nejde mi odstranit virus, prosim pomozte! :(

[alexis333]

Neda sa mi odstranit Boot.Tidserv najdeny Nortonom resp. Rootkit.Win32.TDSS.mbr najdeny pomocou Kaspersky Virus Removal Tool. Je to v oboch pripadoch ten isty virus.

REPORT z Kaspersky Virus Removal Tool 2010:
25/10/2010 08:27:16 Task started
25/10/2010 08:27:56 Detected: Rootkit.Win32.TDSS.mbr \Device\Harddisk0\DR0
25/10/2010 08:27:56 Untreated: Rootkit.Win32.TDSS.mbr \Device\Harddisk0\DR0 Logged
25/10/2010 08:29:27 Task stopped

REPORT z MBRCheck:


REPORT z TDSSKiller:
2010/10/25 07:11:45.0511 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59
2010/10/25 07:11:45.0511 ================================================================================
2010/10/25 07:11:45.0511 SystemInfo:
2010/10/25 07:11:45.0511
2010/10/25 07:11:45.0511 OS Version: 6.1.7600 ServicePack: 0.0
2010/10/25 07:11:45.0511 Product type: Workstation
2010/10/25 07:11:45.0511 ComputerName: RADOVAN-PC
2010/10/25 07:11:45.0511 UserName: Radovan
2010/10/25 07:11:45.0511 Windows directory: C:\Windows
2010/10/25 07:11:45.0511 System windows directory: C:\Windows
2010/10/25 07:11:45.0511 Running under WOW64
2010/10/25 07:11:45.0511 Processor architecture: Intel x64
2010/10/25 07:11:45.0511 Number of processors: 8
2010/10/25 07:11:45.0511 Page size: 0x1000
2010/10/25 07:11:45.0511 Boot type: Normal boot
2010/10/25 07:11:45.0511 ================================================================================
2010/10/25 07:11:45.0511 Utility is running under WOW64
2010/10/25 07:11:46.0347 Initialize success
2010/10/25 07:11:48.0779 ================================================================================
2010/10/25 07:11:48.0779 Scan started
2010/10/25 07:11:48.0779 Mode: Manual;
2010/10/25 07:11:48.0779 ================================================================================
.
.
.
2010/10/25 07:11:53.0951 \HardDisk2\MBR - detected Rootkit.Win32.TDSS.tdl4 (0)
2010/10/25 07:11:53.0953 ================================================================================
2010/10/25 07:11:53.0953 Scan finished
2010/10/25 07:11:53.0953 ================================================================================
2010/10/25 07:11:53.0958 Detected object count: 2
2010/10/25 07:13:32.0150 Locked file(sptd) - User select action: Skip
2010/10/25 07:13:32.0154 \HardDisk2\MBR - will be cured after reboot
2010/10/25 07:13:32.0154 Rootkit.Win32.TDSS.tdl4(\HardDisk2\MBR) - User select action: Cure
2010/10/25 07:13:48.0021 Deinitialize success

Pouzivam legalnu verziu Norton Internet Security, ale ani NORTON tento virus nedokaze zneskodnit. Viete mi s tym prosim Vas nejako pomoct?
Dakujem!

//sudanec presunul do sekcie Řešení problémů, logy

[Rudy]

Měl by je umět odstranit MBAM: http://www.malwarebytes.org/mbam.php . Udělejte kompletní sken, dejte log a předem nic nemažte.

[alexis333]

Toto je vysledok uplneho skenu PC, hore uvedeny virus vsak nenaslo.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4945

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

25/10/2010 22:45:55
mbam-log-2010-10-25 (22-45-55).txt

Typ kontroly: Úplná kontrola (C:\|E:\|F:\|)
Objektov kontrolovaných: 413253
Uplynulý èas: 23 min, 42 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registraèné k¾úèe: 0
Infikované registraèné hodnoty: 0
Infikované položky registraèných dát: 0
Infikované prieèinky: 0
Infikované súbory: 18

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registraèné k¾úèe:
(Škodlivé položky neboli zistené)

