Rootkit, prosím o pomoc!

[Mine.]

Byl jsem hloupý a otevřel jsem přílohu v emailu, najednou avast! začal hlásit v souboru Evo-Gen, dal jsem přerušit spojení. Za chviličku na to probliklo pár hlášek o nálezech viru v System, ale hned zase zmizely a v historii jsem je nenašel. TDSSKiller našel pár souborů, připojím, dal jsem Quarantine, ale objevily se tam zase, nakonec se mi to povedlo, ale jedna věc pořád smazat nejde, nevím, kterou mám zvolit možnost, restore mi hází hlášku, vše jsem vyfotil. Prosím o pomoc.

[Mine.]

Obrázek.

[vyosek]

Zdravim

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe

• Ulozte nejlepe na plochu
• Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Report
• Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbar
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

[Mine.]

Ještě přikládám logy, omlouvám se, že až teď.

[Mine.]

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 8  (64 bit)
PROCESSOR      : AMD64 Family 21 Model 2 Stepping 0, AuthenticAMD
BOOT           : Normal Boot
DATE           : 2015/07/15 (ISO 8601) at 06:17:11
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __WDC WD10EZEX-00BN5A0 (01.01A01)
BUS_TYPE       : (0x0B)  S-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR1 __WDC WD10EZRX-00A8LB0 (01.01A01)
BUS_TYPE       : (0x0B)  S-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk2\DR2 __ST950032 5AS (0002)
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 512 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	931.5 Go  [Fixed] ==> 7 MBR Code

MBR_MD5   : DDBF468157EB827C23D94C23583E628B
MBR_SHA1  : B027C06E950DDB970A4B0272CC769C3C38081156

Device\Harddisk0\Partition1	350.0 Mo  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	931.2 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk1\DR1	931.5 Go  [Fixed] ==> Unknown MBR Code

MBR_MD5   : 117977C113770488600DC435AD9C151B
MBR_SHA1  : E9E7ADA2946508F4CCB4A952C504D0409AEB8412

Device\Harddisk1\Partition1	931.5 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk2\DR2	465.8 Go  [Fixed] ==> Unknown MBR Code ....

MBR_MD5   : 68DC2B3949E5659BEE57BFF983A95348
MBR_SHA1  : E762E37509B31B78B08CFE2CE8484FBD83B1953D

Device\Harddisk2\Partition1	465.8 Go  	0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\WINDOWS\system32\ntoskrnl.exe => Invisible on the disk
ADDRESS : 0xD3814000
SIZE    : 7.58 Mo

DRIVER  : C:\WINDOWS\system32\hal.dll => Invisible on the disk
ADDRESS : 0xD3FA8000
SIZE    : 448.0 Ko

DRIVER  : C:\WINDOWS\system32\kd.dll => Invisible on the disk
ADDRESS : 0xD2796000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\system32\mcupdate_AuthenticAMD.dll => Invisible on the disk
ADDRESS : 0x1FE83000
SIZE    : 108.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\werkernel.sys => Invisible on the disk
ADDRESS : 0x1FE9E000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CLFS.SYS => Invisible on the disk
ADDRESS : 0x1FEAC000
SIZE    : 392.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tm.sys => Invisible on the disk
ADDRESS : 0x1FF0E000
SIZE    : 136.0 Ko

DRIVER  : C:\WINDOWS\system32\CI.dll => Invisible on the disk
ADDRESS : 0x1FF4F000
SIZE    : 544.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x1FE00000
SIZE    : 372.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x20003000
SIZE    : 828.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x200D2000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\acpiex.sys => Invisible on the disk
ADDRESS : 0x200E3000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\WppRecorder.sys => Invisible on the disk
ADDRESS : 0x200FB000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x20106000
SIZE    : 544.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x2018E000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x2027B000
SIZE    : 556.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x20306000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x20310000
SIZE    : 288.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x20358000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\pdc.sys => Invisible on the disk
ADDRESS : 0x20365000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x20381000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\spaceport.sys => Invisible on the disk
ADDRESS : 0x20200000
SIZE    : 420.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x20399000
SIZE    : 84.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x20198000
SIZE    : 380.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x203AE000
SIZE    : 108.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\storahci.sys => Invisible on the disk
ADDRESS : 0x203C9000
SIZE    : 116.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\storport.sys => Invisible on the disk
ADDRESS : 0x20470000
SIZE    : 376.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x204E8000
SIZE    : 368.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x20544000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Wof.sys => Invisible on the disk
ADDRESS : 0x2055A000
SIZE    : 172.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x20651000
SIZE    : 1.98 Mo

