Prosím o kontrolu logu

[nasua]

Sken pomocí GMERu udělán, ale vždy se v závěrečné fázi kousl komp a nezbývalo než restartovat

[vyosek]

Vyuziji navod kolegy (thx caroprd)

Stáhněte HxD portable http://mh-nexus.de/downloads/HxDsk.zip

• Rozbalte tak, aby se nenacházel v žádné složce (nejlépe na systémový disk).
• Spusťte, potvrďte hlášku kliknutím na "OK".
• Klikněte na "Otvor disk" (ikonka disku nahoře), zvolte "Fyzické disky" - "Pevný Disk 1"
• Klikněte na "OK".
• Přejděte na sektor 9, označte ho a zkopírujte (Ctrl + C).
• Obsah schránky mi sem vložte (ctrl + V).

[nasua]

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00



Je to správně?

[vyosek]

Máte instalační CD Windowsů

[nasua]

někde ano - asi bych musel dlouho hledat

[vyosek]

Kdyz spoustite PC tak by Vam PC melo davat na vyber (asi 2 sekundova obrazovka) jestli chcete spustit WIN Profesional nebo Konzolu pro zotavení (Recovery Console), je tomu tak

[nasua]

Ano

[vyosek]

Takze tu konzolu vyuzijem
1. Při startu vyberte tedy Konzolu pro zotavení
2. Konzola ohledá připojené disky a nabídne seznam nalezených instalací. např:

Kód: Vybrat vše

1. C:\WINDOWS

3. Po výzvě

Kód: Vybrat vše

Ke které instalaci Windows se chcete přihlásit:

odpovím číslem zvolené instalace, třeba: 1
POZOR: NumLock na klávesnici nesvítí!
4. Zadám heslo uživatele administrator a octnu se v adresáři %WINDIR% (obvykle C:\WINDOWS)
5. V příkazovém řádku zadám příkaz

Kód: Vybrat vše

fixmbr

6. Zadám příkaz

Kód: Vybrat vše

EXIT

pro restart PC

Nechte po restartu PC normalne nabehnout

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

• Vyskoci na Vas okenko, do ktereho zkopirujte text nize

• Kód: Vybrat vše

  "%userprofile%\plocha\mbr" -t

• Kliknete na OK
• Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte

[nasua]

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 62 !

[vyosek]

Stale to tam je, poradim se s kolegou, prosim o strepeni...

[vyosek]

Vypada to na falesne hlaseni mbr -t....
Predpokladam ze problemy jsou stale, ze...

Postupujte dle navodu kolegy

Stiahnite si prosím TDSSKiller a uložte ho na plochu.

2x-klik na TDSSKiller.exe- spustiť aplikáciu, potom na Spustiť kontrolu-klik- Start Scan.
Ak je infikovaný súbor detekovaný, bude predvolená akcia Cure, kliknite na tlačidlo Continue.
Ak podozrivý[suspicious] súbor je detekovaný, bude predvolená akcia Skip, kliknite na Continue.
Môže vás požiadať, aby ste reštartovali počítač na dokončenie procesu. Kliknite na Reboot Now.
Ak nevyžaduje reštart, kliknite na tlačidlo Report. Log súbor by sa mal objaviť. Prosím, skopírujte a vložte obsah súboru tu.
Ak je vyžadované reštartovanie počítača, správa je k dispozícii vo vašom koreňovom adresári (zvyčajne C:\ zložka) vo forme "TDSSKiller. _log.txt". Prosím, skopírujte a vložte obsah súboru tu.

[nasua]

