VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Amatér odstraňuje olmarik

https://forum.viry.cz:443/viewtopic.php?t=110185

Stránka 1 z 2

Amatér odstraňuje olmarik

Napsal: 11 bře 2011 20:59
od totok
Dobrý večer,
Měl bych prosbu.Chytil jsem vira Win32/olmarik trojaka a tak jsem se ho pokoušel sám odstranit.Něco jsem si přečetl na foru a tak jsem spustil tdsskiller a poté jsem projel combofix a vir už eset nehlásí ale comp je furt nějakej zabržděnej.a startuje jak ruskej dvoutakt.
Muže my nejakej koumák(čka) pomoci.Díky

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:03
od motji
Dobrý večer :)
To je sice fajn, že se pouštíte sám o odstranění viru, ale můžete si taky zbořit systém. Combofix není nástroj pro laiky.
Najdete logy z obou programů? Měli by být na disku C.

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:12
od totok
mám malej problém nemohu načist přílohu .txt

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:13
od motji
text zkopírujte přímo do topicu :)

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:15
od totok
ComboFix 11-03-10.04 - Martin Kubat 11.03.2011 18:08:43.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.420.1033.18.1022.542 [GMT 1:00]
Running from: c:\documents and settings\Martin Kubat\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\Tiger Install
c:\documents and settings\Martin Kubat\Application Data\rhcpnvj0e78s
c:\documents and settings\Martin Kubat\Local Settings\Application Data\ieytpjd.dat
c:\documents and settings\Martin Kubat\Local Settings\Application Data\ieytpjd_nav.dat
c:\documents and settings\Martin Kubat\Local Settings\Application Data\ieytpjd_navps.dat
c:\documents and settings\Martin Kubat\Local Settings\Application Data\yguouoi.dat
c:\documents and settings\Martin Kubat\Local Settings\Application Data\yguouoi_nav.dat
c:\documents and settings\Martin Kubat\Local Settings\Application Data\yguouoi_navps.dat
c:\program files\akl
c:\program files\akl\akl.dll
c:\program files\akl\akl.exe
c:\program files\akl\uninstall.exe
c:\program files\akl\unsetup.exe
c:\program files\Antivirus 2009
c:\program files\PC-Cleaner
c:\program files\rhcpnvj0e78s
c:\windows\a.bat
c:\windows\bdn.com
c:\windows\cookies.ini
c:\windows\FVProtect.exe
c:\windows\iTunesMusic.exe
c:\windows\mslagent
c:\windows\mslagent\2_mslagent.dll
c:\windows\mslagent\mslagent.exe
c:\windows\mslagent\uninstall.exe
c:\windows\mssecu.exe
c:\windows\system32\akttzn.exe
c:\windows\system32\anticipator.dll
c:\windows\system32\awtoolb.dll
c:\windows\system32\bdn.com
c:\windows\system32\bsva-egihsg52.exe
c:\windows\system32\dpcproxy.exe
c:\windows\system32\emesx.dll
c:\windows\system32\hoproxy.dll
c:\windows\system32\hxiwlgpm.dat
c:\windows\system32\hxiwlgpm.exe
c:\windows\system32\medup012.dll
c:\windows\system32\medup020.dll
c:\windows\system32\msgp.exe
c:\windows\system32\msnbho.dll
c:\windows\system32\mssecu.exe
c:\windows\system32\msvchost.exe
c:\windows\system32\mtr2.exe
c:\windows\system32\mwin32.exe
c:\windows\system32\netode.exe
c:\windows\system32\newsd32.exe
c:\windows\system32\nvs2.inf
c:\windows\system32\ps1.exe
c:\windows\system32\psof1.exe
c:\windows\system32\psoft1.exe
c:\windows\system32\regc64.dll
c:\windows\system32\regm64.dll
c:\windows\system32\Rundl1.exe
c:\windows\system32\smp
c:\windows\system32\smp\msrc.exe
c:\windows\system32\sncntr.exe
c:\windows\system32\ssurf022.dll
c:\windows\system32\ssvchost.com
c:\windows\system32\ssvchost.exe
c:\windows\system32\sysreq.exe
c:\windows\system32\taack.dat
c:\windows\system32\taack.exe
c:\windows\system32\temp#01.exe
c:\windows\system32\thun.dll
c:\windows\system32\thun32.dll
c:\windows\system32\VBIEWER.OCX
c:\windows\system32\vbsys2.dll
c:\windows\system32\vcatchpi.dll
c:\windows\system32\winlogonpc.exe
c:\windows\system32\winsystem.exe
c:\windows\system32\WINWGPX.EXE
c:\windows\userconfig9x.dll
c:\windows\winsystem.exe
D:\Autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_TDSSSERV.SYS
