Zavirovane PC

[xwagt]

Dobrý den, jelikož budu brzy vlastníkem svého PC a toto PC chci ponechat rodičům, tak jsem chtěl nejdříve začít se skenem na viry atd. , ale nešel mi spustit "antivirák", nelze mi ani spustit centrum zabezpečení jak zde psal kostik258 (http://www.viry.cz/forum/viewtopic.php?f=4&t=112410)

Log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by RODINA at 2011-07-21 22:24:31
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 119 GB (74%) free of 160 GB
Total RAM: 1023 MB (37% free)


======Scheduled tasks folder======

C:\Windows\tasks\difhnk.job
C:\Windows\tasks\FinalTorrent Update Checker.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Aneta\AppData\Roaming\Mozilla\Firefox\Profiles\3pojwn8f.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.2.6&q="

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Aneta\AppData\Roaming\Mozilla\Firefox\Profiles\3pojwn8f.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\Program Files\Spybot - Search & Destroy1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-01 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"TaskTray"=C:\Program Files\Driver-Soft\DriverGenius\TaskTray.exe [2011-05-22 292208]
"VIARaidUtl"=C:\Program Files\VIA\RAID\raid_tool.exe [2010-03-05 2375392]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-06-09 10082920]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2008-06-10 29984]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2008-06-10 46368]
"reset"=regedit /s reset.reg []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LinkMagic for magicolor 1680MF"=C:\Program Files\KONICA MINOLTA\magicolor 1680MF\LinkMagic for magicolor 1680MF\lmmc1680.exe [2008-08-26 5005312]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-04-21 402832]
"SpybotSD TeaTimer"=D:\Program Files\Spybot - Search & Destroy1\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-21 22:24:33 ----D---- C:\Program Files\trend micro
2011-07-21 22:24:31 ----D---- C:\rsit
2011-07-21 21:55:15 ----D---- C:\Users\Aneta\AppData\Roaming\Malwarebytes
2011-07-21 21:55:07 ----D---- C:\ProgramData\Malwarebytes
2011-07-21 21:55:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-21 12:10:42 ----D---- C:\Users\Aneta\AppData\Roaming\ESET
2011-07-21 12:09:03 ----D---- C:\ProgramData\ESET
2011-07-21 11:42:16 ----D---- C:\Program Files\ESET
2011-07-21 11:23:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-07-21 11:23:10 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-07-21 11:17:52 ----D---- C:\Users\Aneta\AppData\Roaming\Systweak
2011-07-21 11:17:52 ----D---- C:\ProgramData\Systweak
2011-07-13 12:15:04 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 12:15:04 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 12:15:04 ----A---- C:\Windows\system32\conhost.exe
2011-07-13 12:14:56 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 12:14:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-13 12:14:51 ----A---- C:\Windows\system32\win32k.sys
2011-07-10 17:48:06 ----D---- C:\Users\Aneta\AppData\Roaming\My Battle for Middle-earth(tm) II Files
2011-07-09 21:26:54 ----D---- C:\Users\Aneta\AppData\Roaming\Folding@home-x86
2011-07-02 19:18:58 ----A---- C:\Windows\system32\RtNicProp32.dll
2011-07-02 19:18:58 ----A---- C:\Windows\system32\drivers\Rt86win7.sys
2011-07-02 19:12:22 ----D---- C:\Windows\system32\RTCOM
2011-07-02 19:11:53 ----A---- C:\Windows\system32\WavesLib.dll
2011-07-02 19:11:52 ----A---- C:\Windows\system32\SRSWOW.dll
2011-07-02 19:11:52 ----A---- C:\Windows\system32\SRSTSXT.dll
2011-07-02 19:11:52 ----A---- C:\Windows\system32\SRSTSHD.dll
2011-07-02 19:11:52 ----A---- C:\Windows\system32\SRSHP360.dll
