PC sestry smetiště viru

[kasper]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Nikola at 2011-12-10 20:59:54
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 9 GB (11%) free of 76 GB
Total RAM: 1016 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:59:58, on 10.12.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskhost.exe
C:\Users\Nikola\Desktop\RSIT.exe
C:\Users\Nikola\Desktop\RSIT.exe
C:\Program Files\trend micro\Nikola.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=stonicla
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=stonicla& ... Terms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {9494ded5-43f8-4571-bf19-fe88853faa74} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ICQ] "C:\icq\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 5275 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\gta72jsj.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
fcmdSrchstonicla.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-20 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-09-03 9726568]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\ssmmgr.exe [2009-12-09 606208]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-22 3080264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\icq\ICQ7.4\ICQ.exe [2011-03-01 119608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-12-10 20:50:16 ----D---- C:\Program Files\trend micro
2011-12-10 20:50:11 ----D---- C:\rsit
2011-12-06 11:42:41 ----D---- C:\ProgramData\ESET
2011-12-06 11:42:41 ----D---- C:\Program Files\ESET
2011-12-04 16:42:09 ----A---- C:\Windows\Wiainst.exe
2011-12-04 16:41:38 ----A---- C:\Windows\system32\SaSegFlt.dll
2011-12-04 16:41:38 ----A---- C:\Windows\system32\SaMinDrv.dll
2011-12-04 16:41:38 ----A---- C:\Windows\system32\SaImgFlt.dll
2011-12-04 16:41:38 ----A---- C:\Windows\system32\SaErHdlr.dll
2011-12-04 16:39:07 ----D---- C:\Program Files\SamsungPrinterLiveUpdate
2011-12-04 16:39:05 ----D---- C:\Windows\Samsung
2011-12-04 16:37:57 ----D---- C:\Program Files\Samsung

======List of files/folders modified in the last 1 month======

2011-12-10 20:59:58 ----D---- C:\Windows\Temp
2011-12-10 20:50:16 ----RD---- C:\Program Files
2011-12-10 19:50:28 ----D---- C:\Windows\system32\config
2011-12-10 09:09:28 ----D---- C:\Users\Nikola\AppData\Roaming\ICQ
2011-12-09 21:25:42 ----D---- C:\Users\Nikola\AppData\Roaming\Skype
2011-12-09 14:41:50 ----SHD---- C:\System Volume Information
2011-12-08 20:04:53 ----D---- C:\Windows\Prefetch
2011-12-08 17:34:00 ----D---- C:\Windows
2011-12-08 17:32:00 ----D---- C:\Windows\Minidump
2011-12-06 11:44:22 ----SHD---- C:\Windows\Installer
2011-12-06 11:43:42 ----D---- C:\Windows\system32\drivers
2011-12-06 11:43:39 ----D---- C:\Windows\system32\DriverStore
2011-12-06 11:43:39 ----D---- C:\Windows\system32\catroot
2011-12-06 11:43:39 ----D---- C:\Windows\inf
2011-12-06 11:42:41 ----HD---- C:\ProgramData
2011-12-06 11:26:32 ----D---- C:\Program Files\Opera
2011-12-04 20:24:57 ----D---- C:\Windows\system32\Tasks
2011-12-04 20:24:52 ----RD---- C:\skype
2011-12-04 20:09:45 ----D---- C:\Program Files\ICQ7.5
2011-12-04 16:42:12 ----D---- C:\Windows\System32
2011-12-04 16:42:09 ----D---- C:\Windows\system32\catroot2
2011-12-04 16:41:45 ----D---- C:\Windows\twain_32
2011-12-04 16:41:12 ----D---- C:\Temp
2011-12-03 13:57:51 ----D---- C:\Windows\LiveKernelReports
2011-11-25 18:59:44 ----SD---- C:\Users\Nikola\AppData\Roaming\Microsoft
2011-11-25 18:59:44 ----SD---- C:\ProgramData\Microsoft
2011-11-19 21:00:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-17 08:03:11 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 BT848;WinFast TV2000 XP WDM Video Capture; C:\Windows\system32\drivers\wf2kvcap.sys [2004-10-04 75925]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2011-08-04 147480]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-13 5120]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-03 3185640]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-09-22 974944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-07 1343400]

-----------------EOF-----------------

[kasper]

sestře je 13 a je to facebook maniak a pořad si na něco stěžuje sekaní facbooku opera
a když jsem viděl icq lištu a ještě něco podobného faceboku tak jsem to odvirovat jinak ,ale radší takhle