.
.
((((((((((((((((((((((((( Files Created from 2011-02-11 to 2011-03-11 )))))))))))))))))))))))))))))))
.
.
2011-03-11 16:29 . 2011-03-11 16:29 1377112 ----a-w- c:\program files\tdsskiller.exe
2011-03-11 15:02 . 2011-02-11 06:54 5943120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{DC429204-1133-46CE-9153-C0414D3056A0}\mpengine.dll
2011-03-10 21:41 . 2011-03-10 21:41 -------- d-----w- c:\documents and settings\Martin Kubat\Local Settings\Application Data\ESET
2011-03-10 20:43 . 2011-03-10 20:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2011-03-10 20:34 . 2011-03-10 20:34 -------- d-----w- c:\program files\ESET
2011-03-10 20:34 . 2011-03-10 20:34 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2011-03-10 20:26 . 2011-03-10 20:27 44018688 ----a-w- c:\program files\eav_nt32_csy.msi
2011-03-09 15:16 . 2011-03-09 15:16 -------- d-----w- c:\program files\7-Zip
2011-03-08 20:02 . 2011-03-08 20:02 -------- d-----w- c:\program files\Axis Communications
2011-03-05 15:57 . 2011-03-05 15:57 -------- d-----w- c:\program files\Common Files\Skype
2011-03-02 20:03 . 2011-03-02 20:03 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-11 06:54 . 2008-05-01 16:40 5943120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-02-04 16:48 . 2005-08-06 05:01 456192 ----a-w- c:\windows\system32\encdec.dll
2011-02-04 16:48 . 2005-08-06 05:01 291840 ----a-w- c:\windows\system32\sbe.dll
2011-02-02 16:11 . 2009-10-05 15:37 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-02-02 07:58 . 2004-08-10 15:00 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2004-08-10 15:00 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2004-08-10 15:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2004-08-10 15:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2004-08-10 15:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2010-12-22 12:34 301568 ----a-w- c:\windows\system32\SET6E.tmp
2010-12-22 12:34 . 2004-08-10 15:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-21 14:04 . 2010-12-21 14:04 141264 ----a-w- c:\windows\system32\drivers\eamon.sys
2010-12-21 14:04 . 2010-12-21 14:04 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-12-21 12:47 . 2010-12-21 12:47 94872 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2010-12-20 23:59 . 2004-08-10 15:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59 . 2004-08-10 15:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59 . 2004-08-10 15:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26 . 2004-08-10 15:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2004-08-10 15:00 385024 ----a-w- c:\windows\system32\html.iec
2009-02-14 18:31 . 2009-02-14 18:31 16483464 ----a-w- c:\program files\ashampoo_winoptimizer6_se.exe
2009-02-13 01:50 . 2009-02-13 01:50 3199752 ----a-w- c:\program files\sp35384.exe
2009-02-13 01:41 . 2009-02-13 01:41 17701816 ----a-w- c:\program files\LightScribeSimpleLabeler_1.17.90.1.exe
2008-11-10 01:55 . 2008-11-10 01:55 128408 ----a-w- c:\program files\Download_UltimateSuiteReg.exe
2008-11-09 18:36 . 2008-11-09 18:35 21189685 ----a-w- c:\program files\video-download-studio.exe
2008-11-07 18:16 . 2008-11-07 18:16 10428116 ----a-w- c:\program files\PlatoDVDRipper_SE.exe
2008-11-07 18:00 . 2008-11-07 18:00 4628236 ----a-w- c:\program files\avi-vcd.exe
2008-10-31 02:36 . 2008-10-31 02:35 3415298 -c--a-w- c:\program files\mg4.exe
2008-10-25 00:53 . 2008-10-25 00:49 67167528 -c--a-w- c:\program files\iTunes801Setup.exe
2008-10-04 16:13 . 2008-10-04 16:10 1131888 -c--a-w- c:\program files\ActiveSetupN.exe
2008-09-27 02:15 . 2008-09-27 02:14 3777324 -c--a-w- c:\program files\ZiepodPlusSetup.exe
2008-09-27 02:01 . 2008-09-27 02:01 2909031 -c--a-w- c:\program files\ZiepodSetup.exe
2008-09-23 02:19 . 2007-11-13 23:23 30214576 -c--a-w- c:\program files\zunesetuppkg-x86.exe
2008-07-07 00:05 . 2008-07-07 00:04 9884748 -c--a-w- c:\program files\panoramamaker4_retail_trial_e.exe