2011-07-02 19:11:45 ----A---- C:\Windows\system32\RtkPgExt.dll
2011-07-02 19:11:45 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2011-07-02 19:11:43 ----A---- C:\Windows\system32\RtkCoInst.dll
2011-07-02 19:11:43 ----A---- C:\Windows\system32\RtkApoApi.dll
2011-07-02 19:11:39 ----A---- C:\Windows\system32\RTEEP32A.dll
2011-07-02 19:11:39 ----A---- C:\Windows\system32\RTEEL32A.dll
2011-07-02 19:11:39 ----A---- C:\Windows\system32\RTEEG32A.dll
2011-07-02 19:11:39 ----A---- C:\Windows\system32\RTEED32A.dll
2011-07-02 19:11:39 ----A---- C:\Windows\system32\RP3DHT32.dll
2011-07-02 19:11:39 ----A---- C:\Windows\system32\RP3DAA32.dll
2011-07-02 19:11:36 ----A---- C:\Windows\system32\MBppld32.dll
2011-07-02 19:11:36 ----A---- C:\Windows\system32\MBPPCn32.dll
2011-07-02 19:11:36 ----A---- C:\Windows\system32\MBAPO32.dll
2011-07-02 19:11:36 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2011-07-02 19:11:35 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2011-07-02 19:11:35 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2011-07-02 19:11:30 ----A---- C:\Windows\system32\FMAPO.dll
2011-07-02 19:11:29 ----A---- C:\Windows\system32\AERTARen.dll
2011-07-02 19:11:29 ----A---- C:\Windows\system32\AERTACap.dll
2011-06-29 18:26:51 ----D---- C:\Windows\pss
2011-06-29 18:13:15 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 18:12:58 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 18:12:58 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 18:12:58 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 18:12:58 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 18:12:57 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 18:12:57 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 18:12:57 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 18:12:57 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 18:12:57 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-28 22:38:37 ----D---- C:\Program Files\Alcohol Soft
2011-06-26 19:07:22 ----N---- C:\Windows\system32\xRaidSetup.exe
2011-06-26 19:07:22 ----N---- C:\Windows\system32\xRaidAPI.dll
2011-06-26 19:07:09 ----D---- C:\Windows\RaidTool
2011-06-26 19:03:24 ----D---- C:\Program Files\VIA
2011-06-26 18:53:04 ----A---- C:\Windows\system32\OpenCL.dll
2011-06-26 18:53:03 ----A---- C:\Windows\system32\nvoglv32.dll
2011-06-26 18:53:03 ----A---- C:\Windows\system32\nvgenco322090.dll
2011-06-26 18:53:03 ----A---- C:\Windows\system32\nvdispco3220150.dll
2011-06-26 18:53:03 ----A---- C:\Windows\system32\nvd3dum.dll
2011-06-26 18:53:03 ----A---- C:\Windows\system32\nvcuvid.dll
2011-06-26 18:53:03 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-06-26 18:53:03 ----A---- C:\Windows\system32\nvcuda.dll
2011-06-26 18:53:03 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-06-26 18:53:02 ----A---- C:\Windows\system32\nvcompiler.dll
2011-06-26 18:41:58 ----A---- C:\Windows\system32\RtkAPO.dll
2011-06-26 18:41:57 ----A---- C:\Windows\system32\MBWrp32.dll
2011-06-26 18:41:54 ----D---- C:\Program Files\Realtek
2011-06-26 18:41:51 ----HD---- C:\Program Files\Temp
2011-06-26 18:41:50 ----A---- C:\Windows\RtlExUpd.dll
2011-06-26 18:20:16 ----RASH---- C:\Windows\system32\C_1254A.dll
2011-06-26 18:11:08 ----D---- C:\Program Files\Driver-Soft
2011-06-26 09:11:05 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2011-06-26 09:11:05 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2011-06-22 20:34:27 ----D---- C:\Users\Aneta\AppData\Roaming\FinalTorrent
2011-06-22 20:29:01 ----D---- C:\Program Files\File Type Assistant
2011-06-22 20:28:25 ----D---- C:\Program Files\FinalTorrent