2010/10/20 20:37:58.0609 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59
2010/10/20 20:37:58.0609 ================================================================================
2010/10/20 20:37:58.0609 SystemInfo:
2010/10/20 20:37:58.0609
2010/10/20 20:37:58.0609 OS Version: 5.1.2600 ServicePack: 3.0
2010/10/20 20:37:58.0609 Product type: Workstation
2010/10/20 20:37:58.0609 ComputerName: NOSKINS
2010/10/20 20:37:58.0609 UserName: noskin
2010/10/20 20:37:58.0609 Windows directory: C:\WINDOWS
2010/10/20 20:37:58.0609 System windows directory: C:\WINDOWS
2010/10/20 20:37:58.0609 Processor architecture: Intel x86
2010/10/20 20:37:58.0609 Number of processors: 2
2010/10/20 20:37:58.0609 Page size: 0x1000
2010/10/20 20:37:58.0609 Boot type: Normal boot
2010/10/20 20:37:58.0609 ================================================================================
2010/10/20 20:37:58.0859 Initialize success
2010/10/20 20:38:04.0625 ================================================================================
2010/10/20 20:38:04.0625 Scan started
2010/10/20 20:38:04.0625 Mode: Manual;
2010/10/20 20:38:04.0625 ================================================================================
2010/10/20 20:38:04.0859 Aavmker4 (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys
2010/10/20 20:38:05.0046 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/10/20 20:38:05.0156 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/10/20 20:38:05.0187 ADIHdAudAddService (ce03d313a12cbc886c3beba3b4967a8a) C:\WINDOWS\system32\drivers\ADIHdAud.sys
2010/10/20 20:38:05.0234 AEAudio (058cdc314672a28a90566a787d9876e7) C:\WINDOWS\system32\drivers\AEAudio.sys
2010/10/20 20:38:05.0265 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/10/20 20:38:05.0312 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/10/20 20:38:05.0421 AmdK8 (0a4d13b388c814560bd69c3a496ecfa8) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2010/10/20 20:38:05.0453 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
2010/10/20 20:38:05.0593 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010/10/20 20:38:05.0625 aswMon2 (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys
2010/10/20 20:38:05.0640 aswRdr (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys
2010/10/20 20:38:05.0671 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys
2010/10/20 20:38:05.0703 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys
2010/10/20 20:38:05.0734 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/10/20 20:38:05.0765 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/10/20 20:38:05.0937 ati2mtag (e43a7639be410b67059e48d3dd0ad405) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2010/10/20 20:38:06.0062 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/10/20 20:38:06.0109 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/10/20 20:38:06.0156 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/10/20 20:38:06.0203 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2010/10/20 20:38:06.0250 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
2010/10/20 20:38:06.0296 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2010/10/20 20:38:06.0343 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
2010/10/20 20:38:06.0390 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2010/10/20 20:38:06.0421 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/10/20 20:38:06.0468 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/10/20 20:38:06.0500 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/10/20 20:38:06.0531 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/10/20 20:38:06.0562 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/10/20 20:38:06.0656 cmdGuard (bbe9f023dfd2c4d2755da3fa47e4da08) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
2010/10/20 20:38:06.0687 cmdHlp (111e6755acb5f236e2465e24508f6367) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
2010/10/20 20:38:06.0781 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
2010/10/20 20:38:06.0875 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/10/20 20:38:06.0921 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2010/10/20 20:38:06.0968 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2010/10/20 20:38:07.0015 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/10/20 20:38:07.0046 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/10/20 20:38:07.0093 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/10/20 20:38:07.0156 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/10/20 20:38:07.0203 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/10/20 20:38:07.0218 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2010/10/20 20:38:07.0250 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/10/20 20:38:07.0281 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2010/10/20 20:38:07.0328 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/10/20 20:38:07.0343 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/10/20 20:38:07.0375 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2010/10/20 20:38:07.0406 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/10/20 20:38:07.0437 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/10/20 20:38:07.0484 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/10/20 20:38:07.0562 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/10/20 20:38:07.0640 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
2010/10/20 20:38:07.0671 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/10/20 20:38:07.0750 Inspect (343ac4733c1e8b7ab6454178e4fcd4ad) C:\WINDOWS\system32\DRIVERS\inspect.sys
2010/10/20 20:38:07.0796 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2010/10/20 20:38:07.0828 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/10/20 20:38:07.0843 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/10/20 20:38:07.0875 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/10/20 20:38:07.0906 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/10/20 20:38:07.0953 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/10/20 20:38:07.0984 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/10/20 20:38:08.0031 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/10/20 20:38:08.0046 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/10/20 20:38:08.0093 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/10/20 20:38:08.0125 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/10/20 20:38:08.0203 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/10/20 20:38:08.0250 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2010/10/20 20:38:08.0281 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/10/20 20:38:08.0296 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/10/20 20:38:08.0328 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/10/20 20:38:08.0375 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/10/20 20:38:08.0421 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/10/20 20:38:08.0500 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/10/20 20:38:08.0546 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/10/20 20:38:08.0562 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/10/20 20:38:08.0593 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/10/20 20:38:08.0625 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/10/20 20:38:08.0656 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/10/20 20:38:08.0687 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