[kasper]

tak jsem zpět

combofix

ComboFix 11-12-10.01 - Nikola 10.12.2011 22:04:04.1.1 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1016.400 [GMT 1:00]
Spuštěný z: c:\users\Nikola\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-10 do 2011-12-10 )))))))))))))))))))))))))))))))
.
.
2011-12-10 21:27 . 2011-12-10 21:31 -------- d-----w- c:\users\Nikola\AppData\Local\temp
2011-12-10 21:27 . 2011-12-10 21:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-10 20:30 . 2011-12-10 20:32 -------- d-----w- C:\HijackThis
2011-12-10 19:50 . 2011-12-10 20:27 -------- d-----w- c:\program files\trend micro
2011-12-10 19:50 . 2011-12-10 19:51 -------- d-----w- C:\rsit
2011-12-10 08:10 . 2011-12-10 18:41 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{44DA9CDC-D825-4F0B-8ED8-18CD595B7992}\offreg.dll
2011-12-09 13:42 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{44DA9CDC-D825-4F0B-8ED8-18CD595B7992}\mpengine.dll
2011-12-06 10:42 . 2011-12-06 10:42 -------- d-----w- c:\program files\ESET
2011-12-04 15:42 . 2011-12-04 15:42 -------- d-----w- c:\users\Nikola\AppData\Local\S2PC
2011-12-04 15:42 . 2008-06-26 19:44 512000 ----a-w- c:\windows\system32\ssmgr.cpl
2011-12-04 15:42 . 2009-09-22 01:30 113768 ----a-w- c:\windows\Wiainst.exe
2011-12-04 15:41 . 2009-05-11 18:00 11264 ----a-w- c:\windows\system32\SaSegFlt.dll
2011-12-04 15:41 . 2009-05-11 17:59 27136 ----a-w- c:\windows\system32\SaImgFlt.dll
2011-12-04 15:41 . 2009-05-11 17:59 147456 ----a-w- c:\windows\system32\SaMinDrv.dll
2011-12-04 15:41 . 2009-05-11 17:59 10752 ----a-w- c:\windows\system32\SaErHdlr.dll
2011-12-04 15:39 . 2011-12-04 15:39 -------- d-----w- c:\windows\Samsung
2011-12-04 15:37 . 2011-12-04 15:37 -------- d-----w- c:\program files\Samsung
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 16:03 . 2011-11-09 19:01 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-29 03:37 . 2011-11-09 19:01 2341888 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 07:03 . 2011-10-30 10:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\icq\ICQ7.4\ICQ.exe" [2011-03-01 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-09-03 9726568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2009-12-09 606208]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-07 1343400]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [2004-10-04 75925]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2011-09-22 974944]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-08-13 5120]
S3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
.
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.facemoods.com/?a=stonicla
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 109.231.191.1 109.231.191.3
FF - ProfilePath - c:\users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\gta72jsj.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-12-10 22:41:34
ComboFix-quarantined-files.txt 2011-12-10 21:41
.
Před spuštěním: Volných bajtů: 10 830 155 776
Po spuštění: Volných bajtů: 13 389 578 240
.
- - End Of File - - 12A174DC5D39D8B8001AFD76FED97BB5