======List of files/folders modified in the last 1 month======

2011-07-21 22:24:33 ----RD---- C:\Program Files
2011-07-21 22:21:54 ----SHD---- C:\Windows\Installer
2011-07-21 22:21:54 ----D---- C:\Windows\Temp
2011-07-21 22:20:11 ----D---- C:\Windows\system32\drivers
2011-07-21 21:55:07 ----HD---- C:\ProgramData
2011-07-21 21:30:17 ----D---- C:\Windows\System32
2011-07-21 21:30:17 ----D---- C:\Windows\inf
2011-07-21 21:30:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-21 21:28:54 ----D---- C:\Windows\debug
2011-07-21 21:26:40 ----D---- C:\ProgramData\NVIDIA
2011-07-21 21:25:37 ----D---- C:\Windows\system32\config
2011-07-21 21:10:13 ----D---- C:\Windows
2011-07-21 21:04:14 ----D---- C:\Program Files\Windows Sidebar
2011-07-21 21:04:14 ----D---- C:\Program Files\Windows Media Player
2011-07-21 21:04:14 ----D---- C:\Program Files\Paint.NET
2011-07-21 21:04:14 ----D---- C:\Program Files\Common Files\System
2011-07-21 21:04:14 ----D---- C:\Program Files\Common Files\microsoft shared
2011-07-21 21:04:14 ----D---- C:\Program Files\Ahead
2011-07-21 21:01:23 ----D---- C:\Windows\Minidump
2011-07-21 19:41:11 ----SD---- C:\Users\Aneta\AppData\Roaming\Microsoft
2011-07-21 19:12:01 ----D---- C:\Windows\system32\Tasks
2011-07-21 19:11:57 ----D---- C:\Windows\Tasks
2011-07-21 19:09:24 ----SHD---- C:\System Volume Information
2011-07-21 16:17:53 ----D---- C:\Users\Aneta\AppData\Roaming\.minecraft
2011-07-21 15:15:12 ----D---- C:\Users\Aneta\AppData\Roaming\ICQ
2011-07-21 13:19:43 ----RD---- C:\Users
2011-07-21 13:10:54 ----D---- C:\Windows\system32\DriverStore
2011-07-21 13:10:54 ----D---- C:\Windows\system32\catroot
2011-07-21 13:07:01 ----SHD---- C:\$Recycle.Bin
2011-07-21 12:33:57 ----D---- C:\Windows\system32\catroot2
2011-07-21 10:06:57 ----D---- C:\Windows\Prefetch
2011-07-20 19:19:52 ----D---- C:\Windows\system32\NDF
2011-07-18 23:18:00 ----D---- C:\Windows\winsxs
2011-07-18 23:17:54 ----D---- C:\Program Files\Internet Explorer
2011-07-14 09:16:23 ----A---- C:\Windows\system32\MRT.exe
2011-07-14 09:16:12 ----D---- C:\ProgramData\Microsoft Help
2011-07-09 22:05:02 ----D---- C:\ProgramData\DivX
2011-07-09 22:04:18 ----D---- C:\Program Files\DivX
2011-07-09 22:04:12 ----D---- C:\Program Files\Common Files\DivX Shared
2011-07-09 18:25:15 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-08 23:13:10 ----D---- C:\Windows\Downloaded Program Files
2011-07-07 13:48:53 ----D---- C:\Users\Aneta\AppData\Roaming\IObit
2011-07-07 13:48:18 ----D---- C:\Windows\system32\wdi
2011-07-04 10:10:33 ----D---- C:\Program Files\ICQ7.5
2011-07-03 09:06:35 ----D---- C:\Windows\Microsoft.NET
2011-07-03 09:06:33 ----RSD---- C:\Windows\assembly
2011-07-01 17:26:47 ----D---- C:\Windows\system32\wfp
2011-07-01 17:26:46 ----D---- C:\Windows\system32\wbem
2011-07-01 17:26:09 ----D---- C:\Windows\registration
2011-07-01 16:45:19 ----D---- C:\Program Files\Microsoft Office
2011-06-30 05:46:44 ----RSD---- C:\Windows\Fonts
2011-06-29 19:06:17 ----D---- C:\Windows\system32\migration
2011-06-28 15:58:32 ----D---- C:\Users\Aneta\AppData\Roaming\DivX
2011-06-26 19:06:09 ----SHDC---- C:\Windows\$NtUninstallKB33557$
2011-06-26 19:06:09 ----D---- C:\Windows\system
2011-06-26 18:59:41 ----D---- C:\Program Files\NVIDIA Corporation
2011-06-26 18:59:25 ----D---- C:\Program Files\Common Files
2011-06-26 18:41:42 ----D---- C:\Program Files\Common Files\InstallShield
2011-06-26 09:10:55 ----D---- C:\Program Files\IObit
2011-06-25 19:45:45 ----D---- C:\Program Files\Mozilla Firefox
2011-06-24 20:18:46 ----D---- C:\ProgramData\TrackMania