2008-07-06 23:39 . 2008-04-11 20:47 3456567 -c--a-w- c:\program files\PanoStudioSetupEn.exe
2008-04-30 21:40 . 2008-04-30 21:40 5186048 ----a-w- c:\program files\WindowsDefender.msi
2008-04-11 02:17 . 2008-04-11 02:17 4938208 -c--a-w- c:\program files\AutopanoPro_130_121106.exe
2008-04-11 01:55 . 2008-04-11 01:55 8326024 -c--a-w- c:\program files\pfactory_setup_m32.exe
2008-04-11 01:45 . 2008-04-11 01:44 1979724 -c--a-w- c:\program files\PanoPerfectLiteSetup.exe
2008-04-10 03:00 . 2008-04-10 03:00 15452536 -c--a-w- c:\program files\IE7-WindowsXP-x86-enu.exe
2008-04-10 01:14 . 2008-04-10 01:14 22690600 -c--a-w- c:\program files\SkypeSetup.exe
2008-03-16 21:59 . 2008-03-16 21:59 779536 -c--a-w- c:\program files\MoveMediaPlayer_07076007.exe
2008-03-06 22:32 . 2008-03-06 22:32 2689536 -c--a-w- c:\program files\tnt5.msi
2008-01-29 20:56 . 2008-01-29 20:56 5410865 -c--a-w- c:\program files\abiword-setup-2.4.6.exe
2008-01-17 01:09 . 2008-01-17 01:09 13181952 -c--a-w- c:\program files\mp150xp101enz.exe
2007-11-23 01:54 . 2007-11-23 01:54 1265516 -c--a-w- c:\program files\pwpro_demo.exe
2007-11-23 01:38 . 2007-11-23 01:38 1848832 -c--a-w- c:\program files\Setup_PhotoMerge_en.msi
2007-11-23 01:32 . 2007-11-23 01:32 10122746 -c--a-w- c:\program files\pidzk2110dwn.exe
2007-10-30 03:05 . 2007-10-30 03:05 2367160 -c--a-w- c:\program files\LinksysWebConnectPC.exe
2007-09-13 03:09 . 2007-09-13 03:09 4789792 -c--a-w- c:\program files\picasa2-current.exe
2007-09-13 02:58 . 2007-09-13 02:58 3376920 -c--a-w- c:\program files\panorama_composer3.exe
2007-09-13 02:53 . 2007-09-13 02:53 6193898 -c--a-w- c:\program files\zpm_cz.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-16 68856]
"ISUSPM"="c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-11 344064]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-12-09 225280]
"LogitechCameraAssistant"="c:\program files\Logitech\Video\CameraAssistant.exe" [2005-12-07 489472]
"LogitechVideo[inspector]"="c:\program files\Logitech\Video\InstallHelper.exe" [2005-12-07 16:33 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2009-09-04 158448]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 443968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [4.11.2006 1:19 13592]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [22.8.2005 10:06 231424]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [14.2.2009 19:32 410976]
.
Contents of the 'Scheduled Tasks' folder
.
2009-05-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
2011-03-11 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]
.
2011-03-10 c:\windows\Tasks\User_Feed_Synchronization-{66A1A08E-0DF4-41B6-B561-A6AA7A82E8E4}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 10:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://webcam.usti-nad-labem.cz/activex/AMC.cab
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{9EBF2A3D-F2E5-44CF-94DA-5BB4FAE58332} - (no file)
BHO-{CCE1DEE4-CB0F-4793-9824-0426B46DA68A} - (no file)
HKCU-Run-Antispyware - c:\program files\AntiSpywareApp\Antispyware.exe
Notify-pmnkIXRI - pmnkIXRI.dll
SafeBoot-klmdb.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Ashampoo Photo Commander 5 - c:\program files\Ashampoo\Ashampoo Photo Commander 5\Uninstall\0718_Uninstall.EXE
AddRemove-Widelands_is1 - c:\program files\Widelands\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-11 18:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(936)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(7748)
c:\windows\system32\WININET.dll
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\ZuneBusEnum.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\Ati2evxx.exe
c:\progra~1\hpq\Shared\HPQTOA~1.EXE
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Completion time: 2011-03-11 19:02:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-03-11 18:02
.
Pre-Run: 4 799 500 288 bytes free
Post-Run: 7 057 338 368 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - F83A8FBD476A137C0DB4E91754B1B022