Infikované registraèné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registraèných dát:
(Škodlivé položky neboli zistené)

Infikované prieèinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
C:\Users\Radovan\AppData\Local\Temp\clipb.exe (Virus.Agent) -> No action taken.
C:\Users\Radovan\AppData\Local\Temp\~os8466.tmp\rlls.dll (Adware.RelevantKnowledge) -> No action taken.
C:\Users\Radovan\AppData\Local\Temp\~os8466.tmp\rlls64.dll (Adware.RelevantKnowledge) -> No action taken.
C:\Users\Radovan\AppData\Local\Temp\~os8466.tmp\rlservice.exe (Adware.RelevantKnowledge) -> No action taken.
C:\Users\Radovan\AppData\Local\Temp\~os8466.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> No action taken.
C:\Users\Radovan\AppData\Local\Temp\~os8466.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\mfc71[1].exe (Trojan.Downloader) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\uxcore[1].exe (Trojan.Agent) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\mfc71[1].exe (Trojan.Downloader) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\uxcore[1].exe (Trojan.Agent) -> No action taken.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\mfc71[1].exe (Trojan.Downloader) -> No action taken.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\uxcore[1].exe (Trojan.Agent) -> No action taken.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\mfc71[1].exe (Trojan.Downloader) -> No action taken.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\uxcore[1].exe (Trojan.Agent) -> No action taken.
E:\Radko\Dokumenty\srandy\Flash\DESKTOP.EXE (Joke.Stressreducer) -> No action taken.
E:\Radko\Hry\games\Truck Dismount\Truck Dismount\msvcp60.dll (Malware.Packer.Gen) -> No action taken.
E:\Radko\Hry\games\Truck Dismount\Truck Dismount\msvcrt.dll (Malware.Packer.Gen) -> No action taken.
E:\Radko\Hry\MS Flight Simulator X\add ons\Others\torrents\FSPassengers X\Crack\fspassengersx.(cracked.by.komu)-v7.exe (RiskWare.Tool.CK) -> No action taken.

[Rudy]

Vše, co MBAM nalezl, smažte. Pak stáhněte TDSSkiller: http://support.kaspersky.com/downloads/ ... killer.zip , uložte na plochu, rozbalte a spusťte.

[alexis333]

Ten TDSSKiller som uz skusal predtym (prvy thread hore) a nasiel mi ho, ale nedokaze ho odstranit. To iste sa stalo aj teraz. Tu je komplet log:

2010/10/26 19:17:41.0593 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59
2010/10/26 19:17:41.0593 ================================================================================
2010/10/26 19:17:41.0593 SystemInfo:
2010/10/26 19:17:41.0593
2010/10/26 19:17:41.0593 OS Version: 6.1.7600 ServicePack: 0.0
2010/10/26 19:17:41.0593 Product type: Workstation
2010/10/26 19:17:41.0593 ComputerName: RADOVAN-PC
2010/10/26 19:17:41.0593 UserName: Radovan
2010/10/26 19:17:41.0593 Windows directory: C:\Windows
2010/10/26 19:17:41.0593 System windows directory: C:\Windows
2010/10/26 19:17:41.0593 Running under WOW64
2010/10/26 19:17:41.0593 Processor architecture: Intel x64
2010/10/26 19:17:41.0593 Number of processors: 8
2010/10/26 19:17:41.0593 Page size: 0x1000
2010/10/26 19:17:41.0593 Boot type: Normal boot
2010/10/26 19:17:41.0593 ================================================================================
2010/10/26 19:17:41.0594 Utility is running under WOW64
2010/10/26 19:17:42.0428 Initialize success
2010/10/26 19:18:18.0185 ================================================================================
2010/10/26 19:18:18.0185 Scan started
2010/10/26 19:18:18.0185 Mode: Manual;
2010/10/26 19:18:18.0185 ================================================================================
2010/10/26 19:18:18.0458 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/10/26 19:18:18.0482 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2010/10/26 19:18:18.0496 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/10/26 19:18:18.0511 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/10/26 19:18:18.0529 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2010/10/26 19:18:18.0544 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2010/10/26 19:18:18.0600 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2010/10/26 19:18:18.0627 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2010/10/26 19:18:18.0641 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2010/10/26 19:18:18.0655 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2010/10/26 19:18:18.0667 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2010/10/26 19:18:18.0737 amdkmdag (8d8d3e85efd9dd9718f879a49f9180a4) C:\Windows\system32\DRIVERS\atikmdag.sys
2010/10/26 19:18:18.0804 amdkmdap (b5ec8aef50fe15b294ebc6aa3bda1be6) C:\Windows\system32\DRIVERS\atikmpag.sys
2010/10/26 19:18:18.0815 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2010/10/26 19:18:18.0828 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2010/10/26 19:18:18.0840 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/10/26 19:18:18.0853 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2010/10/26 19:18:18.0869 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2010/10/26 19:18:18.0894 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2010/10/26 19:18:18.0907 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2010/10/26 19:18:18.0943 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/10/26 19:18:18.0955 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2010/10/26 19:18:18.0971 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\Windows\system32\drivers\AtiHdmi.sys
2010/10/26 19:18:18.0983 ATITool (b07e6681d303a612680223c729b021e2) C:\Windows\system32\DRIVERS\ATITool64.sys
2010/10/26 19:18:19.0005 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2010/10/26 19:18:19.0023 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2010/10/26 19:18:19.0040 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2010/10/26 19:18:19.0059 BHDrvx64 (4d7f8401eae7eaa4ef702fa6f4153269) C:\Windows\System32\Drivers\NISx64\1008000.029\BHDrvx64.sys
2010/10/26 19:18:19.0073 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/10/26 19:18:19.0087 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2010/10/26 19:18:19.0097 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/10/26 19:18:19.0108 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/10/26 19:18:19.0124 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2010/10/26 19:18:19.0157 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/10/26 19:18:19.0186 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/10/26 19:18:19.0228 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/10/26 19:18:19.0275 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/10/26 19:18:19.0334 ccHP (1b79efc84b924a6932bb9d2a549de5c9) C:\Windows\System32\Drivers\NISx64\1008000.029\ccHPx64.sys
2010/10/26 19:18:19.0373 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/10/26 19:18:19.0414 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2010/10/26 19:18:19.0428 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2010/10/26 19:18:19.0441 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2010/10/26 19:18:19.0463 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/10/26 19:18:19.0474 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2010/10/26 19:18:19.0502 cmudaxp (5573bd001176d9ccc62da72b738d1ecd) C:\Windows\system32\drivers\cmudaxp.sys
2010/10/26 19:18:19.0525 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2010/10/26 19:18:19.0540 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2010/10/26 19:18:19.0553 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/10/26 19:18:19.0581 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys
2010/10/26 19:18:19.0593 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/10/26 19:18:19.0617 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2010/10/26 19:18:19.0630 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2010/10/26 19:18:19.0642 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2010/10/26 19:18:19.0659 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2010/10/26 19:18:19.0671 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2010/10/26 19:18:19.0683 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2010/10/26 19:18:19.0697 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2010/10/26 19:18:19.0708 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2010/10/26 19:18:19.0727 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2010/10/26 19:18:19.0767 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2010/10/26 19:18:19.0801 eeCtrl (066108ae4c35835081598827a1a7d08d) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