[Rudy]

Zdravím! Log není kompletní.

[xwagt]

Více v logu nemám. Opětovné vytvoření logu: končí na tom samém místě.
Navíc mi PC začalo psát že k tomu programu nemám oprávnění, i když jsem administrátor a spouštím jako administrátor. Toto jsem vyřešil opětovném stáhnutí RSITu.

[Rudy]

Zkuste to v nouz. režimu.

[xwagt]

Log končí na tom samém místě i v nouzovém režimu. Když dám "Continue" tak mi to napíše: Systém Windows nemá přístup k určenému zařízení, cestě nebo souboru. K přístupu k položce pravděpodobně nemáte patřičná oprávnění. V modrém pruhu nahoře je napsána cesta: C:/Program Files/trend micro/RODINA.exe I když sem správce. RSIT pak ale běží dál a vytvoří tento chybný log.

[xwagt]

Tak chybu, popisovanou výše, jsem opravil přesunutím složky na plochu. Nyní jede RSIT bez errorů, ale log je stejně špatný.
EDIT: Mám takový dojem, že se RSIT asi v polovině skenu vypíná, stejně jako CCleaner, když dám sken v registrech.

[Rudy]

Zkusíme MBAM: http://www.malwarebytes.org/mbam.php . Proveďte plný sken a dejte log. Předem nic nemžte.

[xwagt]

Spustím -> Úplná kontrola -> Vypnutí bez jakéhokoliv erroru a následné zablokování programu. I v nouzovém režimu.

[Rudy]

Tak ještě AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 .

[xwagt]

Vypne se bez erroru a následná blokace.

[Rudy]

Tak na to půjdeme z jiného konce. Stáhněte a spusťte TDSSkiller: http://support.kaspersky.com/downloads/ ... killer.exe . Postupujte podle kolegova návodu:

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

[xwagt]

Skenování úspěšné. Zde je log:

2011/07/22 22:39:50.0574 1004 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/22 22:39:51.0340 1004 ================================================================================
2011/07/22 22:39:51.0340 1004 SystemInfo:
2011/07/22 22:39:51.0340 1004
2011/07/22 22:39:51.0340 1004 OS Version: 6.1.7601 ServicePack: 1.0
2011/07/22 22:39:51.0340 1004 Product type: Workstation
2011/07/22 22:39:51.0340 1004 ComputerName: RODINA
2011/07/22 22:39:51.0341 1004 UserName: RODINA
2011/07/22 22:39:51.0341 1004 Windows directory: C:\Windows
2011/07/22 22:39:51.0341 1004 System windows directory: C:\Windows
2011/07/22 22:39:51.0341 1004 Processor architecture: Intel x86
2011/07/22 22:39:51.0341 1004 Number of processors: 1
2011/07/22 22:39:51.0341 1004 Page size: 0x1000
2011/07/22 22:39:51.0341 1004 Boot type: Normal boot
2011/07/22 22:39:51.0341 1004 ================================================================================
2011/07/22 22:39:52.0745 1004 Initialize success
2011/07/22 22:40:05.0442 2904 ================================================================================
2011/07/22 22:40:05.0442 2904 Scan started
2011/07/22 22:40:05.0442 2904 Mode: Manual;
2011/07/22 22:40:05.0442 2904 ================================================================================
2011/07/22 22:40:06.0964 2904 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
2011/07/22 22:40:07.0102 2904 78044401 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\Windows\system32\DRIVERS\78044401.sys
2011/07/22 22:40:07.0182 2904 78044402 (a305fad3719c5db0c13d1c2bfd08a04d) C:\Windows\system32\DRIVERS\78044402.sys
2011/07/22 22:40:07.0262 2904 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
2011/07/22 22:40:07.0365 2904 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
2011/07/22 22:40:07.0491 2904 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/22 22:40:07.0577 2904 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/22 22:40:07.0650 2904 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/22 22:40:07.0778 2904 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
2011/07/22 22:40:07.0851 2904 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
2011/07/22 22:40:07.0932 2904 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/07/22 22:40:08.0051 2904 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/07/22 22:40:08.0207 2904 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
2011/07/22 22:40:08.0270 2904 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/07/22 22:40:08.0339 2904 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/22 22:40:08.0406 2904 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/22 22:40:08.0477 2904 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
2011/07/22 22:40:08.0535 2904 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/22 22:40:08.0606 2904 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
2011/07/22 22:40:08.0669 2904 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
2011/07/22 22:40:08.0798 2904 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/07/22 22:40:08.0869 2904 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/22 22:40:08.0949 2904 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/22 22:40:09.0021 2904 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/07/22 22:40:09.0148 2904 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/07/22 22:40:09.0229 2904 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/07/22 22:40:09.0316 2904 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/07/22 22:40:09.0409 2904 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/22 22:40:09.0473 2904 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/22 22:40:09.0521 2904 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/22 22:40:09.0569 2904 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/22 22:40:09.0646 2904 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/07/22 22:40:09.0700 2904 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/22 22:40:09.0750 2904 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/22 22:40:09.0799 2904 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/07/22 22:40:09.0849 2904 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/22 22:40:09.0938 2904 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/22 22:40:10.0004 2904 cdrom (f9c23b7cb8bc5d2c30a39449de3904e4) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/22 22:40:10.0094 2904 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/22 22:40:10.0168 2904 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/07/22 22:40:10.0267 2904 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/22 22:40:10.0342 2904 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/07/22 22:40:10.0397 2904 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/07/22 22:40:10.0471 2904 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/22 22:40:10.0566 2904 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
2011/07/22 22:40:10.0732 2904 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/22 22:40:10.0845 2904 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
2011/07/22 22:40:11.0007 2904 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
2011/07/22 22:40:11.0072 2904 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/07/22 22:40:11.0151 2904 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/07/22 22:40:11.0281 2904 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/07/22 22:40:11.0370 2904 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/07/22 22:40:11.0461 2904 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/22 22:40:11.0636 2904 eamonm (04cba07e73f152970fc34d66d3892e2a) C:\Windows\system32\DRIVERS\eamonm.sys
2011/07/22 22:40:11.0824 2904 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/07/22 22:40:11.0985 2904 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\Windows\system32\DRIVERS\ehdrv.sys
2011/07/22 22:40:12.0127 2904 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/22 22:40:12.0190 2904 epfwwfpr (ddb45f6371714601a43e8be38145be18) C:\Windows\system32\DRIVERS\epfwwfpr.sys
2011/07/22 22:40:12.0267 2904 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