DRIVER  : C:\WINDOWS\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x2084B000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x20867000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x20877000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x20882000
SIZE    : 1.09 Mo

DRIVER  : C:\WINDOWS\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x20585000
SIZE    : 480.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x20999000
SIZE    : 196.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x20A51000
SIZE    : 2.42 Mo

DRIVER  : C:\WINDOWS\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x20CBD000
SIZE    : 432.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\wfplwfs.sys => Invisible on the disk
ADDRESS : 0x20D29000
SIZE    : 148.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x20D4E000
SIZE    : 596.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x20A00000
SIZE    : 316.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys => Invisible on the disk
ADDRESS : 0x20DE3000
SIZE    : 32.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x20600000
SIZE    : 280.0 Ko

DRIVER  : C:\WINDOWS\system32\pwdrvio.sys => Invisible on the disk
ADDRESS : 0x20DEB000
SIZE    : 32.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\ngvss.sys => Invisible on the disk
ADDRESS : 0x209CA000
SIZE    : 120.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x209E8000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\intelpep.sys => Invisible on the disk
ADDRESS : 0x20400000
SIZE    : 60.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x2040F000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x20EF5000
SIZE    : 344.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\aswVmm.sys => Invisible on the disk
ADDRESS : 0x20F4B000
SIZE    : 276.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\aswRvrt.sys => Invisible on the disk
ADDRESS : 0x20F90000
SIZE    : 76.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x20FA3000
SIZE    : 84.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\cmderd.sys => Invisible on the disk
ADDRESS : 0x20FF7000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\cdrom.sys => Invisible on the disk
ADDRESS : 0x20E00000
SIZE    : 184.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\aswSnx.sys => Invisible on the disk
ADDRESS : 0x212F4000
SIZE    : 1.02 Mo

DRIVER  : C:\WINDOWS\system32\DRIVERS\epp64.sys => Invisible on the disk
ADDRESS : 0x21200000
SIZE    : 144.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\cmdguard.sys => Invisible on the disk
ADDRESS : 0x214E2000
SIZE    : 848.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\aswSP.sys => Invisible on the disk
ADDRESS : 0x21400000
SIZE    : 468.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x21475000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\beep.sys => Invisible on the disk
ADDRESS : 0x2147E000
SIZE    : 32.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\RegHiveRecovery.sys => Invisible on the disk
ADDRESS : 0x21486000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BasicRender.sys => Invisible on the disk
ADDRESS : 0x21496000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x216F3000
SIZE    : 1.50 Mo

DRIVER  : C:\WINDOWS\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x21873000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x21885000
SIZE    : 396.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BasicDisplay.sys => Invisible on the disk
ADDRESS : 0x218E8000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x218FA000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x2190E000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x2191A000
SIZE    : 128.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x2193A000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x21948000
SIZE    : 304.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\cmdhlp.sys => Invisible on the disk
ADDRESS : 0x21994000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\aswRdr2.sys => Invisible on the disk
ADDRESS : 0x219A0000
SIZE    : 104.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x21600000
SIZE    : 584.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x21692000
SIZE    : 168.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\inspect.sys => Invisible on the disk
ADDRESS : 0x216BC000
SIZE    : 132.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x216DD000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x21224000
SIZE    : 448.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x20E2E000
SIZE    : 568.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\truecrypt.sys => Invisible on the disk
ADDRESS : 0x219BA000
SIZE    : 260.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x214A4000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\npsvctrig.sys => Invisible on the disk
ADDRESS : 0x214B2000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x214BE000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x215B6000
SIZE    : 152.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\appdrv01.sys => Invisible on the disk
ADDRESS : 0x21A58000
SIZE    : 2.61 Mo