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:17
od totok
2011/03/11 16:36:59.0562 1352 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/11 16:37:00.0046 1352 ================================================================================
2011/03/11 16:37:00.0046 1352 SystemInfo:
2011/03/11 16:37:00.0046 1352
2011/03/11 16:37:00.0046 1352 OS Version: 5.1.2600 ServicePack: 3.0
2011/03/11 16:37:00.0046 1352 Product type: Workstation
2011/03/11 16:37:00.0046 1352 ComputerName: MARTIN
2011/03/11 16:37:00.0046 1352 UserName: Martin Kubat
2011/03/11 16:37:00.0046 1352 Windows directory: C:\WINDOWS
2011/03/11 16:37:00.0046 1352 System windows directory: C:\WINDOWS
2011/03/11 16:37:00.0046 1352 Processor architecture: Intel x86
2011/03/11 16:37:00.0046 1352 Number of processors: 1
2011/03/11 16:37:00.0046 1352 Page size: 0x1000
2011/03/11 16:37:00.0046 1352 Boot type: Normal boot
2011/03/11 16:37:00.0046 1352 ================================================================================
2011/03/11 16:37:02.0531 1352 Initialize success
2011/03/11 16:37:12.0281 2072 ================================================================================
2011/03/11 16:37:12.0281 2072 Scan started
2011/03/11 16:37:12.0281 2072 Mode: Manual;
2011/03/11 16:37:12.0281 2072 ================================================================================
2011/03/11 16:37:24.0875 2072 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/11 16:37:25.0796 2072 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/03/11 16:37:27.0343 2072 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/03/11 16:37:28.0500 2072 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/03/11 16:37:32.0000 2072 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/03/11 16:37:33.0203 2072 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/03/11 16:37:35.0000 2072 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/03/11 16:37:38.0562 2072 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2011/03/11 16:37:39.0671 2072 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/11 16:37:41.0062 2072 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/11 16:37:44.0406 2072 ati2mtag (287b11a781f2b7a28f283fd4b7434daf) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/03/11 16:37:46.0953 2072 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/11 16:37:48.0203 2072 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/11 16:37:49.0640 2072 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/03/11 16:37:50.0984 2072 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/11 16:37:52.0031 2072 BTWUSB (e76dc88f00d50f46072feb2371769978) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/03/11 16:37:53.0359 2072 CAMCAUD (c2ef37f09cfee9665e6cd7c0b0afb84f) C:\WINDOWS\system32\drivers\camc6aud.sys
2011/03/11 16:37:54.0671 2072 CAMCHALA (512df898de5c0654647acd5c82f0bd99) C:\WINDOWS\system32\drivers\camc6hal.sys
2011/03/11 16:37:55.0953 2072 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/11 16:37:57.0359 2072 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/03/11 16:37:59.0265 2072 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/11 16:38:00.0421 2072 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/11 16:38:01.0375 2072 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/11 16:38:03.0828 2072 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/03/11 16:38:05.0656 2072 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/03/11 16:38:09.0390 2072 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/11 16:38:11.0171 2072 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/11 16:38:13.0218 2072 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/11 16:38:14.0156 2072 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/11 16:38:15.0062 2072 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/11 16:38:16.0531 2072 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/11 16:38:17.0250 2072 eabfiltr (c6aca0190ee7b614673ee0c91863b1eb) C:\WINDOWS\system32\drivers\EABFiltr.sys
2011/03/11 16:38:18.0000 2072 eabusb (da1011db09ad641de40cd5cca70c0c43) C:\WINDOWS\system32\drivers\eabusb.sys
2011/03/11 16:38:19.0078 2072 eamon (d42dd9021acd47683b33adf21bca49aa) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/03/11 16:38:20.0843 2072 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/03/11 16:38:22.0281 2072 epfwtdir (aa0667eb9a92414abb784c101a6c7fec) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2011/03/11 16:38:23.0500 2072 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/11 16:38:24.0671 2072 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/03/11 16:38:25.0515 2072 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/11 16:38:26.0343 2072 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/03/11 16:38:27.0609 2072 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/03/11 16:38:28.0703 2072 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/11 16:38:29.0828 2072 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/11 16:38:30.0859 2072 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/11 16:38:33.0203 2072 HSFHWATI (14794f142befc962ab142584607a6631) C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