2011/07/22 22:40:12.0368 2904 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/07/22 22:40:12.0432 2904 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/07/22 22:40:12.0495 2904 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/22 22:40:12.0579 2904 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/07/22 22:40:12.0741 2904 FileMonitor (49d52efb28ba7f18d28d2f1d8ee33f79) C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
2011/07/22 22:40:12.0791 2904 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/07/22 22:40:12.0852 2904 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/22 22:40:12.0917 2904 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/07/22 22:40:12.0994 2904 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/07/22 22:40:13.0053 2904 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/22 22:40:13.0137 2904 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/22 22:40:13.0189 2904 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/22 22:40:13.0277 2904 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/07/22 22:40:13.0349 2904 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/22 22:40:13.0434 2904 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
2011/07/22 22:40:13.0488 2904 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
2011/07/22 22:40:13.0539 2904 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/22 22:40:13.0591 2904 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/22 22:40:13.0672 2904 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/22 22:40:13.0749 2904 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/22 22:40:13.0851 2904 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
2011/07/22 22:40:13.0933 2904 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
2011/07/22 22:40:13.0998 2904 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/22 22:40:14.0059 2904 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
2011/07/22 22:40:14.0156 2904 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
2011/07/22 22:40:14.0250 2904 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/22 22:40:14.0506 2904 IntcAzAudAddService (7e9fee5f83c74be2fd48d163952e3caa) C:\Windows\system32\drivers\RTKVHDA.sys
2011/07/22 22:40:14.0635 2904 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/07/22 22:40:14.0701 2904 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/22 22:40:14.0820 2904 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/22 22:40:14.0925 2904 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
2011/07/22 22:40:15.0000 2904 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/07/22 22:40:15.0063 2904 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/07/22 22:40:15.0127 2904 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
2011/07/22 22:40:15.0206 2904 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/22 22:40:15.0293 2904 JRAID (15d6be1f12cc749391ec2fb3556e5a60) C:\Windows\system32\DRIVERS\jraid.sys
2011/07/22 22:40:15.0355 2904 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
2011/07/22 22:40:15.0446 2904 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
2011/07/22 22:40:15.0543 2904 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/22 22:40:15.0618 2904 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/22 22:40:15.0726 2904 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/22 22:40:15.0835 2904 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/22 22:40:15.0893 2904 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/22 22:40:15.0957 2904 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/22 22:40:16.0016 2904 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/22 22:40:16.0088 2904 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/07/22 22:40:16.0187 2904 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/22 22:40:16.0290 2904 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/22 22:40:16.0396 2904 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/07/22 22:40:16.0460 2904 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/22 22:40:16.0530 2904 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/22 22:40:16.0590 2904 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/22 22:40:16.0653 2904 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
2011/07/22 22:40:16.0742 2904 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/07/22 22:40:16.0811 2904 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
2011/07/22 22:40:20.0161 2904 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/07/22 22:40:20.0219 2904 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/22 22:40:20.0314 2904 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
2011/07/22 22:40:20.0398 2904 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/22 22:40:20.0474 2904 mrxsmb10 (a70c828a93cce4c11617f6249f4d87fc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/22 22:40:20.0537 2904 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/22 22:40:20.0614 2904 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
2011/07/22 22:40:20.0696 2904 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
2011/07/22 22:40:20.0787 2904 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/07/22 22:40:20.0857 2904 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/22 22:40:20.0944 2904 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
2011/07/22 22:40:21.0069 2904 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/22 22:40:21.0151 2904 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/22 22:40:21.0201 2904 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/07/22 22:40:21.0266 2904 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/07/22 22:40:21.0331 2904 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
2011/07/22 22:40:21.0400 2904 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/07/22 22:40:21.0450 2904 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/22 22:40:21.0509 2904 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/07/22 22:40:21.0588 2904 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/22 22:40:21.0677 2904 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