DRIVER  : C:\WINDOWS\system32\DRIVERS\ahcache.sys => Invisible on the disk
ADDRESS : 0x21CF3000
SIZE    : 100.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\Hamdrv.sys => Invisible on the disk
ADDRESS : 0x21D0C000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x21D1A000
SIZE    : 60.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\kdnic.sys => Invisible on the disk
ADDRESS : 0x21D29000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x21D34000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\atikmpag.sys => Invisible on the disk
ADDRESS : 0x21D45000
SIZE    : 600.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\atikmdag.sys => Invisible on the disk
ADDRESS : 0x21EC7000
SIZE    : 18.52 Mo

DRIVER  : C:\WINDOWS\System32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x23155000
SIZE    : 100.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\Rt630x64.sys => Invisible on the disk
ADDRESS : 0x232CC000
SIZE    : 872.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBXHCI.SYS => Invisible on the disk
ADDRESS : 0x233A6000
SIZE    : 340.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ucx01000.sys => Invisible on the disk
ADDRESS : 0x23200000
SIZE    : 200.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbohci.sys => Invisible on the disk
ADDRESS : 0x23244000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x23251000
SIZE    : 444.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\usbfilter.sys => Invisible on the disk
ADDRESS : 0x23232000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x2316E000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\serial.sys => Invisible on the disk
ADDRESS : 0x23186000
SIZE    : 104.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\serenum.sys => Invisible on the disk
ADDRESS : 0x231A0000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x232C0000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\amdppm.sys => Invisible on the disk
ADDRESS : 0x231AD000
SIZE    : 120.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\NdisVirtualBus.sys => Invisible on the disk
ADDRESS : 0x231CB000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x232CA000
SIZE    : 8.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x21E00000
SIZE    : 312.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\rdpbus.sys => Invisible on the disk
ADDRESS : 0x21E4E000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbhub.sys => Invisible on the disk
ADDRESS : 0x21E59000
SIZE    : 424.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBD.SYS => Invisible on the disk
ADDRESS : 0x231D6000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\AtihdWB6.sys => Invisible on the disk
ADDRESS : 0x231E2000
SIZE    : 120.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x21A00000
SIZE    : 284.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x21DDB000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x2314B000
SIZE    : 24.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\UsbHub3.sys => Invisible on the disk
ADDRESS : 0x23480000
SIZE    : 480.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x23608000
SIZE    : 4.51 Mo

DRIVER  : C:\WINDOWS\System32\drivers\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0x23A8B000
SIZE    : 152.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbccgp.sys => Invisible on the disk
ADDRESS : 0x23AB1000
SIZE    : 156.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\hidusb.sys => Invisible on the disk
ADDRESS : 0x23AD8000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x23AE6000
SIZE    : 124.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x23B05000
SIZE    : 32.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mouhid.sys => Invisible on the disk
ADDRESS : 0x23B0D000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0x23B1A000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\kbdhid.sys => Invisible on the disk
ADDRESS : 0x23B2A000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0x23B38000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\cdfs.sys => Invisible on the disk
ADDRESS : 0x23B4A000
SIZE    : 108.0 Ko

DRIVER  : C:\WINDOWS\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x001D4000
SIZE    : 4.09 Mo