2010/10/26 19:18:19.0840 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2010/10/26 19:18:19.0853 EraserUtilRebootDrv (12866876e3851f1e5d462b2a83e25578) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2010/10/26 19:18:19.0864 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2010/10/26 19:18:19.0885 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2010/10/26 19:18:19.0898 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2010/10/26 19:18:19.0912 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2010/10/26 19:18:19.0929 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2010/10/26 19:18:19.0940 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2010/10/26 19:18:19.0952 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/10/26 19:18:19.0967 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2010/10/26 19:18:19.0983 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2010/10/26 19:18:19.0999 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2010/10/26 19:18:20.0012 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2010/10/26 19:18:20.0024 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/10/26 19:18:20.0068 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2010/10/26 19:18:20.0082 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2010/10/26 19:18:20.0096 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/10/26 19:18:20.0107 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/10/26 19:18:20.0118 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2010/10/26 19:18:20.0131 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2010/10/26 19:18:20.0146 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2010/10/26 19:18:20.0168 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/10/26 19:18:20.0187 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2010/10/26 19:18:20.0202 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2010/10/26 19:18:20.0214 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/10/26 19:18:20.0229 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/10/26 19:18:20.0248 IDSVia64 (5b6fde76d72c2a1f0f99cbe5277e82ec) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101025.001\IDSvia64.sys
2010/10/26 19:18:20.0259 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2010/10/26 19:18:20.0276 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2010/10/26 19:18:20.0288 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2010/10/26 19:18:20.0301 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/10/26 19:18:20.0322 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/10/26 19:18:20.0334 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2010/10/26 19:18:20.0345 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2010/10/26 19:18:20.0357 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2010/10/26 19:18:20.0369 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/10/26 19:18:20.0380 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/10/26 19:18:20.0391 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/10/26 19:18:20.0404 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2010/10/26 19:18:20.0416 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2010/10/26 19:18:20.0428 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2010/10/26 19:18:20.0450 LHidFilt (1b669af5811ae2f69024f34203bad2a2) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2010/10/26 19:18:20.0462 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2010/10/26 19:18:20.0479 LMouFilt (79f3696e25b289a6b2b7ea931c7bec00) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2010/10/26 19:18:20.0493 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/10/26 19:18:20.0505 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/10/26 19:18:20.0517 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/10/26 19:18:20.0529 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/10/26 19:18:20.0541 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2010/10/26 19:18:20.0559 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2010/10/26 19:18:20.0573 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/10/26 19:18:20.0589 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2010/10/26 19:18:20.0609 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2010/10/26 19:18:20.0621 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2010/10/26 19:18:20.0632 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2010/10/26 19:18:20.0645 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2010/10/26 19:18:20.0657 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2010/10/26 19:18:20.0670 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2010/10/26 19:18:20.0684 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2010/10/26 19:18:20.0709 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/10/26 19:18:20.0723 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/10/26 19:18:20.0737 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/10/26 19:18:20.0748 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2010/10/26 19:18:20.0761 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2010/10/26 19:18:20.0779 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2010/10/26 19:18:20.0791 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2010/10/26 19:18:20.0804 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/10/26 19:18:20.0821 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2010/10/26 19:18:20.0832 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/10/26 19:18:20.0845 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2010/10/26 19:18:20.0860 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2010/10/26 19:18:20.0876 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/10/26 19:18:20.0888 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2010/10/26 19:18:20.0900 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/10/26 19:18:20.0917 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