2011/03/11 16:38:35.0531 2072 HSF_DP (f99bb4e2b462198b2b0a82d0949f0c41) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2011/03/11 16:38:37.0968 2072 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/11 16:38:39.0343 2072 hwdatacard (2310ca92d37d97c9231adf1796b47b9d) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2011/03/11 16:38:42.0390 2072 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/03/11 16:38:43.0578 2072 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/11 16:38:45.0562 2072 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/03/11 16:38:46.0656 2072 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/03/11 16:38:47.0937 2072 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/11 16:38:49.0453 2072 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/11 16:38:50.0453 2072 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/11 16:38:51.0515 2072 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/11 16:38:52.0843 2072 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/11 16:38:53.0828 2072 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/11 16:38:54.0656 2072 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/11 16:38:55.0703 2072 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/11 16:38:57.0156 2072 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/11 16:39:01.0312 2072 Lvckap (bd0d8c9e3aef163dafa0a3c27106d049) C:\WINDOWS\system32\drivers\Lvckap.sys
2011/03/11 16:39:06.0609 2072 lvmvdrv (c2ad4603075b1c58d92b6bb00e08e958) C:\WINDOWS\system32\drivers\lvmvdrv.sys
2011/03/11 16:39:09.0640 2072 LVPrcMon (4fd5a6335fb4fc1f758088b2f90613fe) C:\WINDOWS\system32\drivers\LVPrcMon.sys
2011/03/11 16:39:10.0781 2072 LVUSBSta (c0883f7914afa7feaa41ada0d513ac16) C:\WINDOWS\system32\drivers\lvusbsta.sys
2011/03/11 16:39:12.0093 2072 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/03/11 16:39:13.0093 2072 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/03/11 16:39:14.0265 2072 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/11 16:39:15.0296 2072 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/11 16:39:16.0187 2072 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/11 16:39:17.0250 2072 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/11 16:39:19.0578 2072 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/11 16:39:21.0671 2072 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/11 16:39:23.0656 2072 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/11 16:39:24.0671 2072 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/11 16:39:25.0578 2072 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/11 16:39:26.0468 2072 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/11 16:39:27.0593 2072 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/11 16:39:28.0578 2072 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/03/11 16:39:29.0734 2072 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/11 16:39:31.0093 2072 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/03/11 16:39:32.0750 2072 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/11 16:39:33.0875 2072 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/03/11 16:39:35.0078 2072 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/11 16:39:36.0250 2072 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/11 16:39:37.0281 2072 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/11 16:39:38.0515 2072 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/11 16:39:39.0390 2072 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/11 16:39:40.0437 2072 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/11 16:39:41.0609 2072 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/03/11 16:39:42.0875 2072 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/11 16:39:44.0546 2072 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/11 16:39:46.0062 2072 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/11 16:39:47.0281 2072 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/11 16:39:48.0296 2072 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/11 16:39:49.0187 2072 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
2011/03/11 16:39:50.0031 2072 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
2011/03/11 16:39:50.0921 2072 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
2011/03/11 16:39:51.0968 2072 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
2011/03/11 16:39:53.0296 2072 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/03/11 16:39:54.0906 2072 PAC7302 (aff9a1986555e4592de8092f9a5fa2d2) C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
2011/03/11 16:39:56.0468 2072 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/03/11 16:39:57.0812 2072 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/11 16:39:58.0875 2072 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/11 16:39:59.0781 2072 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/11 16:40:01.0656 2072 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/11 16:40:02.0937 2072 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/03/11 16:40:04.0031 2072 Pcouffin (a09c1922ef8149e27500c0f935a55f60) C:\WINDOWS\system32\Drivers\Pcouffin.sys
2011/03/11 16:40:09.0171 2072 pepifilter (e111fab6c740a1a44e750c2061a23239) C:\WINDOWS\system32\DRIVERS\lv302af.sys
2011/03/11 16:40:12.0984 2072 PID_08A0 (36eddcefdd036fffa95aa84d1645dd67) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
2011/03/11 16:40:15.0328 2072 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/11 16:40:16.0515 2072 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/03/11 16:40:17.0906 2072 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/11 16:40:19.0515 2072 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/11 16:40:20.0453 2072 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/03/11 16:40:27.0656 2072 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/11 16:40:29.0062 2072 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/11 16:40:30.0000 2072 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/11 16:40:31.0093 2072 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/11 16:40:32.0437 2072 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/11 16:40:33.0812 2072 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/11 16:40:35.0031 2072 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/03/11 16:40:36.0406 2072 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/11 16:40:37.0546 2072 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/11 