DRIVER  : C:\WINDOWS\System32\Drivers\dump_diskdump.sys => Invisible on the disk
ADDRESS : 0x23B65000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_storahci.sys => Invisible on the disk
ADDRESS : 0x23B71000
SIZE    : 116.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x23B8E000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\monitor.sys => Invisible on the disk
ADDRESS : 0x23BA4000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x006A0000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x0080B000
SIZE    : 232.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x23BB2000
SIZE    : 144.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\aswMonFlt.sys => Invisible on the disk
ADDRESS : 0x23BD6000
SIZE    : 144.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\mbam.sys => Invisible on the disk
ADDRESS : 0x234F8000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\aswStm.sys => Invisible on the disk
ADDRESS : 0x23502000
SIZE    : 156.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x23529000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x2353D000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x24092000
SIZE    : 1000.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x2418C000
SIZE    : 128.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x241AC000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x24000000
SIZE    : 432.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x241C3000
SIZE    : 224.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\aswHwid.sys => Invisible on the disk
ADDRESS : 0x2406C000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x23400000
SIZE    : 304.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\Ndu.sys => Invisible on the disk
ADDRESS : 0x2344C000
SIZE    : 116.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x242D9000
SIZE    : 676.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x24382000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x2438D000
SIZE    : 268.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x243D0000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x244A4000
SIZE    : 692.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x24551000
SIZE    : 568.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x24400000
SIZE    : 180.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\condrv.sys => Invisible on the disk
ADDRESS : 0x2442D000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mslldp.sys => Invisible on the disk
ADDRESS : 0x2443D000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x245DF000
SIZE    : 132.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x24453000
SIZE    : 244.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WpdUpFltr.sys => Invisible on the disk
ADDRESS : 0x24490000
SIZE    : 44.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN  USEPLATFORMCLOCK

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 78 6E B8 E3 00 00 80 20   em...c{.xn¸ã... 
0x000001C0   21 00 07 BE 12 2C 00 08 00 00 00 F0 0A 00 00 BE   !..¾.,.....ð...¾
0x000001D0   13 2C 07 FE FF FF 00 F8 0A 00 00 68 65 74 00 00   .,.þ...ø...het..
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR1  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 07 BA F7 B7 00 00 00 FE   .........º÷·...þ
0x000001C0   FF FF 07 FE FF FF 02 00 00 00 AE 6D 70 74 00 00   ...þ......®mpt..
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk2\DR2  