22:45:10.0821 3664 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
22:45:11.0786 3664 ============================================================
22:45:11.0786 3664 Current date / time: 2011/12/10 22:45:11.0786
22:45:11.0786 3664 SystemInfo:
22:45:11.0786 3664
22:45:11.0788 3664 OS Version: 6.1.7601 ServicePack: 1.0
22:45:11.0788 3664 Product type: Workstation
22:45:11.0788 3664 ComputerName: NIKOLA-PC
22:45:11.0788 3664 UserName: Nikola
22:45:11.0788 3664 Windows directory: C:\Windows
22:45:11.0788 3664 System windows directory: C:\Windows
22:45:11.0788 3664 Processor architecture: Intel x86
22:45:11.0788 3664 Number of processors: 1
22:45:11.0788 3664 Page size: 0x1000
22:45:11.0788 3664 Boot type: Normal boot
22:45:11.0788 3664 ============================================================
22:45:13.0799 3664 Initialize success
22:46:14.0808 2148 ============================================================
22:46:14.0808 2148 Scan started
22:46:14.0808 2148 Mode: Manual; SigCheck; TDLFS;
22:46:14.0808 2148 ============================================================
22:46:15.0885 2148 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:46:16.0368 2148 1394ohci - ok
22:46:16.0540 2148 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:46:16.0602 2148 ACPI - ok
22:46:16.0774 2148 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:46:16.0899 2148 AcpiPmi - ok
22:46:17.0101 2148 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:46:17.0164 2148 adp94xx - ok
22:46:17.0320 2148 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:46:17.0367 2148 adpahci - ok
22:46:17.0507 2148 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:46:17.0569 2148 adpu320 - ok
22:46:17.0866 2148 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:46:17.0991 2148 AFD - ok
22:46:18.0131 2148 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:46:18.0162 2148 agp440 - ok
22:46:18.0318 2148 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:46:18.0365 2148 aic78xx - ok
22:46:18.0537 2148 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:46:18.0568 2148 aliide - ok
22:46:18.0693 2148 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:46:18.0724 2148 amdagp - ok
22:46:18.0864 2148 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:46:18.0895 2148 amdide - ok
22:46:19.0005 2148 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:46:19.0083 2148 AmdK8 - ok
22:46:19.0254 2148 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:46:19.0301 2148 AmdPPM - ok
22:46:19.0441 2148 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
22:46:19.0488 2148 amdsata - ok
22:46:19.0597 2148 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:46:19.0644 2148 amdsbs - ok
22:46:19.0785 2148 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
22:46:19.0816 2148 amdxata - ok
22:46:19.0941 2148 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:46:20.0159 2148 AppID - ok
22:46:20.0393 2148 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:46:20.0440 2148 arc - ok
22:46:20.0518 2148 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:46:20.0565 2148 arcsas - ok
22:46:20.0721 2148 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:46:20.0908 2148 AsyncMac - ok
22:46:21.0048 2148 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:46:21.0079 2148 atapi - ok
22:46:21.0313 2148 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:46:21.0423 2148 b06bdrv - ok
22:46:21.0563 2148 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:46:21.0641 2148 b57nd60x - ok
22:46:21.0813 2148 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:46:21.0922 2148 Beep - ok
22:46:22.0125 2148 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:46:22.0171 2148 blbdrive - ok
22:46:22.0312 2148 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:46:22.0390 2148 bowser - ok
22:46:22.0499 2148 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:46:22.0608 2148 BrFiltLo - ok
22:46:22.0733 2148 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:46:22.0780 2148 BrFiltUp - ok
22:46:22.0983 2148 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:46:23.0092 2148 Brserid - ok
22:46:23.0232 2148 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:46:23.0295 2148 BrSerWdm - ok
22:46:23.0451 2148 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:46:23.0513 2148 BrUsbMdm - ok
22:46:23.0591 2148 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:46:23.0653 2148 BrUsbSer - ok
22:46:23.0794 2148 BT848 (cc10aa1a0bfa24e3316833d4742c53e8) C:\Windows\system32\drivers\wf2kvcap.sys
22:46:23.0872 2148 BT848 - ok
22:46:23.0997 2148 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:46:24.0075 2148 BTHMODEM - ok
22:46:24.0231 2148 catchme - ok
22:46:24.0387 2148 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:46:24.0480 2148 cdfs - ok
22:46:24.0636 2148 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
22:46:24.0699 2148 cdrom - ok
22:46:24.0870 2148 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:46:24.0948 2148 circlass - ok
22:46:25.0089 2148 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:46:25.0135 2148 CLFS - ok
22:46:25.0338 2148 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:46:25.0401 2148 CmBatt - ok
22:46:25.0494 2148 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:46:25.0541 2148 cmdide - ok
22:46:25.0666 2148 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
22:46:25.0759 2148 CNG - ok
22:46:25.0884 2148 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:46:25.0931 2148 Compbatt - ok
22:46:26.0040 2148 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:46:26.0118 2148 CompositeBus - ok