16:40:38.0468 2072 RTL8023xp (7889e3981e0a5d347e037abd467d53a5) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2011/03/11 16:40:39.0312 2072 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/03/11 16:40:40.0187 2072 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/03/11 16:40:41.0109 2072 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/11 16:40:42.0046 2072 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/03/11 16:40:42.0890 2072 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/03/11 16:40:44.0421 2072 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/03/11 16:40:45.0968 2072 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/11 16:40:46.0890 2072 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/11 16:40:48.0078 2072 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/11 16:40:49.0171 2072 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/03/11 16:40:49.0953 2072 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/11 16:40:50.0750 2072 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/11 16:40:54.0546 2072 SynTP (f484c77f748729129d5cc9c965d9f701) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/03/11 16:40:55.0562 2072 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/11 16:40:56.0781 2072 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/11 16:40:57.0921 2072 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/11 16:40:57.0953 2072 Suspicious service (Hidden): TDSSserv.sys
2011/03/11 16:40:58.0812 2072 TDSSserv.sys (9679cbb6fb2104010efb44910e08a563) C:\WINDOWS\system32\drivers\TDSSpqlt.sys
2011/03/11 16:40:58.0812 2072 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\TDSSpqlt.sys. md5: 9679cbb6fb2104010efb44910e08a563
2011/03/11 16:40:58.0812 2072 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\TDSSpqlt.sys. md5: 9679cbb6fb2104010efb44910e08a563
2011/03/11 16:40:58.0828 2072 TDSSserv.sys - detected Rootkit.Win32.TDSS.tdl2 (0)
2011/03/11 16:40:59.0671 2072 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/11 16:41:00.0531 2072 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/11 16:41:01.0484 2072 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
2011/03/11 16:41:03.0296 2072 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/11 16:41:05.0296 2072 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/11 16:41:06.0531 2072 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/03/11 16:41:07.0437 2072 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/03/11 16:41:08.0250 2072 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/11 16:41:09.0078 2072 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/11 16:41:09.0953 2072 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/03/11 16:41:10.0781 2072 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/03/11 16:41:11.0625 2072 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/11 16:41:12.0421 2072 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/11 16:41:13.0375 2072 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/03/11 16:41:14.0296 2072 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/03/11 16:41:15.0109 2072 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/03/11 16:41:15.0953 2072 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/11 16:41:16.0812 2072 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/11 16:41:17.0656 2072 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2011/03/11 16:41:18.0953 2072 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/03/11 16:41:21.0031 2072 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/11 16:41:22.0640 2072 winachsf (214bc3ad84907ad6ad655ac5465f449a) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/03/11 16:41:24.0218 2072 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
2011/03/11 16:41:25.0109 2072 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/03/11 16:41:26.0000 2072 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/03/11 16:41:26.0875 2072 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/03/11 16:41:27.0796 2072 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/03/11 16:41:28.0781 2072 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/03/11 16:41:29.0765 2072 zumbus (9b2c9d322e3fbb1814d7c17a980c1286) C:\WINDOWS\system32\DRIVERS\zumbus.sys
2011/03/11 16:41:29.0937 2072 ================================================================================
2011/03/11 16:41:29.0937 2072 Scan finished
2011/03/11 16:41:29.0937 2072 ================================================================================
2011/03/11 16:41:29.0953 3832 Detected object count: 1
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\drivers\TDSSpqlt.sys - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\TDSSofxh.dll - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\TDSSosvd.dat - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\TDSSbrsr.dll - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\TDSSriqp.dll - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\TDSScfum.dll - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\TDSSnmxh.dll - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\TDSSsihc.log - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\TDSSrhym.dll - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\TDSStkdv.log - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\TDSSbubx.log - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 HKLM\SYSTEM\ControlSet001\services\TDSSserv.sys - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 HKLM\SYSTEM\ControlSet003\services\TDSSserv.sys - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 C:\WINDOWS\system32\drivers\TDSSpqlt.sys - will be deleted after reboot
2011/03/11 16:43:13.0453 3832 Rootkit.Win32.TDSS.tdl2(TDSSserv.sys) - User select action: Delete
2011/03/11 16:44:43.0921 3312 Deinitialize success