0x00000000   41 4B 45 4F FC 31 C0 FA 8E D0 BC 00 7C FB 89 E6   AKEOü1Àú.м.|û.æ
0x00000010   89 E7 1E 06 8E D8 BB 13 04 8B 07 48 89 07 C1 E0   .ç...Ø»....H..Áà
0x00000020   06 2D C0 07 8E C0 B9 00 02 F3 A4 50 68 30 7C CB   .-À..À¹..ó¤Ph0|Ë
0x00000030   8E D8 66 31 DB 8E C3 41 BA 81 00 E8 89 00 72 6D   .Øf1Û.ÃAº..è..rm
0x00000040   BB BE 7D B9 04 00 26 80 3F 00 7C 09 75 05 83 C3   »¾}¹..&.?.|.u..Ã
0x00000050   10 E2 F3 EB 58 BE 94 7D E8 DA 00 E8 CA 00 BA 5A   .âóëX¾.}èÚ.èÊ.ºZ
0x00000060   7D BE 6E 7D E8 A0 00 B4 01 CD 16 75 3D B4 02 CD   }¾n}è..´.Í.u=´.Í
0x00000070   16 24 04 75 38 80 3E 93 7D 00 7F 0B BE B4 7D E8   .$.u8.>.}...¾´}è
0x00000080   B3 00 C6 06 93 7D 12 80 3E 92 7D 00 75 D9 E8 89   ³.Æ..}..>.}.uÙè.
0x00000090   00 C6 06 BE 7D 81 68 80 00 BA 72 7D BE 7E 7D E8   .Æ.¾}.h..ºr}¾~}è
0x000000A0   65 00 5A 07 1F EA 00 7C 00 00 E8 6D 00 E8 78 00   e.Z..ê.|..èm.èx.
0x000000B0   BB BE 7D 8B 17 52 B2 80 8B 4F 02 66 8B 5F 08 E8   »¾}..R²..O.f._.è
0x000000C0   05 00 73 D5 07 1F CB 60 B4 41 BB AA 55 CD 13 72   ..sÕ..Ë`´A»ªUÍ.r
0x000000D0   2C 81 FB 55 AA 75 26 F7 C1 01 00 74 20 61 1E 66   ,.ûUªu&÷Á..t a.f
0x000000E0   31 C0 8E D8 66 50 66 53 50 68 00 7C 40 50 6A 10   1À.ØfPfSPh.|@Pj.
0x000000F0   89 E6 B4 42 CD 13 9F 83 C4 10 9E 1F C3 61 BB 00   .æ´BÍ...Ä...Ãa».
0x00000100   7C B8 01 02 CD 13 C3 FA 8B 1C 26 66 8B 07 66 89   |¸..Í.Ãú..&f..f.
0x00000110   04 26 89 17 26 8C 4F 02 FB C3 FA BB 20 00 66 A1   .&..&.O.ûÃú» .f¡
0x00000120   6E 7D 26 66 89 07 FB C3 B4 01 CD 16 74 06 B4 00   n}&f..ûô.Í.t.´.
0x00000130   CD 16 E2 F4 C3 AC 3C 00 74 09 B4 0E BB 07 00 CD   Í.âôì<.t.´.»..Í
0x00000140   10 EB F2 C3 50 2E A0 BE 7D 80 FA 80 75 04 88 C2   .ëòÃP..¾}.ú.u..Â
0x00000150   EB 06 38 C2 75 02 B2 80 58 C3 FA 2E 80 3E 92 7D   ë.8Âu.².XÃú..>.}
0x00000160   00 74 0A 2E FE 0E 93 7D 2E FE 0E 92 7D EA 20 00   .t..þ..}.þ..}ê .
0x00000170   00 00 9C 2E FE 06 91 7D 75 03 E8 C7 FF 9A 4C 00   ....þ..}u.èÇ..L.
0x00000180   00 00 9C 2E FE 0E 91 7D 79 03 E8 B7 FF 9D CA 02   ....þ..}y.è·..Ê.
0x00000190   00 FF 49 12 0D 0A 50 72 65 73 73 20 61 6E 79 20   ..I...Press any 
0x000001A0   6B 65 79 20 74 6F 20 62 6F 6F 74 20 66 72 6F 6D   key to boot from
0x000001B0   20 55 53 42 2E 00 00 00 9C 68 1B 01 00 00 80 20    USB.....h..... 
0x000001C0   21 00 07 FE FF FF 00 08 00 00 2D 58 38 3A 00 00   !..þ......-X8:..
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

[Mine.]

Zkoušel jsem to několikrát, ale Malwarebytes Anti-Rootkit vždycky spadne. Ještě bych se Vás chtěl zeptat - co si myslíte o tom nálezu TDSSKiller?

[vyosek]

Nalez je podezrely, nikoli jisty

Zkousel jste tam dat volbu Restore??

V miste spusteni MBRScanu by meli byt soubor Dump_XXX muzete mi je zabalit a prilozit nebo nekam uploadnout

[Mine.]

Nalez je podezrely, nikoli jisty

Zkousel jste tam dat volbu Restore??

V miste spusteni MBRScanu by meli byt soubor Dump_XXX muzete mi je zabalit a prilozit nebo nekam uploadnout

Zkoušel, stalo se tohle, můžu to bezpečně udělat?

[Mine.]

Nalez je podezrely, nikoli jisty

Zkousel jste tam dat volbu Restore??

V miste spusteni MBRScanu by meli byt soubor Dump_XXX muzete mi je zabalit a prilozit nebo nekam uploadnout

Jak jsou na tom logy?

[vyosek]

Dumpy se zdaji byt OK, je to jen pochybna detekce TDSSKilleru

Volbu Restore muzete dat, pokud tam nemate nainstalovany nejaky dalsi OS (Linux atd) - ty maji sve zavadece a muzou byt pro rootkit utility pochybne

Jinak i FRST se zda OK


Jeste pro jistotu ale aswMBR
Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

• Utilitu spustte a prikazte ji, at skenuje - klik na Scan
• Kliknutim na Save log ulozte log aswMBR na plochu
• Obsah logu aswMBR mi sem vlozte

[Mine.]