22:46:26.0290 2148 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:46:26.0321 2148 crcdisk - ok
22:46:26.0555 2148 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:46:26.0649 2148 CSC - ok
22:46:26.0883 2148 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:46:26.0992 2148 DfsC - ok
22:46:27.0117 2148 DgiVecp - ok
22:46:27.0241 2148 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:46:27.0335 2148 discache - ok
22:46:27.0491 2148 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:46:27.0522 2148 Disk - ok
22:46:27.0694 2148 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:46:27.0756 2148 drmkaud - ok
22:46:27.0897 2148 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:46:27.0990 2148 DXGKrnl - ok
22:46:28.0193 2148 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys
22:46:28.0380 2148 eamonm - ok
22:46:28.0661 2148 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:46:28.0895 2148 ebdrv - ok
22:46:29.0082 2148 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys
22:46:29.0145 2148 ehdrv - ok
22:46:29.0379 2148 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:46:29.0457 2148 elxstor - ok
22:46:29.0628 2148 epfw (5ba193ca0ae31209aaa39939ce6736b2) C:\Windows\system32\DRIVERS\epfw.sys
22:46:29.0706 2148 epfw - ok
22:46:29.0862 2148 EpfwLWF (9cefd59c8e5ebfb48165aef54617f539) C:\Windows\system32\DRIVERS\EpfwLWF.sys
22:46:29.0893 2148 EpfwLWF - ok
22:46:30.0065 2148 epfwwfp (7144a06ac105a2a7302944602e415ec1) C:\Windows\system32\DRIVERS\epfwwfp.sys
22:46:30.0096 2148 epfwwfp - ok
22:46:30.0205 2148 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:46:30.0268 2148 ErrDev - ok
22:46:30.0471 2148 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:46:30.0595 2148 exfat - ok
22:46:30.0720 2148 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:46:30.0829 2148 fastfat - ok
22:46:30.0985 2148 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:46:31.0048 2148 fdc - ok
22:46:31.0235 2148 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:46:31.0266 2148 FileInfo - ok
22:46:31.0375 2148 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:46:31.0500 2148 Filetrace - ok
22:46:31.0609 2148 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:46:31.0656 2148 flpydisk - ok
22:46:31.0812 2148 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:46:31.0859 2148 FltMgr - ok
22:46:32.0046 2148 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:46:32.0093 2148 FsDepends - ok
22:46:32.0218 2148 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
22:46:32.0265 2148 Fs_Rec - ok
22:46:32.0421 2148 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:46:32.0483 2148 fvevol - ok
22:46:32.0623 2148 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:46:32.0655 2148 gagp30kx - ok
22:46:32.0764 2148 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:46:32.0857 2148 hcw85cir - ok
22:46:33.0013 2148 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:46:33.0107 2148 HdAudAddService - ok
22:46:33.0263 2148 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:46:33.0325 2148 HDAudBus - ok
22:46:33.0466 2148 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:46:33.0528 2148 HidBatt - ok
22:46:33.0653 2148 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:46:33.0747 2148 HidBth - ok
22:46:33.0871 2148 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:46:33.0949 2148 HidIr - ok
22:46:34.0137 2148 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:46:34.0199 2148 HidUsb - ok
22:46:34.0402 2148 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:46:34.0449 2148 HpSAMD - ok
22:46:34.0620 2148 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:46:34.0761 2148 HTTP - ok
22:46:34.0901 2148 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:46:34.0932 2148 hwpolicy - ok
22:46:35.0057 2148 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:46:35.0135 2148 i8042prt - ok
22:46:35.0307 2148 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
22:46:35.0369 2148 iaStorV - ok
22:46:35.0712 2148 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
22:46:36.0055 2148 igfx - ok
22:46:36.0180 2148 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:46:36.0227 2148 iirsp - ok
22:46:36.0523 2148 IntcAzAudAddService (0c36a7de2b4e6ec301b98ae300547701) C:\Windows\system32\drivers\RTKVHDA.sys
22:46:36.0757 2148 IntcAzAudAddService - ok
22:46:36.0913 2148 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:46:36.0960 2148 intelide - ok
22:46:37.0069 2148 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:46:37.0163 2148 intelppm - ok
22:46:37.0319 2148 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:46:37.0444 2148 IpFilterDriver - ok
22:46:37.0615 2148 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:46:37.0740 2148 IPMIDRV - ok
22:46:37.0865 2148 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:46:38.0005 2148 IPNAT - ok
22:46:38.0130 2148 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:46:38.0224 2148 IRENUM - ok
22:46:38.0395 2148 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:46:38.0427 2148 isapnp - ok
22:46:38.0536 2148 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:46:38.0598 2148 iScsiPrt - ok
22:46:38.0770 2148 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:46:38.0801 2148 kbdclass - ok
22:46:38.0910 2148 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:46:38.0957 2148 kbdhid - ok
22:46:39.0129 2148 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
22:46:39.0160 2148 KSecDD - ok
22:46:39.0300 2148 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
22:46:39.0347 2148 KSecPkg - ok