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:23
od motji
:D Tak jste si poradil s pěkným virem, TDSS patří k těm náročnějším :D .
Jak to vypadá s počítačem?

Podíváme se, zda tam něco nezůstalo :)

-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:28
od totok
Tak nevim jestli jsem si snim poradil. :( zatim funguje.

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:29
od motji
a proč tak smutně? :D Když zatím fungfuje. TDSS kiler odvedl dobrou práci, uvidíme, jestli mbam vyhrabe mrtvolky :D

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:32
od totok
Funguje,ale je tak 3x pomalejší. :P

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:35
od motji
tak ještě vydržte, však jsme ještě neskončili :D

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:41
od totok
jo jo to já vydržim....pač my nic jiného nezbívá. :D

přikládám ješte aktuální log.2011/03/11 21:36:25.0671 0200 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/11 21:36:27.0671 0200 ================================================================================
2011/03/11 21:36:27.0671 0200 SystemInfo:
2011/03/11 21:36:27.0671 0200
2011/03/11 21:36:27.0671 0200 OS Version: 5.1.2600 ServicePack: 3.0
2011/03/11 21:36:27.0671 0200 Product type: Workstation
2011/03/11 21:36:27.0671 0200 ComputerName: MARTIN
2011/03/11 21:36:27.0671 0200 UserName: Martin Kubat
2011/03/11 21:36:27.0671 0200 Windows directory: C:\WINDOWS
2011/03/11 21:36:27.0671 0200 System windows directory: C:\WINDOWS
2011/03/11 21:36:27.0671 0200 Processor architecture: Intel x86
2011/03/11 21:36:27.0671 0200 Number of processors: 1
2011/03/11 21:36:27.0671 0200 Page size: 0x1000
2011/03/11 21:36:27.0671 0200 Boot type: Normal boot
2011/03/11 21:36:27.0671 0200 ================================================================================
2011/03/11 21:36:28.0046 0200 Initialize success
2011/03/11 21:36:31.0828 2128 ================================================================================
2011/03/11 21:36:31.0828 2128 Scan started
2011/03/11 21:36:31.0828 2128 Mode: Manual;
2011/03/11 21:36:31.0828 2128 ================================================================================
2011/03/11 21:36:37.0625 2128 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/11 21:36:38.0453 2128 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/03/11 21:36:40.0203 2128 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/03/11 21:36:41.0218 2128 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/03/11 21:36:44.0328 2128 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/03/11 21:36:45.0078 2128 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/03/11 21:36:46.0593 2128 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/03/11 21:36:49.0609 2128 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2011/03/11 21:36:50.0406 2128 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/11 21:36:51.0234 2128 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/11 21:36:54.0125 2128 ati2mtag (287b11a781f2b7a28f283fd4b7434daf) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/03/11 21:36:55.0984 2128 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/11 21:36:56.0750 2128 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/11 21:36:57.0906 2128 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/03/11 21:36:58.0937 2128 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/11 21:36:59.0765 2128 BTWUSB (e76dc88f00d50f46072feb2371769978) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/03/11 21:37:00.0625 2128 CAMCAUD (c2ef37f09cfee9665e6cd7c0b0afb84f) C:\WINDOWS\system32\drivers\camc6aud.sys
2011/03/11 21:37:01.0734 2128 CAMCHALA (512df898de5c0654647acd5c82f0bd99) C:\WINDOWS\system32\drivers\camc6hal.sys
2011/03/11 21:37:02.0718 2128 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/11 21:37:03.0546 2128 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/03/11 21:37:05.0156 2128 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/11 21:37:06.0015 2128 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/11 21:37:06.0859 2128 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/11 21:37:08.0390 2128 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/03/11 21:37:10.0000 2128 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/03/11 21:37:13.0140 2128 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/11 21:37:14.0625 2128 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/11 21:37:16.0265 2128 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/11 21:37:17.0140 2128 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/11 21:37:18.0000 2128 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/11 21:37:19.0562 2128 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/11 21:37:20.0312 2128 eabfiltr (c6aca0190ee7b614673ee0c91863b1eb) C:\WINDOWS\system32\drivers\EABFiltr.sys
2011/03/11 21:37:21.0062 2128 eabusb (da1011db09ad641de40cd5cca70c0c43) C:\WINDOWS\system32\drivers\eabusb.sys
2011/03/11 21:37:21.0953 2128 eamon (d42dd9021acd47683b33adf21bca49aa) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/03/11 21:37:23.0281 2128 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/03/11 21:37:24.0250 2128 epfwtdir (aa0667eb9a92414abb784c101a6c7fec) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2011/03/11 21:37:25.0281 2128 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/11 21:37:26.0218 2128 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/03/11 21:37:27.0250 2128 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/11 21:37:28.0187 2128 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/03/11 21:37:29.0140 2128 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/03/11 21:37:30.0062 2128 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/11 21:37:30.0906 2128 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/11 21:37:31.0828 2128 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/11 21:37:33.0750 2128 HSFHWATI (14794f142befc962ab142584607a6631) C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
2011/03/11 21:37:35.0625 2128 HSF_DP (f99bb4e2b462198b2b0a82d0949f0c41) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2011/03/11 21:37:37.0609 2128 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/11 21:37:38.0750 2128 hwdatacard (2310ca92d37d97c9231adf1796b47b9d) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2011/03/11 21:37:41.0093 2128 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/03/11 21:37:41.0937 2128 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/11 21:37:43.0593 2128 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/03/11 21:37:44.0390 2128 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/03/11 21:37:45.0250 2128 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/11 21:37:46.0046 2128 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/11 21:37:46.0953 2128 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/11 21:37:47.0812 2128 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/11 21:37:48.0750 2128 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/11 21:37:49.0562 2128 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/11 21:37:50.0421 2128 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/11 21:37:51.0328 2128 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/11 21:37:52.0265 2128 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/11 21:37:55.0718 2128 Lvckap (bd0d8c9e3aef163dafa0a3c27106d049) C:\WINDOWS\system32\drivers\Lvckap.sys
2011/03/11 21:38:00.0562 2128 lvmvdrv (c2ad4603075b1c58d92b6bb00e08e958) C:\WINDOWS\system32\drivers\lvmvdrv.sys
2011/03/11 21:38:03.0625 2128 LVPrcMon (4fd5a6335fb4fc1f758088b2f90613fe) C:\WINDOWS\system32\drivers\LVPrcMon.sys
2011/03/11 21:38:04.0421 2128 LVUSBSta (c0883f7914afa7feaa41ada0d513ac16) C:\WINDOWS\system32\drivers\lvusbsta.sys