2010/10/26 19:18:20.0929 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2010/10/26 19:18:20.0945 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2010/10/26 19:18:20.0959 NAVENG (956f589c6a7dde71dc6b03be633ebf23) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101025.040\ENG64.SYS
2010/10/26 19:18:20.0981 NAVEX15 (ee7a0e2478e7cd1a199d1b82e3a69b3e) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101025.040\EX64.SYS
2010/10/26 19:18:21.0004 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2010/10/26 19:18:21.0023 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/10/26 19:18:21.0042 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/10/26 19:18:21.0054 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/10/26 19:18:21.0068 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/10/26 19:18:21.0080 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2010/10/26 19:18:21.0096 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2010/10/26 19:18:21.0110 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2010/10/26 19:18:21.0149 netr7364 (621559a521682a888d83db34c6ec0bf8) C:\Windows\system32\DRIVERS\netr7364.sys
2010/10/26 19:18:21.0170 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/10/26 19:18:21.0187 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2010/10/26 19:18:21.0201 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2010/10/26 19:18:21.0225 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2010/10/26 19:18:21.0249 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2010/10/26 19:18:21.0261 nusb3hub (a61b0af4d6b934928cfd1140deea5c8d) C:\Windows\system32\DRIVERS\nusb3hub.sys
2010/10/26 19:18:21.0275 nusb3xhc (fa4b2f20561bdbcc6b9ac3e3bdcd7e3f) C:\Windows\system32\DRIVERS\nusb3xhc.sys
2010/10/26 19:18:21.0288 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/10/26 19:18:21.0301 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2010/10/26 19:18:21.0314 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/10/26 19:18:21.0339 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/10/26 19:18:21.0361 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2010/10/26 19:18:21.0374 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2010/10/26 19:18:21.0388 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2010/10/26 19:18:21.0400 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2010/10/26 19:18:21.0414 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/10/26 19:18:21.0427 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2010/10/26 19:18:21.0444 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2010/10/26 19:18:21.0491 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2010/10/26 19:18:21.0503 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2010/10/26 19:18:21.0522 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2010/10/26 19:18:21.0545 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2010/10/26 19:18:21.0569 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/10/26 19:18:21.0583 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2010/10/26 19:18:21.0602 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2010/10/26 19:18:21.0621 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/10/26 19:18:21.0636 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/10/26 19:18:21.0650 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/10/26 19:18:21.0662 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2010/10/26 19:18:21.0676 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2010/10/26 19:18:21.0689 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/10/26 19:18:21.0699 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/10/26 19:18:21.0714 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2010/10/26 19:18:21.0728 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2010/10/26 19:18:21.0741 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2010/10/26 19:18:21.0764 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2010/10/26 19:18:21.0790 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2010/10/26 19:18:21.0803 s116bus (33e3b5497741e11609f5c19a4babece5) C:\Windows\system32\DRIVERS\s116bus.sys
2010/10/26 19:18:21.0814 SaidA2AE (fec058631edce08127a7de3e0ce33abc) C:\Windows\system32\DRIVERS\SaidA2AE.sys
2010/10/26 19:18:21.0831 SaiH0BAC (231a3700154b1a49c2f05cb0da4b2747) C:\Windows\system32\DRIVERS\SaiH0BAC.sys
2010/10/26 19:18:21.0842 SaiMini (10b72224b9849db47ce5ffd0fc872275) C:\Windows\system32\DRIVERS\SaiMini.sys
2010/10/26 19:18:21.0854 SaiNtBus (6187d4e2d8abf14c20bc8a3dd35d7e80) C:\Windows\system32\drivers\SaiBus.sys
2010/10/26 19:18:21.0880 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/10/26 19:18:21.0893 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2010/10/26 19:18:21.0921 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2010/10/26 19:18:21.0940 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2010/10/26 19:18:21.0953 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2010/10/26 19:18:21.0966 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2010/10/26 19:18:21.0986 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/10/26 19:18:21.0998 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/10/26 19:18:22.0010 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/10/26 19:18:22.0021 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/10/26 19:18:22.0038 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/10/26 19:18:22.0051 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/10/26 19:18:22.0063 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2010/10/26 19:18:22.0090 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2010/10/26 19:18:22.0125 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2010/10/26 19:18:22.0125 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2010/10/26 19:18:22.0128 sptd - detected Locked file (1)
2010/10/26 19:18:22.0143 SRTSP (9e399476e5d5e0d3c8822c857a7e9a9a) C:\Windows\System32\Drivers\NISx64\1008000.029\SRTSP64.SYS
2010/10/26 19:18:22.0166 SRTSPX (3d7717b582f0365e75071556936e5a6b) C:\Windows\system32\drivers\NISx64\1008000.029\SRTSPX64.SYS