22:46:39.0581 2148 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:46:39.0690 2148 lltdio - ok
22:46:39.0924 2148 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:46:39.0971 2148 LSI_FC - ok
22:46:40.0127 2148 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:46:40.0174 2148 LSI_SAS - ok
22:46:40.0252 2148 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:46:40.0299 2148 LSI_SAS2 - ok
22:46:40.0455 2148 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:46:40.0501 2148 LSI_SCSI - ok
22:46:40.0673 2148 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:46:40.0782 2148 luafv - ok
22:46:40.0923 2148 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:46:40.0954 2148 megasas - ok
22:46:41.0079 2148 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:46:41.0141 2148 MegaSR - ok
22:46:41.0297 2148 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:46:41.0406 2148 Modem - ok
22:46:41.0547 2148 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:46:41.0625 2148 monitor - ok
22:46:41.0765 2148 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
22:46:41.0796 2148 mouclass - ok
22:46:41.0952 2148 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:46:41.0999 2148 mouhid - ok
22:46:42.0124 2148 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:46:42.0171 2148 mountmgr - ok
22:46:42.0280 2148 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:46:42.0311 2148 mpio - ok
22:46:42.0467 2148 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:46:42.0576 2148 mpsdrv - ok
22:46:42.0748 2148 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:46:42.0873 2148 MRxDAV - ok
22:46:43.0044 2148 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:46:43.0231 2148 mrxsmb - ok
22:46:43.0387 2148 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:46:43.0465 2148 mrxsmb10 - ok
22:46:43.0606 2148 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:46:43.0684 2148 mrxsmb20 - ok
22:46:43.0840 2148 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:46:43.0887 2148 msahci - ok
22:46:44.0011 2148 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:46:44.0058 2148 msdsm - ok
22:46:44.0230 2148 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:46:44.0339 2148 Msfs - ok
22:46:44.0464 2148 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:46:44.0573 2148 mshidkmdf - ok
22:46:44.0729 2148 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:46:44.0776 2148 msisadrv - ok
22:46:44.0963 2148 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:46:45.0057 2148 MSKSSRV - ok
22:46:45.0181 2148 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:46:45.0291 2148 MSPCLOCK - ok
22:46:45.0431 2148 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:46:45.0525 2148 MSPQM - ok
22:46:45.0618 2148 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:46:45.0665 2148 MsRPC - ok
22:46:45.0821 2148 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:46:45.0868 2148 mssmbios - ok
22:46:45.0977 2148 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:46:46.0071 2148 MSTEE - ok
22:46:46.0195 2148 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:46:46.0273 2148 MTConfig - ok
22:46:46.0414 2148 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:46:46.0461 2148 Mup - ok
22:46:46.0648 2148 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:46:46.0741 2148 NativeWifiP - ok
22:46:46.0929 2148 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:46:47.0007 2148 NDIS - ok
22:46:47.0163 2148 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:46:47.0287 2148 NdisCap - ok
22:46:47.0428 2148 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:46:47.0537 2148 NdisTapi - ok
22:46:47.0677 2148 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:46:47.0787 2148 Ndisuio - ok
22:46:47.0896 2148 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:46:48.0005 2148 NdisWan - ok
22:46:48.0364 2148 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:46:48.0473 2148 NDProxy - ok
22:46:48.0598 2148 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:46:48.0738 2148 NetBIOS - ok
22:46:48.0863 2148 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:46:48.0988 2148 NetBT - ok
22:46:49.0237 2148 netr73 (76b1157ef850830c5ece61d3e591ca8b) C:\Windows\system32\DRIVERS\netr73.sys
22:46:49.0331 2148 netr73 - ok
22:46:49.0503 2148 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:46:49.0549 2148 nfrd960 - ok
22:46:49.0643 2148 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:46:49.0737 2148 Npfs - ok
22:46:49.0908 2148 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:46:50.0002 2148 nsiproxy - ok
22:46:50.0220 2148 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
22:46:50.0345 2148 Ntfs - ok
22:46:50.0485 2148 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:46:50.0579 2148 Null - ok
22:46:50.0719 2148 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
22:46:50.0766 2148 nvraid - ok
22:46:50.0875 2148 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
22:46:50.0922 2148 nvstor - ok
22:46:51.0141 2148 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:46:51.0172 2148 nv_agp - ok
22:46:51.0312 2148 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:46:51.0390 2148 ohci1394 - ok
22:46:51.0624 2148 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:46:51.0671 2148 Parport - ok
22:46:51.0780 2148 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
22:46:51.0811 2148 partmgr - ok
22:46:51.0952 2148 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:46:51.0999 2148 Parvdm - ok
22:46:52.0170 2148 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:46:52.0217 2148 pci - ok
