si bol isty

chodnik74 · #12 Příspěvek od **chodnik74** » 21 říj 2011 19:00

Ou.. tak to je špatné co se stalo.. udělejte mi log z gmeru na novém OS

sawyer25 · #13 Příspěvek od **sawyer25** » 21 říj 2011 19:46

tu je log s Gmera

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-21 20:44:57
Windows 6.1.7600
Running: gmer.exe

---- Files - GMER 1.0.15 ----

File C:\Windows\System32\catroot\TMPE85B.tmp 0 bytes
File C:\Windows\System32\catroot2\edb002E5.log 65536 bytes
File C:\Windows\System32\catroot2\edb002E6.log 65536 bytes
File C:\Windows\System32\catroot2\edb002E7.log 65536 bytes
File C:\Windows\System32\catroot2\edb002E8.log 65536 bytes
File C:\Windows\System32\catroot2\edb002E9.log 65536 bytes
File C:\Windows\System32\catroot2\edb002EA.log 65536 bytes
File C:\Windows\System32\catroot2\edb002EB.log 65536 bytes
File C:\Windows\System32\catroot2\edb002EC.log 65536 bytes
File C:\Windows\System32\catroot2\edb002ED.log 65536 bytes
File C:\Windows\System32\catroot2\edb002EE.log 65536 bytes
File C:\Windows\System32\catroot2\edb002EF.log 65536 bytes
File C:\Windows\System32\catroot2\edb002F0.log 65536 bytes
File C:\Windows\System32\catroot2\edb002F1.log 65536 bytes
File C:\Windows\System32\catroot2\edb002F2.log 65536 bytes
File C:\Windows\System32\catroot2\edb002F3.log 65536 bytes
File C:\Windows\System32\catroot2\edb002F4.log 65536 bytes
File C:\Windows\System32\catroot2\edb002F5.log 65536 bytes
File C:\Windows\System32\catroot2\edb002F7.log 65536 bytes
File C:\Windows\System32\catroot2\edb002F8.log 65536 bytes
File C:\Windows\System32\catroot2\edb002F9.log 65536 bytes
File C:\Windows\System32\catroot2\edb002FA.log 65536 bytes
File C:\Windows\System32\catroot2\edb002FB.log 65536 bytes
File C:\Windows\System32\catroot2\edb002FC.log 65536 bytes
File C:\Windows\System32\catroot2\edb002FD.log 65536 bytes
File C:\Windows\System32\catroot2\edb002FE.log 65536 bytes
File C:\Windows\System32\catroot2\edb002FF.log 65536 bytes
File C:\Windows\System32\catroot2\edb00300.log 65536 bytes
File C:\Windows\System32\catroot2\edb00301.log 65536 bytes
File C:\Windows\System32\catroot2\edb00302.log 65536 bytes
File C:\Windows\System32\catroot2\edb00303.log 65536 bytes
File C:\Windows\System32\catroot2\edb00304.log 65536 bytes
File C:\Windows\System32\catroot2\edb00305.log 65536 bytes
File C:\Windows\System32\catroot2\edb00306.log 65536 bytes
File C:\Windows\System32\catroot2\edb00307.log 65536 bytes
File C:\Windows\System32\catroot2\edb00309.log 65536 bytes
File C:\Windows\System32\catroot2\edb0030A.log 65536 bytes
File C:\Windows\System32\catroot2\edb0030B.log 65536 bytes
File C:\Windows\System32\catroot2\edb0030C.log 65536 bytes
File C:\Windows\System32\catroot2\edb0030D.log 65536 bytes
File C:\Windows\System32\catroot2\edb0030E.log 65536 bytes
File C:\Windows\System32\catroot2\edb0030F.log 65536 bytes
File C:\Windows\System32\catroot2\edb00310.log 65536 bytes
File C:\Windows\System32\catroot2\edb00311.log 65536 bytes
File C:\Windows\System32\catroot2\edb00312.log 65536 bytes
File C:\Windows\System32\catroot2\edb00313.log 65536 bytes
File C:\Windows\System32\catroot2\edb00314.log 65536 bytes
File C:\Windows\System32\catroot2\edb00315.log 65536 bytes
File C:\Windows\System32\catroot2\edb00316.log 65536 bytes
File C:\Windows\System32\catroot2\edb00317.log 65536 bytes
File C:\Windows\System32\catroot2\edb00318.log 65536 bytes
File C:\Windows\System32\catroot2\edb00319.log 65536 bytes
File C:\Windows\System32\catroot2\edb002E4.log 65536 bytes
File C:\Windows\System32\catroot2\edb002F6.log 65536 bytes
File C:\Windows\System32\catroot2\edb00308.log 65536 bytes
File C:\Windows\System32\catroot2\edb0031A.log 65536 bytes
File C:\Windows\Temp\TMP00000212DB55FB0A04589E2B 524288 bytes

---- EOF - GMER 1.0.15 ----

chodnik74 · #14 Příspěvek od **chodnik74** » 21 říj 2011 19:54

Poprosím i o ten druhý, delší log

sawyer25 · #15 Příspěvek od **sawyer25** » 21 říj 2011 19:58

prvy log co sa mal vytvorit po spustení programu je po ulození prazdny (a ani v okne programu nie je ziadny vypis) a tento log co som poslal v predchadzajucom poste je ten druhy ktory prebehol po spusteni SCAN ... musim ale povedat ze neviem zaskrtnut vsetky moznosti na pravo vsetko okrem services, registy a files je sede

VIRY.CZ

Win32/Olmarik.TDL4 trójsky kôň

Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň

Re: Win32/Olmarik.TDL4 trójsky kôň