2011/07/22 22:40:21.0743 2904 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/07/22 22:40:21.0803 2904 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/22 22:40:21.0904 2904 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/22 22:40:21.0971 2904 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/22 22:40:22.0030 2904 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
2011/07/22 22:40:22.0093 2904 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/22 22:40:22.0165 2904 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/22 22:40:22.0301 2904 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/07/22 22:40:22.0367 2904 NisDrv (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/07/22 22:40:22.0449 2904 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/07/22 22:40:22.0524 2904 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/22 22:40:22.0632 2904 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
2011/07/22 22:40:22.0705 2904 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/07/22 22:40:23.0919 2904 nvlddmkm (847b1755f7757f825305a1ffe6dac3e9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/22 22:40:24.0232 2904 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
2011/07/22 22:40:24.0300 2904 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
2011/07/22 22:40:24.0418 2904 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
2011/07/22 22:40:24.0510 2904 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
2011/07/22 22:40:24.0662 2904 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/07/22 22:40:24.0735 2904 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
2011/07/22 22:40:24.0788 2904 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/07/22 22:40:24.0859 2904 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
2011/07/22 22:40:24.0912 2904 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/07/22 22:40:24.0994 2904 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/22 22:40:25.0048 2904 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/07/22 22:40:25.0110 2904 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/07/22 22:40:25.0362 2904 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/22 22:40:25.0414 2904 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/07/22 22:40:25.0501 2904 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/22 22:40:25.0597 2904 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/22 22:40:25.0691 2904 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/22 22:40:25.0757 2904 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/22 22:40:25.0823 2904 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/22 22:40:25.0900 2904 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/22 22:40:25.0968 2904 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/22 22:40:26.0042 2904 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/22 22:40:26.0105 2904 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/22 22:40:26.0178 2904 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/22 22:40:26.0232 2904 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/07/22 22:40:26.0303 2904 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/22 22:40:26.0390 2904 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
2011/07/22 22:40:26.0453 2904 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/22 22:40:26.0525 2904 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/07/22 22:40:26.0632 2904 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/07/22 22:40:26.0708 2904 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
2011/07/22 22:40:26.0791 2904 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
2011/07/22 22:40:26.0948 2904 RegFilter (349447385b15fce50e5e964cc5c1a8d6) C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys
2011/07/22 22:40:27.0122 2904 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/22 22:40:27.0204 2904 RTL8167 (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/07/22 22:40:27.0290 2904 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
2011/07/22 22:40:27.0373 2904 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
2011/07/22 22:40:27.0487 2904 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/22 22:40:27.0582 2904 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/22 22:40:27.0706 2904 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/22 22:40:27.0758 2904 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/07/22 22:40:27.0823 2904 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/22 22:40:27.0996 2904 setup_9.0.0.722_10.09.2010_12-21drv (64d93ec1218765498c40619427a85a91) C:\Windows\system32\DRIVERS\7804440.sys
2011/07/22 22:40:28.0101 2904 sfdrv01a (4d0ce0fadca29e7da68ce597ac9010bd) C:\Windows\system32\drivers\sfdrv01a.sys
2011/07/22 22:40:28.0165 2904 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/07/22 22:40:28.0241 2904 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/22 22:40:28.0304 2904 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/22 22:40:28.0368 2904 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys
2011/07/22 22:40:28.0440 2904 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/22 22:40:28.0517 2904 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\Windows\system32\drivers\sfsync02.sys
2011/07/22 22:40:28.0590 2904 sfvfs02 (107b772690050d3b19cbc637ad8fd96e) C:\Windows\system32\drivers\sfvfs02.sys
2011/07/22 22:40:28.0688 2904 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
2011/07/22 22:40:28.0758 2904 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/22 22:40:28.0827 2904 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/22 22:40:28.0930 2904 SmartDefragDriver (4aa2772a355226e9ac96d01ba431d253) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2011/07/22 22:40:29.0009 2904 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/07/22 22:40:29.0126 2904 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/07/22 22:40:29.0263 2904 sptd (a199171385be17973fd800fa91f8f78a) C:\Windows\system32\Drivers\sptd.sys