22:46:52.0373 2148 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:46:52.0404 2148 pciide - ok
22:46:52.0513 2148 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:46:52.0576 2148 pcmcia - ok
22:46:52.0701 2148 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:46:52.0763 2148 pcw - ok
22:46:52.0857 2148 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:46:52.0997 2148 PEAUTH - ok
22:46:53.0403 2148 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:46:53.0512 2148 PptpMiniport - ok
22:46:53.0652 2148 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:46:53.0699 2148 Processor - ok
22:46:53.0886 2148 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:46:54.0027 2148 Psched - ok
22:46:54.0229 2148 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:46:54.0385 2148 ql2300 - ok
22:46:54.0526 2148 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:46:54.0557 2148 ql40xx - ok
22:46:54.0682 2148 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:46:54.0744 2148 QWAVEdrv - ok
22:46:54.0869 2148 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:46:54.0994 2148 RasAcd - ok
22:46:55.0150 2148 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:46:55.0259 2148 RasAgileVpn - ok
22:46:55.0415 2148 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:46:55.0524 2148 Rasl2tp - ok
22:46:55.0696 2148 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:46:55.0821 2148 RasPppoe - ok
22:46:55.0961 2148 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:46:56.0055 2148 RasSstp - ok
22:46:56.0211 2148 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:46:56.0335 2148 rdbss - ok
22:46:56.0491 2148 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:46:56.0569 2148 rdpbus - ok
22:46:57.0006 2148 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:46:57.0115 2148 RDPCDD - ok
22:46:57.0287 2148 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:46:57.0381 2148 RDPDR - ok
22:46:57.0521 2148 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:46:57.0615 2148 RDPENCDD - ok
22:46:57.0786 2148 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:46:57.0880 2148 RDPREFMP - ok
22:46:58.0020 2148 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
22:46:58.0129 2148 RDPWD - ok
22:46:58.0285 2148 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:46:58.0332 2148 rdyboost - ok
22:46:58.0597 2148 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:46:58.0691 2148 rspndr - ok
22:46:58.0878 2148 RTL8167 (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
22:46:58.0925 2148 RTL8167 - ok
22:46:59.0065 2148 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:46:59.0143 2148 s3cap - ok
22:46:59.0315 2148 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:46:59.0377 2148 sbp2port - ok
22:46:59.0502 2148 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:46:59.0580 2148 scfilter - ok
22:46:59.0799 2148 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:46:59.0892 2148 secdrv - ok
22:47:00.0111 2148 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:47:00.0157 2148 Serenum - ok
22:47:00.0251 2148 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:47:00.0313 2148 Serial - ok
22:47:00.0454 2148 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:47:00.0516 2148 sermouse - ok
22:47:00.0750 2148 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:47:00.0844 2148 sffdisk - ok
22:47:01.0000 2148 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:47:01.0047 2148 sffp_mmc - ok
22:47:01.0218 2148 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:47:01.0281 2148 sffp_sd - ok
22:47:01.0405 2148 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:47:01.0468 2148 sfloppy - ok
22:47:01.0655 2148 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:47:01.0702 2148 sisagp - ok
22:47:01.0842 2148 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:47:01.0873 2148 SiSRaid2 - ok
22:47:01.0967 2148 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:47:01.0998 2148 SiSRaid4 - ok
22:47:02.0139 2148 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:47:02.0232 2148 Smb - ok
22:47:02.0404 2148 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:47:02.0451 2148 spldr - ok
22:47:02.0685 2148 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:47:02.0778 2148 srv - ok
22:47:02.0934 2148 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:47:03.0012 2148 srv2 - ok
22:47:03.0168 2148 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:47:03.0215 2148 srvnet - ok
22:47:03.0387 2148 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys
22:47:03.0418 2148 SSPORT ( UnsignedFile.Multi.Generic ) - warning
22:47:03.0418 2148 SSPORT - detected UnsignedFile.Multi.Generic (1)
22:47:03.0527 2148 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:47:03.0574 2148 stexstor - ok
22:47:03.0745 2148 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:47:03.0792 2148 storflt - ok
22:47:03.0964 2148 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:47:04.0011 2148 storvsc - ok
22:47:04.0073 2148 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:47:04.0120 2148 swenum - ok
22:47:04.0463 2148 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
22:47:04.0603 2148 Tcpip - ok
22:47:04.0791 2148 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
22:47:04.0884 2148 TCPIP6 - ok
22:47:05.0025 2148 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:47:05.0118 2148 tcpipreg - ok
22:47:05.0290 2148 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:47:05.0383 2148 TDPIPE - ok
22:47:05.0477 2148 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