2010/10/20 20:38:08.0718 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/10/20 20:38:08.0750 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/10/20 20:38:08.0796 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/10/20 20:38:08.0828 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/10/20 20:38:08.0843 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/10/20 20:38:08.0859 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/10/20 20:38:08.0890 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/10/20 20:38:08.0921 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/10/20 20:38:08.0953 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/10/20 20:38:08.0984 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/10/20 20:38:09.0031 nmwcd (357ddb51e03cae598c096d95497373d0) C:\WINDOWS\system32\drivers\ccdcmb.sys
2010/10/20 20:38:09.0046 nmwcdc (7cd443f9d36c80e152fadb274089577a) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010/10/20 20:38:09.0078 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/10/20 20:38:09.0109 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/10/20 20:38:09.0156 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/10/20 20:38:09.0203 nvata (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\DRIVERS\nvata.sys
2010/10/20 20:38:09.0218 nvatabus (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\drivers\nvatabus.sys
2010/10/20 20:38:09.0250 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/10/20 20:38:09.0265 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/10/20 20:38:09.0296 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
2010/10/20 20:38:09.0359 P17 (df886ffed69aead0cf608b89b18c3f6f) C:\WINDOWS\system32\drivers\P17.sys
2010/10/20 20:38:09.0453 PAC207 (509039b85c95e6e85cb7a8e3465fb702) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
2010/10/20 20:38:09.0484 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/10/20 20:38:09.0515 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/10/20 20:38:09.0546 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/10/20 20:38:09.0593 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2010/10/20 20:38:09.0640 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/10/20 20:38:09.0703 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/10/20 20:38:09.0734 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/10/20 20:38:09.0906 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/10/20 20:38:09.0921 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/10/20 20:38:09.0968 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/10/20 20:38:10.0093 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/10/20 20:38:10.0125 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/10/20 20:38:10.0156 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/10/20 20:38:10.0171 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/10/20 20:38:10.0203 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/10/20 20:38:10.0234 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/10/20 20:38:10.0281 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/10/20 20:38:10.0328 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/10/20 20:38:10.0359 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/10/20 20:38:10.0406 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2010/10/20 20:38:10.0484 RivaTuner32 (c0c8909be3ecc9df8089112bf9be954e) C:\Program Files\RivaTuner v2.21\RivaTuner32.sys
2010/10/20 20:38:10.0625 RTHDMIAzAudService (017cc2e361a47461472bc4c08bd12440) C:\WINDOWS\system32\drivers\RtHDMI.sys
2010/10/20 20:38:10.0734 RTL8023xp (e10f6c9bd09d8dae26e29d52c65e6e0f) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2010/10/20 20:38:10.0781 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/10/20 20:38:10.0828 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys
2010/10/20 20:38:10.0859 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/10/20 20:38:10.0890 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/10/20 20:38:10.0937 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/10/20 20:38:11.0015 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/10/20 20:38:11.0062 sonypvs1 (dfadfc2c86662f40759bf02add27d569) C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
2010/10/20 20:38:11.0125 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/10/20 20:38:11.0171 sptd (a199171385be17973fd800fa91f8f78a) C:\WINDOWS\System32\Drivers\sptd.sys
2010/10/20 20:38:11.0218 sp_rsdrv2 (8831252bcf05fcfb5abd116a22e552d8) C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010/10/20 20:38:11.0265 Sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/10/20 20:38:11.0328 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/10/20 20:38:11.0375 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/10/20 20:38:11.0421 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/10/20 20:38:11.0468 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/10/20 20:38:11.0578 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/10/20 20:38:11.0640 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/10/20 20:38:11.0671 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/10/20 20:38:11.0703 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/10/20 20:38:11.0734 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/10/20 20:38:11.0828 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/10/20 20:38:11.0890 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/10/20 20:38:11.0937 upperdev (15629e4d65f97ab5432d6d9597cf6a33) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2010/10/20 20:38:11.0984 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/10/20 20:38:12.0015 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/10/20 20:38:12.0046 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/10/20 20:38:12.0062 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/10/20 20:38:12.0078 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/10/20 20:38:12.0140 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/10/20 20:38:12.0171 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2010/10/20 20:38:12.0187 UsbserFilt (5c17e6a11aa8be53f79fd364ba19f0ce) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2010/10/20 20:38:12.0234 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/10/20 20:38:12.0281 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
2010/10/20 20:38:12.0296 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/10/20 20:38:12.0343 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/10/20 20:38:12.0359 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/10/20 20:38:12.0421 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2010/10/20 20:38:12.0515 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/10/20 20:38:12.0578 WmBEnum (84a90f13eebf4380345ef9474d30f10e) C:\WINDOWS\system32\drivers\WmBEnum.sys
2010/10/20 20:38:12.0609 WmFilter (eb0034ac02a44dc784a3174d2b81e764) C:\WINDOWS\system32\drivers\WmFilter.sys
2010/10/20 20:38:12.0656 WmHidLo (31d2906d59f127654964be334b615720) C:\WINDOWS\system32\drivers\WmHidLo.sys
2010/10/20 20:38:12.0703 WmVirHid (72c4f5a748c74d8d4016ccfa7367210f) C:\WINDOWS\system32\drivers\WmVirHid.sys
2010/10/20 20:38:12.0734 WmXlCore (eacdcced934a185e61ce0684f71c2dec) C:\WINDOWS\system32\drivers\WmXlCore.sys
2010/10/20 20:38:12.0781 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/10/20 20:38:12.0828 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/10/20 20:38:12.0843 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/10/20 20:38:12.0953 ================================================================================
2010/10/20 20:38:12.0953 Scan finished
2010/10/20 20:38:12.0953 ================================================================================

[vyosek]

Takze TDS rootkit tez neodhalen...

Kdyz gmer stavkuje, tak zkusime RootRepeal - opet aplikovat v nouzovem rezimu
Navod na RR http://www.viry.cz/forum/viewtopic.php?f=29&t=86010 a poprosim sken ze zalozky Report - log sem nasypte...

[nasua]

Při záložce file to už dlouho píše initializing, please wait - je to problém?

[vyosek]

Takze jinak Delejte postupne jednotlive zalozky a logy sem pekne sypte - tu zalozku files tedy preskocte...