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-07-15 17:45:14
-----------------------------
17:45:14.894 OS Version: Windows x64 6.2.9200
17:45:14.894 Number of processors: 6 586 0x200
17:45:14.894 ComputerName: ZALMANR1 UserName: Admin
17:45:20.956 Initialize success
17:45:20.972 VM: initialized successfully
17:45:20.972 VM: Amd CPU supported virtualized
17:45:24.706 AVAST engine defs: 15071401
17:45:26.894 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002d
17:45:26.894 Disk 0 Vendor: WDC_WD10EZEX-00BN5A0 01.01A01 Size: 953869MB BusType: 11
17:45:26.909 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000002e
17:45:26.909 Disk 1 Vendor: WDC_WD10EZRX-00A8LB0 01.01A01 Size: 953869MB BusType: 11
17:45:27.019 Disk 0 MBR read successfully
17:45:27.019 Disk 0 MBR scan
17:45:27.019 Disk 0 Windows 7 default MBR code
17:45:27.034 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 2048
17:45:27.034 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953517 MB offset 718848
17:45:27.081 Disk 0 scanning C:\WINDOWS\system32\drivers
17:45:36.472 Service scanning
17:45:54.488 Modules scanning
17:45:54.503 Disk 0 trace - called modules:
17:45:54.503
17:45:56.112 AVAST engine scan C:\WINDOWS
17:45:58.519 AVAST engine scan C:\WINDOWS\system32
17:50:23.697 AVAST engine scan C:\WINDOWS\system32\drivers
17:50:43.005 AVAST engine scan C:\Users\Admin
18:07:22.372 AVAST engine scan C:\ProgramData
18:08:20.348 Disk 0 statistics 5046154/0/0 @ 2,11 MB/s
18:08:20.361 Scan finished successfully
18:14:34.148 Disk 0 MBR has been saved successfully to "C:\Users\Admin\Desktop\MBR.dat"
18:14:34.153 The log file has been saved successfully to "C:\Users\Admin\Desktop\aswMBR.txt"

[Mine.]

Ještě jsem dělal scan avast! na rootkity a ten nenašel nic, nechával jsem ho scannovat před zavedením a nenašel nic (složku Windows + spuštěné soubory po startu), kontrolu Emisoft Emergency Kit, nenašel nic, ale Malwarebytes našel v souboru csrss.exe, který jsem si ze systémové složky skopíroval na plochu, abych ho zkontroloval, exploit, na VirusTotal je čistý, přikládám log (kontroloval jsem celé PC, ale zavřel jsem omylem okno, takže jsem při druhé kontrole scannoval jen ten soubor).
PC začal vyhazovat BSOD, pošlu dump. Nějak se mi to nezdá... TDSSKiller to tedy smazal, jinak nic nenašel.

Log:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 15. 7. 2015
Čas skenování: 18:27
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.15.05
Databáze rootkitů: v2015.07.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Admin

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 393030
Uplynulý čas: 6 min, 24 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Varovat

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
Heuristics.Reserved.Word.Exploit, C:\Users\Admin\Desktop\csrss.exe, , [b859a2400981211517626fc355b0af51],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Mine.]

==================================================
Dump File : 071515-27265-01.dmp
Crash Time : 15. 7. 2015 18:14:46
Bug Check String :
Bug Check Code : 0x00000109
Parameter 1 : a3a01f58`d8a8b86f
Parameter 2 : b3b72bdf`2b28b7a6
Parameter 3 : fffff800`4b026080
Parameter 4 : 00000000`00000002
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+150ca0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.3.9600.17736 (winblue_r9.150322-1500)
Processor : x64
Crash Address : ntoskrnl.exe+150ca0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\071515-27265-01.dmp
Processors Count : 6
Major Version : 15
Minor Version : 9600
Dump File Size : 284 888
Dump File Time : 15. 7. 2015 18:16:10
==================================================

[Mine.]

Teď jsem přišel k PC a přestal fungovat úplně.

[vyosek]

Zkontrolujte pripojeni disku a nastaveni boot sekvence v BIOSu

Ani do nouzoveho rezimu nenastartuje??