22:47:05.0586 2148 TDTCP - ok
22:47:05.0711 2148 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:47:05.0836 2148 tdx - ok
22:47:05.0976 2148 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:47:06.0007 2148 TermDD - ok
22:47:06.0319 2148 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:47:06.0413 2148 tssecsrv - ok
22:47:06.0912 2148 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:47:06.0990 2148 TsUsbFlt - ok
22:47:07.0193 2148 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:47:07.0287 2148 tunnel - ok
22:47:07.0427 2148 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:47:07.0474 2148 uagp35 - ok
22:47:07.0599 2148 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:47:07.0723 2148 udfs - ok
22:47:07.0926 2148 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:47:07.0973 2148 uliagpkx - ok
22:47:08.0113 2148 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:47:08.0191 2148 umbus - ok
22:47:08.0316 2148 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:47:08.0394 2148 UmPass - ok
22:47:08.0566 2148 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
22:47:08.0628 2148 usbccgp - ok
22:47:08.0769 2148 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:47:08.0847 2148 usbcir - ok
22:47:08.0987 2148 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
22:47:09.0081 2148 usbehci - ok
22:47:09.0237 2148 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
22:47:09.0330 2148 usbhub - ok
22:47:09.0471 2148 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
22:47:09.0517 2148 usbohci - ok
22:47:09.0611 2148 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:47:09.0658 2148 usbprint - ok
22:47:09.0798 2148 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
22:47:09.0861 2148 usbscan - ok
22:47:09.0970 2148 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:47:10.0048 2148 USBSTOR - ok
22:47:10.0204 2148 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
22:47:10.0266 2148 usbuhci - ok
22:47:10.0469 2148 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:47:10.0500 2148 vdrvroot - ok
22:47:10.0656 2148 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:47:10.0719 2148 vga - ok
22:47:10.0843 2148 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:47:10.0937 2148 VgaSave - ok
22:47:11.0077 2148 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:47:11.0124 2148 vhdmp - ok
22:47:11.0265 2148 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:47:11.0311 2148 viaagp - ok
22:47:11.0389 2148 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:47:11.0452 2148 ViaC7 - ok
22:47:11.0577 2148 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:47:11.0623 2148 viaide - ok
22:47:11.0717 2148 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:47:11.0764 2148 vmbus - ok
22:47:11.0904 2148 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:47:11.0967 2148 VMBusHID - ok
22:47:12.0060 2148 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:47:12.0107 2148 volmgr - ok
22:47:12.0232 2148 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:47:12.0279 2148 volmgrx - ok
22:47:12.0435 2148 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:47:12.0497 2148 volsnap - ok
22:47:12.0637 2148 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:47:12.0684 2148 vsmraid - ok
22:47:12.0856 2148 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
22:47:12.0918 2148 vwifibus - ok
22:47:13.0059 2148 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
22:47:13.0121 2148 vwififlt - ok
22:47:13.0308 2148 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:47:13.0371 2148 WacomPen - ok
22:47:13.0511 2148 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:47:13.0605 2148 WANARP - ok
22:47:13.0651 2148 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:47:13.0776 2148 Wanarpv6 - ok
22:47:14.0026 2148 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:47:14.0057 2148 Wd - ok
22:47:14.0166 2148 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:47:14.0244 2148 Wdf01000 - ok
22:47:14.0509 2148 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:47:14.0603 2148 WfpLwf - ok
22:47:14.0681 2148 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:47:14.0728 2148 WIMMount - ok
22:47:15.0024 2148 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:47:15.0087 2148 WinUsb - ok
22:47:15.0243 2148 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:47:15.0305 2148 WmiAcpi - ok
22:47:15.0570 2148 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:47:15.0664 2148 ws2ifsl - ok
22:47:15.0913 2148 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:47:16.0007 2148 WudfPf - ok
22:47:16.0179 2148 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:47:16.0288 2148 WUDFRd - ok
22:47:16.0459 2148 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:47:16.0553 2148 \Device\Harddisk0\DR0 - ok
22:47:16.0584 2148 Boot (0x1200) (46f03dc7dc8a4a057cd2cd7f02c80cf4) \Device\Harddisk0\DR0\Partition0
22:47:16.0584 2148 \Device\Harddisk0\DR0\Partition0 - ok
22:47:16.0647 2148 Boot (0x1200) (06286ae986186323448244b3f085f7cb) \Device\Harddisk0\DR0\Partition1
22:47:16.0662 2148 \Device\Harddisk0\DR0\Partition1 - ok
22:47:16.0678 2148 ============================================================
22:47:16.0678 2148 Scan finished
22:47:16.0678 2148 ============================================================
22:47:16.0756 1020 Detected object count: 1
22:47:16.0756 1020 Actual detected object count: 1
22:47:33.0604 1020 SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:33.0604 1020 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:48:53.0742 0476 Deinitialize success