2011/07/22 22:40:29.0263 2904 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: a199171385be17973fd800fa91f8f78a
2011/07/22 22:40:29.0287 2904 sptd - detected LockedFile.Multi.Generic (1)
2011/07/22 22:40:29.0344 2904 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
2011/07/22 22:40:29.0410 2904 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/22 22:40:29.0473 2904 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/22 22:40:29.0629 2904 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/22 22:40:29.0735 2904 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
2011/07/22 22:40:29.0809 2904 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
2011/07/22 22:40:29.0861 2904 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
2011/07/22 22:40:30.0075 2904 Tcpip (24326784df8f3d5f5bbb9f878ce33c14) C:\Windows\system32\drivers\tcpip.sys
2011/07/22 22:40:30.0182 2904 TCPIP6 (24326784df8f3d5f5bbb9f878ce33c14) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/22 22:40:30.0276 2904 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/22 22:40:30.0392 2904 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
2011/07/22 22:40:30.0454 2904 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
2011/07/22 22:40:30.0522 2904 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/22 22:40:30.0585 2904 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
2011/07/22 22:40:30.0750 2904 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/22 22:40:30.0802 2904 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
2011/07/22 22:40:30.0934 2904 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/22 22:40:31.0009 2904 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/22 22:40:31.0064 2904 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/22 22:40:31.0185 2904 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/22 22:40:31.0250 2904 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
2011/07/22 22:40:31.0313 2904 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/22 22:40:31.0542 2904 UrlFilter (50faff9ad8e9b25d067628ca01aac8b6) C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
2011/07/22 22:40:31.0604 2904 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/22 22:40:31.0674 2904 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
2011/07/22 22:40:31.0744 2904 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/22 22:40:31.0813 2904 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
2011/07/22 22:40:31.0882 2904 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/07/22 22:40:31.0982 2904 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/22 22:40:32.0069 2904 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/22 22:40:32.0135 2904 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/22 22:40:32.0199 2904 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/22 22:40:32.0281 2904 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
2011/07/22 22:40:32.0361 2904 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/22 22:40:32.0413 2904 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/07/22 22:40:32.0536 2904 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
2011/07/22 22:40:32.0604 2904 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
2011/07/22 22:40:32.0660 2904 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/07/22 22:40:32.0723 2904 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/07/22 22:40:32.0797 2904 videX32 (c147afa614b9925479d47cd173329789) C:\Windows\system32\DRIVERS\videX32.sys
2011/07/22 22:40:32.0852 2904 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
2011/07/22 22:40:32.0928 2904 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
2011/07/22 22:40:32.0989 2904 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
2011/07/22 22:40:33.0061 2904 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/07/22 22:40:33.0152 2904 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
2011/07/22 22:40:33.0224 2904 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/22 22:40:33.0316 2904 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/07/22 22:40:33.0416 2904 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/22 22:40:33.0504 2904 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/22 22:40:33.0556 2904 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/22 22:40:33.0707 2904 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/07/22 22:40:33.0766 2904 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/22 22:40:33.0943 2904 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/22 22:40:33.0995 2904 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/07/22 22:40:34.0230 2904 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/07/22 22:40:34.0335 2904 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/22 22:40:34.0471 2904 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/22 22:40:34.0681 2904 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
2011/07/22 22:40:34.0776 2904 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/22 22:40:34.0913 2904 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/22 22:40:34.0994 2904 Boot (0x1200) (7c8d8b6602057cae1ac0d95810e911d9) \Device\Harddisk0\DR0\Partition0
2011/07/22 22:40:35.0025 2904 Boot (0x1200) (88ef2fda2fd32a77731974952cd7d195) \Device\Harddisk0\DR0\Partition1
2011/07/22 22:40:35.0100 2904 Boot (0x1200) (c65f7d1d875391c5d5ba4ab329ae8299) \Device\Harddisk0\DR0\Partition2
2011/07/22 22:40:35.0120 2904 ================================================================================
2011/07/22 22:40:35.0120 2904 Scan finished
2011/07/22 22:40:35.0120 2904 ================================================================================
2011/07/22 22:40:35.0155 3560 Detected object count: 1
2011/07/22 22:40:35.0155 3560 Actual detected object count: 1
2011/07/22 22:40:57.0068 3560 LockedFile.Multi.Generic(sptd) - User select action: Skip

[Rudy]

1 položku TDSSkiller smazal. Nyní zkuste nový RSIT a dejte log.

[xwagt]

Log z RSIT pořád končí na tom samém místě.

[Rudy]

Zkuste sken ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

CF spusťte v nouz. režimu, v případě problémů stažený soubor přejmenujte třeba na cokoli.com .