2010/10/26 19:18:22.0180 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2010/10/26 19:18:22.0198 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2010/10/26 19:18:22.0214 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2010/10/26 19:18:22.0231 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2010/10/26 19:18:22.0246 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2010/10/26 19:18:22.0263 SymEFA (4f87bb5389a93778ebc363b28271a65b) C:\Windows\system32\drivers\NISx64\1008000.029\SYMEFA64.SYS
2010/10/26 19:18:22.0280 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2010/10/26 19:18:22.0294 SYMFW (6320bf296b62d324890866a13a296fc0) C:\Windows\System32\Drivers\NISx64\1008000.029\SYMFW.SYS
2010/10/26 19:18:22.0307 SymIM (212bbf5a964513980d5de9397381534f) C:\Windows\system32\DRIVERS\SymIMv.sys
2010/10/26 19:18:22.0321 SYMNDISV (21dcc664a1e0af7bf4c8aded8c9ff9d5) C:\Windows\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS
2010/10/26 19:18:22.0336 SYMTDI (56a1cb71b8bb7ba9c41d2c9706df43cd) C:\Windows\System32\Drivers\NISx64\1008000.029\SYMTDI.SYS
2010/10/26 19:18:22.0372 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2010/10/26 19:18:22.0412 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2010/10/26 19:18:22.0430 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2010/10/26 19:18:22.0445 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2010/10/26 19:18:22.0463 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2010/10/26 19:18:22.0483 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2010/10/26 19:18:22.0495 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2010/10/26 19:18:22.0523 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/10/26 19:18:22.0544 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2010/10/26 19:18:22.0556 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2010/10/26 19:18:22.0571 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2010/10/26 19:18:22.0592 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/10/26 19:18:22.0615 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2010/10/26 19:18:22.0628 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2010/10/26 19:18:22.0644 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2010/10/26 19:18:22.0657 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/10/26 19:18:22.0669 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2010/10/26 19:18:22.0682 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2010/10/26 19:18:22.0697 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2010/10/26 19:18:22.0711 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2010/10/26 19:18:22.0723 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2010/10/26 19:18:22.0737 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2010/10/26 19:18:22.0749 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/10/26 19:18:22.0760 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/10/26 19:18:22.0777 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/10/26 19:18:22.0791 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/10/26 19:18:22.0803 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2010/10/26 19:18:22.0817 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/10/26 19:18:22.0830 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2010/10/26 19:18:22.0842 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/10/26 19:18:22.0857 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2010/10/26 19:18:22.0872 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2010/10/26 19:18:22.0888 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/10/26 19:18:22.0916 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2010/10/26 19:18:22.0929 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2010/10/26 19:18:22.0941 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2010/10/26 19:18:22.0957 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2010/10/26 19:18:22.0970 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/10/26 19:18:22.0977 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/10/26 19:18:23.0001 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2010/10/26 19:18:23.0019 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2010/10/26 19:18:23.0052 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/10/26 19:18:23.0065 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2010/10/26 19:18:23.0106 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/10/26 19:18:23.0132 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2010/10/26 19:18:23.0160 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2010/10/26 19:18:23.0174 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/10/26 19:18:23.0197 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
2010/10/26 19:18:23.0240 \HardDisk2\MBR - detected Rootkit.Win32.TDSS.tdl4 (0)
2010/10/26 19:18:23.0242 ================================================================================
2010/10/26 19:18:23.0242 Scan finished
2010/10/26 19:18:23.0242 ================================================================================
2010/10/26 19:18:23.0248 Detected object count: 2
2010/10/26 19:18:29.0624 Locked file(sptd) - User select action: Skip
2010/10/26 19:18:29.0633 \HardDisk2\MBR - quarantined
2010/10/26 19:18:29.0635 Rootkit.Win32.TDSS.tdl4(\HardDisk2\MBR) - User select action: Quarantine

[Rudy]

OK. Rootkit je v MBR. Jelikož Win7 nemá konzolu pro zotavení, z níž lze MBR přepsat, dám nějakou konzultaci. Vydržte.

[Rudy]

Sehnal jsem 2 návody, jak MBR opravit:

http://windows.microsoft.com/cs-CZ/wind ... tup-repair
http://www.secit.sk/sk/content/jak-jsem-bootoval

Ve Win 7 lze přepsat MBR uvedeným nástrojem.

[alexis333]

No v tych dvoch odkazoch som nejaky konkretny navod nenasiel a teraz neviem ako postupovat dalej. Mozte mi to vysvetlit? Dakujem.

[Rudy]

Restartujte PC a před koncem úvodních postů tiskněte F8 . Objeví se menu, kde vyberete opravu spouštění systému. Viz.: http://windows.microsoft.com/cs-CZ/wind ... -questions . Dále budete postupovat podle těch návodů.