[kasper]

na VT mi nešel zkopirovat odkaz tak jsem použil jinou službu
http://virusscan.jotti.org/cs/scanresul ... 819584f22a

[kasper]

tak se mi nakonec podařílo rozhodit VT
Antivirus results
AhnLab-V3 - 2011.12.10.00 - 2011.12.09 - -
AntiVir - 7.11.19.57 - 2011.12.09 - -
Antiy-AVL - 2.0.3.7 - 2011.12.10 - -
Avast - 6.0.1289.0 - 2011.12.10 - -
AVG - 10.0.0.1190 - 2011.12.10 - -
BitDefender - 7.2 - 2011.12.11 - -
ByteHero - 1.0.0.1 - 2011.12.07 - -
CAT-QuickHeal - 12.00 - 2011.12.10 - -
ClamAV - 0.97.3.0 - 2011.12.10 - -
Commtouch - 5.3.2.6 - 2011.12.10 - -
Comodo - 10913 - 2011.12.10 - -
DrWeb - 5.0.2.03300 - 2011.12.10 - -
Emsisoft - 5.1.0.11 - 2011.12.10 - -
eSafe - 7.0.17.0 - 2011.12.08 - -
eTrust-Vet - 37.0.9616 - 2011.12.09 - -
F-Prot - 4.6.5.141 - 2011.11.29 - -
F-Secure - 9.0.16440.0 - 2011.12.10 - -
Fortinet - 4.3.388.0 - 2011.12.10 - -
GData - 22 - 2011.12.10 - -
Ikarus - T3.1.1.109.0 - 2011.12.10 - -
Jiangmin - 13.0.900 - 2011.12.10 - -
K7AntiVirus - 9.119.5640 - 2011.12.09 - -
Kaspersky - 9.0.0.837 - 2011.12.10 - -
McAfee - 5.400.0.1158 - 2011.12.11 - -
McAfee-GW-Edition - 2010.1E - 2011.12.10 - -
Microsoft - 1.7903 - 2011.12.10 - -
NOD32 - 6691 - 2011.12.07 - -
Norman - 6.07.13 - 2011.12.10 - -
nProtect - 2011-12-10.03 - 2011.12.10 - -
Panda - 10.0.3.5 - 2011.12.10 - -
PCTools - 8.0.0.5 - 2011.12.11 - -
Prevx - 3.0 - 2011.12.11 - -
Rising - 23.87.03.02 - 2011.12.08 - -
Sophos - 4.72.0 - 2011.12.10 - -
SUPERAntiSpyware - 4.40.0.1006 - 2011.12.10 - -
Symantec - 20111.2.0.82 - 2011.12.10 - -
TheHacker - 6.7.0.1.355 - 2011.12.10 - -
TrendMicro - 9.500.0.1008 - 2011.12.10 - -
TrendMicro-HouseCall - 9.500.0.1008 - 2011.12.11 - -
VBA32 - 3.12.16.4 - 2011.12.09 - -
VIPRE - 11231 - 2011.12.10 - -
ViRobot - 2011.12.10.4819 - 2011.12.10 - -
VirusBuster - 14.1.109.0 - 2011.12.10 - -
File info:
MD5: ef3458337d7341a05169cefc73709264
SHA1: 3fe6a7a633e8bc9b4c87a32839ec48d805cb8ae7
SHA256: c9d0ae966cfa02f7b72586c2a6e2afa9818c9f4856a4e9625b79bc5a886fc193
File size: 5120 bytes
Scan date: 2011-12-10 23:21:07 (UTC)

a v druhem webu je tento soubor taky čisty

[kasper]

tady to je