2011/03/11 21:38:05.0296 2128 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/03/11 21:38:06.0218 2128 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/03/11 21:38:07.0078 2128 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/11 21:38:07.0968 2128 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/11 21:38:08.0890 2128 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/11 21:38:09.0671 2128 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/11 21:38:11.0406 2128 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/11 21:38:12.0750 2128 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/11 21:38:14.0328 2128 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/11 21:38:15.0500 2128 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/11 21:38:16.0390 2128 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/11 21:38:17.0234 2128 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/11 21:38:18.0062 2128 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/11 21:38:18.0921 2128 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/03/11 21:38:19.0796 2128 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/11 21:38:20.0750 2128 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/03/11 21:38:21.0984 2128 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/11 21:38:22.0906 2128 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/03/11 21:38:23.0671 2128 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/11 21:38:24.0437 2128 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/11 21:38:25.0296 2128 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/11 21:38:26.0328 2128 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/11 21:38:27.0125 2128 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/11 21:38:28.0062 2128 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/11 21:38:29.0046 2128 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/03/11 21:38:29.0812 2128 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/11 21:38:31.0281 2128 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/11 21:38:32.0578 2128 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/11 21:38:33.0359 2128 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/11 21:38:34.0140 2128 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/11 21:38:35.0046 2128 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
2011/03/11 21:38:36.0109 2128 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
2011/03/11 21:38:36.0984 2128 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
2011/03/11 21:38:38.0046 2128 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
2011/03/11 21:38:39.0062 2128 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/03/11 21:38:40.0250 2128 PAC7302 (aff9a1986555e4592de8092f9a5fa2d2) C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
2011/03/11 21:38:41.0671 2128 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/03/11 21:38:42.0578 2128 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/11 21:38:43.0390 2128 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/11 21:38:44.0218 2128 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/11 21:38:45.0890 2128 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/11 21:38:46.0859 2128 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/03/11 21:38:47.0796 2128 Pcouffin (a09c1922ef8149e27500c0f935a55f60) C:\WINDOWS\system32\Drivers\Pcouffin.sys
2011/03/11 21:38:51.0906 2128 pepifilter (e111fab6c740a1a44e750c2061a23239) C:\WINDOWS\system32\DRIVERS\lv302af.sys
2011/03/11 21:38:55.0203 2128 PID_08A0 (36eddcefdd036fffa95aa84d1645dd67) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
2011/03/11 21:38:57.0000 2128 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/11 21:38:58.0046 2128 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/03/11 21:38:59.0156 2128 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/11 21:38:59.0953 2128 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/11 21:39:00.0875 2128 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/03/11 21:39:06.0171 2128 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/11 21:39:07.0125 2128 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/11 21:39:07.0984 2128 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/11 21:39:08.0765 2128 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/11 21:39:09.0687 2128 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/11 21:39:10.0656 2128 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/11 21:39:11.0656 2128 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/03/11 21:39:12.0828 2128 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/11 21:39:13.0781 2128 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/11 21:39:14.0750 2128 RTL8023xp (7889e3981e0a5d347e037abd467d53a5) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2011/03/11 21:39:15.0640 2128 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/03/11 21:39:16.0625 2128 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/03/11 21:39:17.0515 2128 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/11 21:39:18.0453 2128 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/03/11 21:39:19.0500 2128 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/03/11 21:39:21.0359 2128 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/03/11 21:39:23.0343 2128 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/11 21:39:24.0468 2128 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/11 21:39:25.0781 2128 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/11 21:39:27.0015 2128 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/03/11 21:39:27.0953 2128 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/11 21:39:29.0234 2128 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/11 21:39:34.0203 2128 SynTP (f484c77f748729129d5cc9c965d9f701) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/03/11 21:39:35.0437 2128 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/11 21:39:36.0796 2128 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/11 21:39:38.0203 2128 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/11 21:39:39.0312 2128 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/11 21:39:40.0453 2128 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/11 21:39:41.0765 2128 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
2011/03/11 21:39:43.0687 2128 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/11 21:39:45.0890 2128 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/11 21:39:47.0312 2128 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/03/11 21:39:48.0296 2128 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/03/11 21:39:49.0234 2128 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/11 21:39:50.0203 2128 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/11 21:39:51.0125 2128 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/03/11 21:39:52.0015 2128 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/03/11 21:39:52.0890 2128 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/11 21:39:53.0734 2128 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/11 21:39:54.0859 2128 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/03/11 21:39:55.0937 2128 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/03/11 21:39:56.0953 2128 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/03/11 21:39:58.0015 2128 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/11 21:39:59.0031 2128 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/11 21:39:59.0984 2128 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2011/03/11 21:40:01.0406 2128 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/03/11 21:40:03.0734 2128 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/11 21:40:05.0500 2128 winachsf (214bc3ad84907ad6ad655ac5465f449a) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/03/11 21:40:07.0468 2128 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
2011/03/11 21:40:08.0484 2128 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/03/11 21:40:09.0531 2128 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/03/11 21:40:10.0609 2128 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/03/11 21:40:11.0734 2128 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/03/11 21:40:13.0046 2128 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/03/11 21:40:14.0218 2128 zumbus (9b2c9d322e3fbb1814d7c17a980c1286) C:\WINDOWS\system32\DRIVERS\zumbus.sys
2011/03/11 21:40:14.0531 2128 ================================================================================
2011/03/11 21:40:14.0531 2128 Scan finished
2011/03/11 21:40:14.0531 2128 ================================================================================

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 21:44
od motji
TDSS tam už není, ale já Vám nedala uplnej odkaz :oops:

:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 22:02
od totok
Tak zatim 4 infikované soubory...a stále hledá, pátrač jeden. :D

Re: Amatér odstraňuje olmarik

Napsal: 11 bře 2011 23:05
od motji
Uvidíme co najde :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz