policia SR virus

[gekonko]

dobry den, dostal sa mi do ruk ntb s tymto virom.
win: win xp 32bit home edition.

pouzil som v tomto poradi
rkill.com ,potom bez restartu
adwcleaner
tdsskiller
-nepomohlo
rkill.com
ccleaner
msconfig - vypol som je49b.dll , nejde vymazat
rsit

-teraz sa uz virus neprejavuje , prosim o kontrolu logu, v prilohe je screen z msconfig. dakujem!



vLogfile of random's system information tool 1.09 (written by random/random)
Run by Janka at 2013-05-30 17:58:50
WIN_XP Service Pack 3
System drive C: has 98 GB (32%) free of 305 GB
Total RAM: 3071 MB (75% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-306896455-1021164264-1928630839-1005Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-306896455-1021164264-1928630839-1005UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-306896455-1021164264-1928630839-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-306896455-1021164264-1928630839-1005UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{478ADBD5-5800-470D-BA18-CACD4BE3E595}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Profiles\4olmro8m.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1, noia2_option@kk.noia:3.76, {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2, {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313, {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.8, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, jqs@sun.com:1.0, youtubedownloader@mybrowserbar.com:4.3, {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, SearchToolbar@skywebsearch.com:3.8, search@helper:8.17, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, bkmrksync@nokia.com:1.0.0.732, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, wtxpcom@mybrowserbar.com:4.3, engine@conduit.com:3.3.3.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fe_7.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Profiles\4olmro8m.default\extensions\
noia2_option@kk.noia
SearchHelper
{20a82645-c095-46ed-80e3-08825760534b}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}

C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Profiles\4olmro8m.default\searchplugins\
aol-search.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2863E737-DD3F-4280-9AF8-E9E79C16F312}]
ShowBarObj Class - C:\Program Files\SaveTubeVideo.com\SaveTubeVideo\MinBHO.dll [2010-11-02 220672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-11 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-29 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-02-11 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-04-15 4529272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-02-11 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D7BE8ED1-B138-48FD-BB22-9779A39130B1}]
Search Result Optimizator - C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Profiles\4olmro8m.default\extensions\SearchHelper\SearchBHO.dll [2010-10-27 111616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-11 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-29 266240]
{F334C7B0-8774-4d5b-BD7A-4F448D03A1AE} - Save Tube Video - C:\Program Files\SaveTubeVideo.com\SaveTubeVideo\SaveTubeVideo.dll [2010-11-02 693248]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-02-11 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-09-10 16851968]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-20 57344]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2008-06-12 1454080]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe [2002-07-11 188416]
"Omnipage"=C:\Program Files\ScanSoft\OmniPageSE\opware32.exe [2002-06-03 49152]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-29 75136]
"NeroCheck"=C:\WINDOWS\system32\\NeroCheck.exe [2001-07-09 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-03 32768]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-09-12 36352]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-03-07 421160]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2008-08-24 4067328]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-08 39408]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2011-01-24 2200376]
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]
"Facebook Update"=C:\Documents and Settings\Janka\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-02-28 18642024]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\DOCUME~1\ALLUSE~1\APPLIC~1\rundll32.exe [2013-05-30 33280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Epson Stylus SX420W(Sieť)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [2009-09-14 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Epson Stylus SX420W(Sieť) (Kopírovať 1)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [2009-09-14 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX420W Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [2009-09-14 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Janka^Start Menu^Programs^Startup^msconfig.lnk]
C:\DOCUME~1\ALLUSE~1\APPLIC~1\je49b.dat [2013-04-30 176128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"McComponentHostService"=3
"iPod Service"=3
"ICQ Service"=2
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"Bonjour Service"=2
"Application Updater"=2
"Apple Mobile Device"=2
"ABBYY.Licensing.FineReader.Sprint.9.0"=2
"602XML Updater"=2
"BITS"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Documents and Settings\Janka\Start Menu\Programs\Startup
msconfig.lnk - C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-09-08 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\03661434.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\03661434.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe"="C:\Program Files\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe:*:Enabled:EpsonNet Setup"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Program Files\SaveTubeVideo.com\SaveTubeVideo\downloader.exe"="C:\Program Files\SaveTubeVideo.com\SaveTubeVideo\downloader.exe:*:Enabled:SaveTubeVideo"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite"
"C:\Documents and Settings\Janka\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Janka\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-05-30 17:59:43 ----D---- C:\Program Files\trend micro
2013-05-30 17:58:50 ----D---- C:\rsit
2013-05-30 17:24:32 ----A---- C:\Documents and Settings\All Users\Application Data\b94ej.js
2013-05-30 17:24:32 ----A---- C:\Documents and Settings\All Users\Application Data\as98213.txt
2013-05-30 17:24:00 ----A---- C:\Documents and Settings\All Users\Application Data\rundll32.exe
2013-05-30 17:03:41 ----A---- C:\TDSSKiller.2.8.16.0_30.05.2013_17.03.41_log.txt
2013-05-30 17:01:36 ----A---- C:\TDSSKiller.2.8.16.0_30.05.2013_17.01.36_log.txt
2013-05-30 16:51:13 ----A---- C:\TDSSKiller.2.8.16.0_30.05.2013_16.51.13_log.txt
2013-05-30 16:50:59 ----A---- C:\TDSSKiller.2.8.16.0_30.05.2013_16.50.59_log.txt
2013-05-30 16:44:15 ----A---- C:\AdwCleaner[S2].txt
2013-05-30 16:43:33 ----A---- C:\AdwCleaner[R2].txt
2013-05-30 16:29:06 ----A---- C:\AdwCleaner[S1].txt
2013-05-30 16:26:56 ----A---- C:\AdwCleaner[R1].txt
2013-05-01 15:00:30 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 month======

2013-05-30 17:59:43 ----D---- C:\Program Files
2013-05-30 17:58:48 ----D---- C:\WINDOWS\Prefetch
2013-05-30 17:58:16 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-30 17:46:26 ----D---- C:\WINDOWS\Temp
2013-05-30 17:46:13 ----D---- C:\WINDOWS
2013-05-30 17:45:35 ----HD---- C:\WINDOWS\inf
2013-05-30 17:22:28 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-05-30 17:06:07 ----A---- C:\WINDOWS\NeroDigital.ini
2013-05-30 17:04:15 ----D---- C:\WINDOWS\system32\drivers
2013-05-30 16:58:14 ----RASH---- C:\boot.ini
2013-05-30 16:58:14 ----A---- C:\WINDOWS\win.ini
2013-05-30 16:58:14 ----A---- C:\WINDOWS\system.ini
2013-05-30 16:38:51 ----D---- C:\WINDOWS\pss
2013-05-30 16:33:31 ----D---- C:\WINDOWS\system32
2013-05-30 16:29:18 ----D---- C:\Program Files\Common Files
2013-05-30 16:29:15 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2013-05-30 15:25:56 ----D---- C:\Documents and Settings
2013-05-05 19:53:51 ----D---- C:\Program Files\Mozilla Firefox
2013-05-05 19:48:28 ----D---- C:\Documents and Settings\Janka\Application Data\Skype
2013-05-04 00:36:42 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2013-05-01 15:00:35 ----SHD---- C:\WINDOWS\Installer
2013-05-01 15:00:35 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2013-05-01 15:00:34 ----SHD---- C:\Config.Msi
2013-05-01 15:00:30 ----RD---- C:\Program Files\Skype
2013-05-01 14:58:52 ----D---- C:\Documents and Settings\Janka\Application Data\Winamp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-27 75096]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2008-05-14 64000]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-06-28 1315776]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-09-08 3300864]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2011-12-07 73216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-09-10 4813824]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
R3 RTSTOR;USB Mass Storage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2008-01-17 47360]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2008-03-03 43392]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2008-06-12 1097856]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2008-03-25 41472]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys []
S3 atikmdag;atikmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2008-09-08 3929600]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2011-12-07 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2011-12-07 11136]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2011-12-07 235392]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2011-12-07 194816]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-05-09 47360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2008-04-24 131712]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2007-11-29 36608]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2008-03-19 74112]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2008-01-23 54144]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2008-06-27 41728]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 Ati External Event Utility;Ati External Event Utility; C:\WINDOWS\system32\Ati2evxx.exe [2008-09-08 573440]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-09-08 573440]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 HWDeviceService.exe;HWDeviceService.exe; C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-03-11 170912]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-05-23 120168]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S2 Micro Star SCM;Micro Star SCM; C:\Program Files\System Control Manager\MSIService.exe []
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [2011-12-07 246112]
S2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-20 253656]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-30 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-29 89136]
S4 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-20 133104]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-20 133104]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-03-07 820520]
S4 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-30 132096]
S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

[gekonko]

Takze virus tam stale je, tam znova vyskocilo to okno policia sr..

posledny log z tdss je v prilohe, idem na ten combofix a doplnim to

[gekonko]

16:50:59.0093 4004 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:50:59.0109 4004 ============================================================
16:50:59.0109 4004 Current date / time: 2013/05/30 16:50:59.0109
16:50:59.0109 4004 SystemInfo:
16:50:59.0109 4004
16:50:59.0109 4004 OS Version: 5.1.2600 ServicePack: 3.0
16:50:59.0109 4004 Product type: Workstation
16:50:59.0109 4004 ComputerName: JANA
16:50:59.0109 4004 UserName: Janka
16:50:59.0109 4004 Windows directory: C:\WINDOWS
16:50:59.0109 4004 System windows directory: C:\WINDOWS
16:50:59.0109 4004 Processor architecture: Intel x86
16:50:59.0109 4004 Number of processors: 2
16:50:59.0109 4004 Page size: 0x1000
16:50:59.0109 4004 Boot type: Normal boot
16:50:59.0109 4004 ============================================================
16:51:00.0812 4004 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:51:00.0812 4004 Drive \Device\Harddisk1\DR2 - Size: 0x39D000000 (14.45 Gb), SectorSize: 0x200, Cylinders: 0x75E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:51:00.0812 4004 ============================================================
16:51:00.0812 4004 \Device\Harddisk0\DR0:
16:51:00.0812 4004 MBR partitions:
16:51:00.0812 4004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
16:51:00.0812 4004 \Device\Harddisk1\DR2:
16:51:00.0812 4004 MBR partitions:
16:51:00.0812 4004 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F00, BlocksNum 0x1CE4100
16:51:00.0812 4004 ============================================================
16:51:00.0859 4004 C: <-> \Device\Harddisk0\DR0\Partition1
16:51:00.0859 4004 ============================================================
16:51:00.0859 4004 Initialize success
16:51:00.0859 4004 ============================================================
16:51:03.0687 3992 Deinitialize success




16:51:13.0671 2784 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:51:13.0687 2784 ============================================================
16:51:13.0687 2784 Current date / time: 2013/05/30 16:51:13.0687
16:51:13.0687 2784 SystemInfo:
16:51:13.0687 2784
16:51:13.0687 2784 OS Version: 5.1.2600 ServicePack: 3.0
16:51:13.0687 2784 Product type: Workstation
16:51:13.0687 2784 ComputerName: JANA
16:51:13.0687 2784 UserName: Janka
16:51:13.0687 2784 Windows directory: C:\WINDOWS
16:51:13.0687 2784 System windows directory: C:\WINDOWS
16:51:13.0687 2784 Processor architecture: Intel x86
16:51:13.0687 2784 Number of processors: 2
16:51:13.0687 2784 Page size: 0x1000
16:51:13.0687 2784 Boot type: Normal boot
16:51:13.0687 2784 ============================================================
16:51:15.0093 2784 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:51:15.0125 2784 Drive \Device\Harddisk1\DR2 - Size: 0x39D000000 (14.45 Gb), SectorSize: 0x200, Cylinders: 0x75E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:51:15.0125 2784 ============================================================
16:51:15.0125 2784 \Device\Harddisk0\DR0:
16:51:15.0125 2784 MBR partitions:
16:51:15.0125 2784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
16:51:15.0125 2784 \Device\Harddisk1\DR2:
16:51:15.0125 2784 MBR partitions:
16:51:15.0125 2784 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F00, BlocksNum 0x1CE4100
16:51:15.0125 2784 ============================================================
16:51:15.0156 2784 C: <-> \Device\Harddisk0\DR0\Partition1
16:51:15.0156 2784 ============================================================
16:51:15.0156 2784 Initialize success
16:51:15.0156 2784 ============================================================
16:58:33.0625 3708 Deinitialize success




17:01:36.0343 0140 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:01:36.0359 0140 ============================================================
17:01:36.0359 0140 Current date / time: 2013/05/30 17:01:36.0359
17:01:36.0359 0140 SystemInfo:
17:01:36.0359 0140
17:01:36.0359 0140 OS Version: 5.1.2600 ServicePack: 3.0
17:01:36.0359 0140 Product type: Workstation
17:01:36.0359 0140 ComputerName: JANA
17:01:36.0359 0140 UserName: Janka
17:01:36.0359 0140 Windows directory: C:\WINDOWS
17:01:36.0359 0140 System windows directory: C:\WINDOWS
17:01:36.0359 0140 Processor architecture: Intel x86
17:01:36.0359 0140 Number of processors: 2
17:01:36.0359 0140 Page size: 0x1000
17:01:36.0359 0140 Boot type: Normal boot
17:01:36.0359 0140 ============================================================
17:01:37.0750 0140 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:01:37.0750 0140 Drive \Device\Harddisk1\DR2 - Size: 0x39D000000 (14.45 Gb), SectorSize: 0x200, Cylinders: 0x75E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:01:37.0750 0140 ============================================================
17:01:37.0750 0140 \Device\Harddisk0\DR0:
17:01:37.0750 0140 MBR partitions:
17:01:37.0750 0140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
17:01:37.0750 0140 \Device\Harddisk1\DR2:
17:01:37.0750 0140 MBR partitions:
17:01:37.0750 0140 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F00, BlocksNum 0x1CE4100
17:01:37.0750 0140 ============================================================
17:01:37.0796 0140 C: <-> \Device\Harddisk0\DR0\Partition1
17:01:37.0796 0140 ============================================================
17:01:37.0796 0140 Initialize success
17:01:37.0796 0140 ============================================================
17:01:39.0171 0456 ============================================================
17:01:39.0171 0456 Scan started
17:01:39.0171 0456 Mode: Manual;
17:01:39.0171 0456 ============================================================
17:01:40.0109 0456 ================ Scan system memory ========================
17:01:40.0109 0456 System memory - ok
17:01:40.0109 0456 ================ Scan services =============================
17:01:40.0359 0456 [ EBD7BD25C1D33B10D2251194C300EE85 ] 602XML Updater C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
17:01:40.0359 0456 602XML Updater - ok
17:01:40.0437 0456 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
17:01:40.0484 0456 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
17:01:40.0734 0456 Abiosdsk - ok
17:01:40.0750 0456 abp480n5 - ok
17:01:40.0828 0456 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:01:40.0828 0456 ACPI - ok
17:01:40.0859 0456 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:01:40.0859 0456 ACPIEC - ok
17:01:40.0968 0456 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:01:40.0968 0456 AdobeFlashPlayerUpdateSvc - ok
17:01:40.0968 0456 adpu160m - ok
17:01:41.0000 0456 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:01:41.0000 0456 aec - ok
17:01:41.0062 0456 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:01:41.0062 0456 AFD - ok
17:01:41.0062 0456 Aha154x - ok
17:01:41.0078 0456 aic78u2 - ok
17:01:41.0093 0456 aic78xx - ok
17:01:41.0140 0456 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:01:41.0156 0456 Alerter - ok
17:01:41.0187 0456 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
17:01:41.0187 0456 ALG - ok
17:01:41.0187 0456 AliIde - ok
17:01:41.0203 0456 amsint - ok
17:01:41.0312 0456 [ D6C8942BEA3698A2E7559BD423BFA5D7 ] AntiVirScheduler C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
17:01:41.0312 0456 AntiVirScheduler - ok
17:01:41.0375 0456 [ 335A142923FE7F97E8C8388ACD067568 ] AntiVirService C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
17:01:41.0375 0456 AntiVirService - ok
17:01:41.0484 0456 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:01:41.0484 0456 Apple Mobile Device - ok
17:01:41.0500 0456 AppMgmt - ok
17:01:41.0609 0456 [ 1BA565F1E58E271C6AD6B21A4F181CA4 ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
17:01:41.0718 0456 AR5416 - ok
17:01:41.0718 0456 asc - ok
17:01:41.0750 0456 asc3350p - ok
17:01:41.0781 0456 asc3550 - ok
17:01:41.0906 0456 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:01:41.0906 0456 aspnet_state - ok
17:01:41.0953 0456 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:01:41.0953 0456 AsyncMac - ok
17:01:41.0968 0456 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:01:41.0968 0456 atapi - ok
17:01:41.0984 0456 Atdisk - ok
17:01:42.0062 0456 [ CDAB62EF8EA3F0E420CB85F181F89E84 ] Ati External Event Utility C:\WINDOWS\system32\Ati2evxx.exe
17:01:42.0062 0456 Ati External Event Utility - ok
17:01:42.0093 0456 [ CDAB62EF8EA3F0E420CB85F181F89E84 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:01:42.0093 0456 Ati HotKey Poller - ok
17:01:42.0218 0456 [ 89EE422B15591B4DFAB69486983E091C ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:01:42.0265 0456 ati2mtag - ok
17:01:42.0546 0456 [ AF8719EC4C3B3BCCA31C3F2A8E762B39 ] atikmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
17:01:42.0734 0456 atikmdag - ok
17:01:42.0765 0456 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:01:42.0781 0456 Atmarpc - ok
17:01:42.0843 0456 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:01:42.0843 0456 AudioSrv - ok
17:01:42.0890 0456 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:01:42.0906 0456 audstub - ok
17:01:42.0906 0456 [ AFA456A6210ABE5798561A5758517340 ] avgio C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
17:01:42.0906 0456 avgio - ok
17:01:42.0968 0456 [ 906F73C4F6B8BA5DAABC41A1F04CECFE ] avgntflt C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
17:01:42.0984 0456 avgntflt - ok
17:01:43.0000 0456 [ BDB37B3B217F5181A5BC129C50844F98 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:01:43.0000 0456 avipbb - ok
17:01:43.0062 0456 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:01:43.0062 0456 Beep - ok
17:01:43.0125 0456 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
17:01:43.0125 0456 BITS - ok
17:01:43.0234 0456 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:01:43.0265 0456 Bonjour Service - ok
17:01:43.0296 0456 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
17:01:43.0296 0456 Browser - ok
17:01:43.0343 0456 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:01:43.0343 0456 cbidf2k - ok
17:01:43.0375 0456 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:01:43.0375 0456 CCDECODE - ok
17:01:43.0390 0456 cd20xrnt - ok
17:01:43.0421 0456 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:01:43.0421 0456 Cdaudio - ok
17:01:43.0437 0456 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:01:43.0437 0456 Cdfs - ok
17:01:43.0453 0456 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:01:43.0453 0456 Cdrom - ok
17:01:43.0468 0456 Changer - ok
17:01:43.0515 0456 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:01:43.0515 0456 CiSvc - ok
17:01:43.0531 0456 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:01:43.0531 0456 ClipSrv - ok
17:01:43.0578 0456 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:01:43.0578 0456 clr_optimization_v2.0.50727_32 - ok
17:01:43.0640 0456 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:01:43.0640 0456 CmBatt - ok
17:01:43.0640 0456 CmdIde - ok
17:01:43.0656 0456 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:01:43.0656 0456 Compbatt - ok
17:01:43.0671 0456 COMSysApp - ok
17:01:43.0703 0456 Cpqarray - ok
17:01:43.0718 0456 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:01:43.0718 0456 CryptSvc - ok
17:01:43.0718 0456 dac2w2k - ok
17:01:43.0734 0456 dac960nt - ok
17:01:43.0812 0456 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:01:43.0812 0456 DcomLaunch - ok
17:01:43.0828 0456 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:01:43.0828 0456 Dhcp - ok
17:01:43.0843 0456 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:01:43.0843 0456 Disk - ok
17:01:43.0843 0456 dmadmin - ok
17:01:43.0906 0456 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:01:43.0906 0456 dmboot - ok
17:01:43.0921 0456 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:01:43.0921 0456 dmio - ok
17:01:43.0968 0456 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:01:43.0968 0456 dmload - ok
17:01:43.0984 0456 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:01:44.0000 0456 dmserver - ok
17:01:44.0000 0456 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:01:44.0000 0456 DMusic - ok
17:01:44.0046 0456 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:01:44.0046 0456 Dnscache - ok
17:01:44.0093 0456 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:01:44.0093 0456 Dot3svc - ok
17:01:44.0109 0456 dpti2o - ok
17:01:44.0140 0456 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:01:44.0140 0456 drmkaud - ok
17:01:44.0171 0456 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:01:44.0187 0456 EapHost - ok
17:01:44.0281 0456 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
17:01:44.0281 0456 EpsonBidirectionalService - ok
17:01:44.0343 0456 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:01:44.0343 0456 ERSvc - ok
17:01:44.0406 0456 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
17:01:44.0406 0456 Eventlog - ok
17:01:44.0468 0456 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
17:01:44.0468 0456 EventSystem - ok
17:01:44.0531 0456 [ FB54F67974D13D73BE3E2F1DF042D295 ] ewusbnet C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
17:01:44.0546 0456 ewusbnet - ok
17:01:44.0562 0456 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
17:01:44.0578 0456 ew_hwusbdev - ok
17:01:44.0593 0456 [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys
17:01:44.0593 0456 ew_usbenumfilter - ok
17:01:44.0656 0456 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:01:44.0656 0456 Fastfat - ok
17:01:44.0703 0456 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:01:44.0703 0456 FastUserSwitchingCompatibility - ok
17:01:44.0718 0456 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:01:44.0718 0456 Fdc - ok
17:01:44.0718 0456 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:01:44.0734 0456 Fips - ok
17:01:44.0750 0456 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:01:44.0750 0456 Flpydisk - ok
17:01:44.0812 0456 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:01:44.0812 0456 FltMgr - ok
17:01:44.0906 0456 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:01:44.0906 0456 FontCache3.0.0.0 - ok
17:01:44.0921 0456 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:01:44.0921 0456 Fs_Rec - ok
17:01:44.0937 0456 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:01:44.0937 0456 Ftdisk - ok
17:01:44.0968 0456 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:01:44.0968 0456 GEARAspiWDM - ok
17:01:45.0015 0456 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:01:45.0015 0456 Gpc - ok
17:01:45.0093 0456 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:01:45.0093 0456 gupdate - ok
17:01:45.0093 0456 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:01:45.0093 0456 gupdatem - ok
17:01:45.0171 0456 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:01:45.0187 0456 gusvc - ok
17:01:45.0234 0456 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:01:45.0234 0456 HDAudBus - ok
17:01:45.0328 0456 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:01:45.0328 0456 helpsvc - ok
17:01:45.0343 0456 HidServ - ok
17:01:45.0484 0456 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:01:45.0484 0456 HidUsb - ok
17:01:45.0593 0456 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:01:45.0609 0456 hkmsvc - ok
17:01:45.0625 0456 hpn - ok
17:01:45.0718 0456 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:01:45.0718 0456 HTTP - ok
17:01:45.0812 0456 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:01:45.0828 0456 HTTPFilter - ok
17:01:45.0921 0456 [ F44461E66F1B7DD267957FE9BAA63ED0 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
17:01:45.0953 0456 huawei_enumerator - ok
17:01:46.0031 0456 [ B50E1D8627354BA8E4DF83470F1272C8 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
17:01:46.0125 0456 hwdatacard - ok
17:01:46.0296 0456 [ 5EF3427AE503B5C03A48F7C9FF458B69 ] HWDeviceService.exe C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
17:01:46.0296 0456 HWDeviceService.exe - ok
17:01:46.0328 0456 hwusbdev - ok
17:01:46.0375 0456 i2omgmt - ok
17:01:46.0375 0456 i2omp - ok
17:01:46.0437 0456 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:01:46.0437 0456 i8042prt - ok
17:01:46.0531 0456 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:01:46.0593 0456 idsvc - ok
17:01:46.0640 0456 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:01:46.0640 0456 Imapi - ok
17:01:46.0703 0456 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:01:46.0703 0456 ImapiService - ok
17:01:46.0718 0456 ini910u - ok
17:01:46.0937 0456 [ 053517D1BCADF00BEDB21FB7218C8F33 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:01:46.0984 0456 IntcAzAudAddService - ok
17:01:47.0000 0456 IntelIde - ok
17:01:47.0078 0456 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:01:47.0078 0456 intelppm - ok
17:01:47.0109 0456 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:01:47.0109 0456 Ip6Fw - ok
17:01:47.0140 0456 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:01:47.0140 0456 IpFilterDriver - ok
17:01:47.0140 0456 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:01:47.0140 0456 IpInIp - ok
17:01:47.0171 0456 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:01:47.0171 0456 IpNat - ok
17:01:47.0250 0456 [ 9033D67B7112D23EDED6789BACDED128 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:01:47.0328 0456 iPod Service - ok
17:01:47.0359 0456 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:01:47.0359 0456 IPSec - ok
17:01:47.0390 0456 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:01:47.0390 0456 IRENUM - ok
17:01:47.0437 0456 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:01:47.0437 0456 isapnp - ok
17:01:47.0562 0456 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
17:01:47.0578 0456 JavaQuickStarterService - ok
17:01:47.0593 0456 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:01:47.0593 0456 Kbdclass - ok
17:01:47.0609 0456 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:01:47.0609 0456 kmixer - ok
17:01:47.0656 0456 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:01:47.0656 0456 KSecDD - ok
17:01:47.0703 0456 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:01:47.0703 0456 lanmanserver - ok
17:01:47.0750 0456 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:01:47.0765 0456 lanmanworkstation - ok
17:01:47.0765 0456 lbrtfdc - ok
17:01:47.0843 0456 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:01:47.0843 0456 LmHosts - ok
17:01:47.0953 0456 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
17:01:47.0984 0456 McComponentHostService - ok
17:01:48.0078 0456 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:01:48.0093 0456 MDM - ok
17:01:48.0125 0456 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:01:48.0125 0456 Messenger - ok
17:01:48.0140 0456 Micro Star SCM - ok
17:01:48.0187 0456 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:01:48.0187 0456 mnmdd - ok
17:01:48.0218 0456 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:01:48.0218 0456 mnmsrvc - ok
17:01:48.0312 0456 [ 1CE0621B591913C12BECAA5B50E88BB2 ] Mobile Partner. RunOuc C:\Program Files\Mobile Partner\UpdateDog\ouc.exe
17:01:48.0312 0456 Mobile Partner. RunOuc - ok
17:01:48.0359 0456 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:01:48.0359 0456 Modem - ok
17:01:48.0375 0456 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:01:48.0375 0456 Mouclass - ok
17:01:48.0406 0456 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:01:48.0406 0456 mouhid - ok
17:01:48.0437 0456 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:01:48.0437 0456 MountMgr - ok
17:01:48.0437 0456 mraid35x - ok
17:01:48.0453 0456 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:01:48.0453 0456 MRxDAV - ok
17:01:48.0515 0456 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:01:48.0531 0456 MRxSmb - ok
17:01:48.0562 0456 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:01:48.0562 0456 MSDTC - ok
17:01:48.0578 0456 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:01:48.0578 0456 Msfs - ok
17:01:48.0593 0456 MSIServer - ok
17:01:48.0625 0456 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:01:48.0625 0456 MSKSSRV - ok
17:01:48.0656 0456 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:01:48.0656 0456 MSPCLOCK - ok
17:01:48.0687 0456 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:01:48.0687 0456 MSPQM - ok
17:01:48.0718 0456 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:01:48.0718 0456 mssmbios - ok
17:01:48.0718 0456 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:01:48.0734 0456 MSTEE - ok
17:01:48.0796 0456 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:01:48.0796 0456 Mup - ok
17:01:48.0796 0456 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:01:48.0812 0456 NABTSFEC - ok
17:01:48.0890 0456 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:01:48.0921 0456 napagent - ok
17:01:49.0031 0456 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
17:01:49.0046 0456 NBService - ok
17:01:49.0078 0456 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:01:49.0078 0456 NDIS - ok
17:01:49.0125 0456 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:01:49.0125 0456 NdisIP - ok
17:01:49.0171 0456 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:01:49.0171 0456 NdisTapi - ok
17:01:49.0187 0456 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:01:49.0187 0456 Ndisuio - ok
17:01:49.0203 0456 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:01:49.0203 0456 NdisWan - ok
17:01:49.0265 0456 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:01:49.0265 0456 NDProxy - ok
17:01:49.0281 0456 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:01:49.0281 0456 NetBIOS - ok
17:01:49.0296 0456 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:01:49.0312 0456 NetBT - ok
17:01:49.0343 0456 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
17:01:49.0359 0456 NetDDE - ok
17:01:49.0359 0456 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:01:49.0375 0456 NetDDEdsdm - ok
17:01:49.0406 0456 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:01:49.0406 0456 Netlogon - ok
17:01:49.0421 0456 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
17:01:49.0421 0456 Netman - ok
17:01:49.0484 0456 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:01:49.0500 0456 NetTcpPortSharing - ok
17:01:49.0500 0456 NishService - ok
17:01:49.0562 0456 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
17:01:49.0562 0456 Nla - ok
17:01:49.0687 0456 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
17:01:49.0687 0456 NMIndexingService - ok
17:01:49.0765 0456 [ B0A67DE1A128389AEA4D42C5A56215FD ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
17:01:49.0765 0456 nmwcd - ok
17:01:50.0000 0456 [ 025C54F9F8C8BC1894EA38529C742C54 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
17:01:50.0015 0456 nmwcdc - ok
17:01:50.0031 0456 NPF - ok
17:01:50.0125 0456 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:01:50.0125 0456 Npfs - ok
17:01:50.0187 0456 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:01:50.0187 0456 Ntfs - ok
17:01:50.0218 0456 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:01:50.0218 0456 NtLmSsp - ok
17:01:50.0375 0456 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:01:50.0375 0456 NtmsSvc - ok
17:01:50.0406 0456 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:01:50.0406 0456 Null - ok
17:01:50.0484 0456 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:01:50.0484 0456 NwlnkFlt - ok
17:01:50.0500 0456 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:01:50.0500 0456 NwlnkFwd - ok
17:01:50.0562 0456 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:01:50.0578 0456 ose - ok
17:01:50.0625 0456 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
17:01:50.0625 0456 Parport - ok
17:01:50.0656 0456 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:01:50.0671 0456 PartMgr - ok
17:01:50.0750 0456 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:01:50.0750 0456 ParVdm - ok
17:01:50.0796 0456 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:01:50.0828 0456 pccsmcfd - ok
17:01:50.0828 0456 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:01:50.0828 0456 PCI - ok
17:01:50.0843 0456 PCIDump - ok
17:01:50.0906 0456 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:01:50.0921 0456 PCIIde - ok
17:01:50.0968 0456 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:01:50.0968 0456 Pcmcia - ok
17:01:51.0000 0456 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
17:01:51.0015 0456 pcouffin - ok
17:01:51.0031 0456 PDCOMP - ok
17:01:51.0031 0456 PDFRAME - ok
17:01:51.0046 0456 PDRELI - ok
17:01:51.0062 0456 PDRFRAME - ok
17:01:51.0062 0456 perc2 - ok
17:01:51.0078 0456 perc2hib - ok
17:01:51.0156 0456 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
17:01:51.0156 0456 PlugPlay - ok
17:01:51.0203 0456 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:01:51.0203 0456 PolicyAgent - ok
17:01:51.0250 0456 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:01:51.0265 0456 PptpMiniport - ok
17:01:51.0265 0456 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:01:51.0265 0456 ProtectedStorage - ok
17:01:51.0281 0456 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:01:51.0281 0456 PSched - ok
17:01:51.0328 0456 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:01:51.0328 0456 Ptilink - ok
17:01:51.0375 0456 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:01:51.0375 0456 PxHelp20 - ok
17:01:51.0390 0456 ql1080 - ok
17:01:51.0390 0456 Ql10wnt - ok
17:01:51.0406 0456 ql12160 - ok
17:01:51.0421 0456 ql1240 - ok
17:01:51.0437 0456 ql1280 - ok
17:01:51.0468 0456 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:01:51.0468 0456 RasAcd - ok
17:01:51.0500 0456 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:01:51.0515 0456 RasAuto - ok
17:01:51.0546 0456 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:01:51.0546 0456 Rasl2tp - ok
17:01:51.0609 0456 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:01:51.0609 0456 RasMan - ok
17:01:51.0625 0456 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:01:51.0625 0456 RasPppoe - ok
17:01:51.0625 0456 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:01:51.0625 0456 Raspti - ok
17:01:51.0656 0456 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:01:51.0656 0456 Rdbss - ok
17:01:51.0718 0456 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:01:51.0718 0456 RDPCDD - ok
17:01:51.0781 0456 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:01:51.0781 0456 RDPWD - ok
17:01:51.0796 0456 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:01:51.0796 0456 RDSessMgr - ok
17:01:51.0843 0456 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:01:51.0843 0456 redbook - ok
17:01:51.0859 0456 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:01:51.0875 0456 RemoteAccess - ok
17:01:51.0906 0456 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
17:01:51.0906 0456 ROOTMODEM - ok
17:01:51.0921 0456 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
17:01:51.0921 0456 RpcLocator - ok
17:01:51.0968 0456 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:01:51.0968 0456 RpcSs - ok
17:01:51.0968 0456 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:01:51.0984 0456 RSVP - ok
17:01:52.0031 0456 [ E3939D5D17E3798E52D1C24A81FD70CC ] RTSTOR C:\WINDOWS\system32\drivers\RTSTOR.SYS
17:01:52.0046 0456 RTSTOR - ok
17:01:52.0062 0456 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
17:01:52.0062 0456 SamSs - ok
17:01:52.0078 0456 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:01:52.0078 0456 SCardSvr - ok
17:01:52.0140 0456 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:01:52.0140 0456 Schedule - ok
17:01:52.0187 0456 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:01:52.0187 0456 Secdrv - ok
17:01:52.0218 0456 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:01:52.0234 0456 seclogon - ok
17:01:52.0250 0456 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
17:01:52.0250 0456 SENS - ok
17:01:52.0265 0456 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
17:01:52.0265 0456 Serial - ok
17:01:52.0390 0456 [ 668043F192AB9659761A349A4703600D ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:01:52.0406 0456 ServiceLayer - ok
17:01:52.0515 0456 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:01:52.0515 0456 Sfloppy - ok
17:01:52.0718 0456 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:01:52.0734 0456 SharedAccess - ok
17:01:52.0765 0456 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:01:52.0765 0456 ShellHWDetection - ok
17:01:52.0781 0456 Simbad - ok
17:01:52.0859 0456 [ A86E52C55DE3488B3FC0FF2B8AD711BF ] SiSGbeXP C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys
17:01:52.0875 0456 SiSGbeXP - ok
17:01:53.0093 0456 [ 0C1B2E3A897397738D9F81CD3D152AF0 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:01:53.0125 0456 Skype C2C Service - ok
17:01:53.0250 0456 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:01:53.0312 0456 SkypeUpdate - ok
17:01:53.0343 0456 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:01:53.0343 0456 SLIP - ok
17:01:53.0406 0456 [ 5E62BA073C90E6C9D4EA199D6080F919 ] smserial C:\WINDOWS\system32\DRIVERS\smserial.sys
17:01:53.0468 0456 smserial - ok
17:01:53.0484 0456 Sparrow - ok
17:01:53.0546 0456 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:01:53.0546 0456 splitter - ok
17:01:53.0609 0456 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:01:53.0609 0456 Spooler - ok
17:01:53.0625 0456 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:01:53.0625 0456 sr - ok
17:01:53.0687 0456 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
17:01:53.0687 0456 srservice - ok
17:01:53.0750 0456 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:01:53.0750 0456 Srv - ok
17:01:53.0765 0456 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:01:53.0765 0456 SSDPSRV - ok
17:01:53.0828 0456 [ 3D2829FDE1C52FC64DA5413889CE4DEE ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:01:53.0828 0456 ssmdrv - ok
17:01:53.0890 0456 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:01:53.0890 0456 stisvc - ok
17:01:53.0968 0456 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:01:53.0968 0456 streamip - ok
17:01:53.0984 0456 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:01:53.0984 0456 swenum - ok
17:01:54.0000 0456 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:01:54.0000 0456 swmidi - ok
17:01:54.0015 0456 SwPrv - ok
17:01:54.0031 0456 symc810 - ok
17:01:54.0046 0456 symc8xx - ok
17:01:54.0062 0456 sym_hi - ok
17:01:54.0062 0456 sym_u3 - ok
17:01:54.0109 0456 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:01:54.0109 0456 sysaudio - ok
17:01:54.0156 0456 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:01:54.0156 0456 SysmonLog - ok
17:01:54.0187 0456 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:01:54.0187 0456 TapiSrv - ok
17:01:54.0296 0456 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:01:54.0296 0456 Tcpip - ok
17:01:54.0343 0456 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:01:54.0343 0456 TDPIPE - ok
17:01:54.0359 0456 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:01:54.0359 0456 TDTCP - ok
17:01:54.0390 0456 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:01:54.0390 0456 TermDD - ok
17:01:54.0421 0456 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
17:01:54.0421 0456 TermService - ok
17:01:54.0484 0456 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
17:01:54.0484 0456 Themes - ok
17:01:54.0796 0456 [ D9A627A7F98C3E1A47EC7D8724F06C4F ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
17:01:54.0796 0456 TOSHIBA Bluetooth Service - ok
17:01:54.0812 0456 TosIde - ok
17:01:54.0890 0456 [ 2C15B4856F929AC7DD144044D8334B54 ] tosporte C:\WINDOWS\system32\DRIVERS\tosporte.sys
17:01:54.0890 0456 tosporte - ok
17:01:54.0921 0456 [ CD6E9C27ADC6B37B0B3DF29CC83E15A7 ] tosrfbd C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
17:01:54.0921 0456 tosrfbd - ok
17:01:54.0937 0456 [ 181E217A7A326817D97946D045B3CB46 ] tosrfbnp C:\WINDOWS\system32\Drivers\tosrfbnp.sys
17:01:54.0937 0456 tosrfbnp - ok
17:01:54.0984 0456 [ 4579B035AE3AC8044DF72621AF734894 ] Tosrfcom C:\WINDOWS\system32\Drivers\tosrfcom.sys
17:01:54.0984 0456 Tosrfcom - ok
17:01:55.0000 0456 [ D3F87C46C7C9E5DB99FBD3D17121B891 ] Tosrfhid C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
17:01:55.0015 0456 Tosrfhid - ok
17:01:55.0015 0456 [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
17:01:55.0015 0456 tosrfnds - ok
17:01:55.0046 0456 [ 156D63F6898E4D95F2962F2B72862868 ] TosRfSnd C:\WINDOWS\system32\drivers\tosrfsnd.sys
17:01:55.0062 0456 TosRfSnd - ok
17:01:55.0109 0456 [ F6680C77BE134C81CC67F91986022701 ] Tosrfusb C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
17:01:55.0109 0456 Tosrfusb - ok
17:01:55.0156 0456 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:01:55.0171 0456 TrkWks - ok
17:01:55.0187 0456 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:01:55.0187 0456 Udfs - ok
17:01:55.0203 0456 ultra - ok
17:01:55.0234 0456 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:01:55.0234 0456 Update - ok
17:01:55.0265 0456 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:01:55.0265 0456 upnphost - ok
17:01:55.0328 0456 [ 78B74AF8727A28C128E164E9B53A5413 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
17:01:55.0328 0456 upperdev - ok
17:01:55.0359 0456 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
17:01:55.0359 0456 UPS - ok
17:01:55.0390 0456 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:01:55.0390 0456 usbccgp - ok
17:01:55.0406 0456 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:01:55.0406 0456 usbehci - ok
17:01:55.0437 0456 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:01:55.0437 0456 usbhub - ok
17:01:55.0437 0456 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:01:55.0453 0456 usbohci - ok
17:01:55.0484 0456 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:01:55.0484 0456 usbprint - ok
17:01:55.0546 0456 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:01:55.0546 0456 usbscan - ok
17:01:55.0593 0456 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
17:01:55.0593 0456 usbser - ok
17:01:55.0640 0456 [ 4F8FBC51A1C0A17310846B417A447F91 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
17:01:55.0656 0456 UsbserFilt - ok
17:01:55.0656 0456 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:01:55.0656 0456 usbstor - ok
17:01:55.0703 0456 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
17:01:55.0718 0456 usbvideo - ok
17:01:55.0765 0456 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:01:55.0765 0456 VgaSave - ok
17:01:55.0765 0456 ViaIde - ok
17:01:55.0828 0456 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:01:55.0828 0456 VolSnap - ok
17:01:55.0890 0456 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
17:01:55.0906 0456 VSS - ok
17:01:55.0921 0456 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
17:01:55.0921 0456 W32Time - ok
17:01:55.0953 0456 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:01:55.0953 0456 Wanarp - ok
17:01:56.0015 0456 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
17:01:56.0031 0456 Wdf01000 - ok
17:01:56.0046 0456 WDICA - ok
17:01:56.0062 0456 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:01:56.0062 0456 wdmaud - ok
17:01:56.0078 0456 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:01:56.0093 0456 WebClient - ok
17:01:56.0156 0456 [ 3344BE084826C22E44EF51CF3D756EA8 ] winmgmt C:\DOCUME~1\ALLUSE~1\APPLIC~1\je49b.dat
17:01:56.0156 0456 winmgmt - ok
17:01:56.0203 0456 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:01:56.0203 0456 WmdmPmSN - ok
17:01:56.0203 0456 WmiAcpi - ok
17:01:56.0296 0456 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:01:56.0296 0456 WmiApSrv - ok
17:01:56.0375 0456 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:01:56.0453 0456 WMPNetworkSvc - ok
17:01:56.0484 0456 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:01:56.0484 0456 WpdUsb - ok
17:01:56.0562 0456 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:01:56.0578 0456 wscsvc - ok
17:01:56.0625 0456 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:01:56.0625 0456 WSTCODEC - ok
17:01:56.0640 0456 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:01:56.0656 0456 wuauserv - ok
17:01:56.0734 0456 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:01:56.0734 0456 WudfPf - ok
17:01:56.0750 0456 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:01:56.0750 0456 WudfRd - ok
17:01:56.0796 0456 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:01:56.0796 0456 WudfSvc - ok
17:01:56.0875 0456 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:01:56.0875 0456 WZCSVC - ok
17:01:56.0890 0456 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:01:56.0890 0456 xmlprov - ok
17:01:56.0937 0456 ================ Scan global ===============================
17:01:56.0984 0456 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
17:01:57.0046 0456 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
17:01:57.0046 0456 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
17:01:57.0078 0456 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
17:01:57.0078 0456 [Global] - ok
17:01:57.0078 0456 ================ Scan MBR ==================================
17:01:57.0109 0456 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:01:57.0265 0456 \Device\Harddisk0\DR0 - ok
17:01:57.0265 0456 [ 672FA3B828FC996AB2E2EE417145DF93 ] \Device\Harddisk1\DR2
17:01:57.0281 0456 \Device\Harddisk1\DR2 - ok
17:01:57.0281 0456 ================ Scan VBR ==================================
17:01:57.0296 0456 [ 547F324BA624648420720E3D320CF55D ] \Device\Harddisk0\DR0\Partition1
17:01:57.0296 0456 \Device\Harddisk0\DR0\Partition1 - ok
17:01:57.0328 0456 [ 7844625B535FAF34333378BE22384299 ] \Device\Harddisk1\DR2\Partition1
17:01:57.0343 0456 \Device\Harddisk1\DR2\Partition1 - ok
17:01:57.0359 0456 ============================================================
17:01:57.0359 0456 Scan finished
17:01:57.0359 0456 ============================================================
17:01:57.0375 0108 Detected object count: 0
17:01:57.0375 0108 Actual detected object count: 0
17:02:22.0500 4076 Deinitialize success




ten posledny ma 345kb a neviem ako ho sem nahrat. je priliz dlhy, tak som ho dal sem
http://uloz.to/xSr3wztg/tdsskiller-2-8- ... 41-log-txt

[gekonko]

combofix pustam z nudzoveho rezimu s prikazovym riadkom cez notepad. spusti sa ale nenainstaluje konzolu kedze v nudzovom nejde siet. program ide az po stage 50, vypise ze dokoncil stage 50 a nasledne sa ntb v sekunde vypne. toto spravil druhy krat. Mate nejake napady? idem sa pokusit pustit normalny rezim, ked tam nabehne to policia okno tak ak potlacim tlacidlo na vypnutie pc tak sa to okno vypne, a obcas sa mi podari zrusit vypnutie a pc bezi.

[gekonko]

takze pod normalnym rezimom sa mi podarilo vypnut to okno, nasledne si combofix doinstaloval konzolu a zbehol do konca, prikladam teda log.subor je49b je tak isto zmazany. Virus sa zatial neprejavuje, tak pockam co mi poviete na tento log, ci mam ist aj cez to frst.



ComboFix 13-05-30.02 - Janka 30.05.2013 19:59:04.3.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.3071.2386 [GMT 2:00]
Running from: c:\documents and settings\Janka\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\b94ej.pad
c:\documents and settings\All Users\Application Data\je49b.dat
c:\documents and settings\All Users\Application Data\rundll32.exe
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Janka\Application Data\inst.exe
c:\documents and settings\Janka\Application Data\Mozilla\Firefox\Profiles\4olmro8m.default\extensions\SearchHelper\SeARchbho.dll
c:\program files\SaveTubeVideo.com
c:\program files\SaveTubeVideo.com\SaveTubeVideo\BrowserStartPage.dll
c:\program files\SaveTubeVideo.com\SaveTubeVideo\Config.dat
c:\program files\SaveTubeVideo.com\SaveTubeVideo\downloader.exe
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\allkeywords.txt
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\components\ISwslib.xpt
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\components\nsIRdsHistoryService.js
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\components\nsIRdsHistoryService.xpt
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\components\rdstb-autocomplete.js
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\components\swslib.dll
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome.manifest
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\content\about.xul
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\content\GoogleFeed.xml
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\content\GoogleSearch.htm
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\content\registerdialog.js
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\content\registerdialog.xul
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\content\settings.js
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\content\skysearchtoolbar.js
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\content\skysearchtoolbar.xul
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\content\startAbout.js
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\content\unregister.xul
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\locale\en-US\skysearchtoolbar.dtd
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\locale\en-US\toolbar.properties
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\about.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\aboutDlg.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\addvideo.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\bigbutton.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\burnit.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\gripper.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\icon.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\icon16-16.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\register.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\savevideo.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\savevideo2.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\search.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\settings.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\showstatus.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\skysearchtoolbar.css
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\smile!.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\skin\videooftheday.png
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\install.rdf
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\SearchToolbar@skywebsearch.com
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FF\tmp
c:\program files\SaveTubeVideo.com\SaveTubeVideo\FLVSplitter.ax
c:\program files\SaveTubeVideo.com\SaveTubeVideo\Google Custom Search\index.htm
c:\program files\SaveTubeVideo.com\SaveTubeVideo\Google Custom Search\manifest.json
c:\program files\SaveTubeVideo.com\SaveTubeVideo\Google Custom Search\redirect.html
c:\program files\SaveTubeVideo.com\SaveTubeVideo\GoogleChromeExtansion.exe
c:\program files\SaveTubeVideo.com\SaveTubeVideo\index.htm
c:\program files\SaveTubeVideo.com\SaveTubeVideo\InstallHelper.exe
c:\program files\SaveTubeVideo.com\SaveTubeVideo\lame.ax
c:\program files\SaveTubeVideo.com\SaveTubeVideo\MinBHO.dll
c:\program files\SaveTubeVideo.com\SaveTubeVideo\PreferencesOriginal
c:\program files\SaveTubeVideo.com\SaveTubeVideo\SaVEtubevideo.dll
c:\program files\SaveTubeVideo.com\SaveTubeVideo\SearchBHO.dll
c:\program files\SaveTubeVideo.com\SaveTubeVideo\StarBurnRDS.dll
c:\program files\SaveTubeVideo.com\SaveTubeVideo\transport_dll.dll
c:\program files\SaveTubeVideo.com\SaveTubeVideo\unins000.dat
c:\program files\SaveTubeVideo.com\SaveTubeVideo\unins000.exe
c:\program files\SaveTubeVideo.com\SaveTubeVideo\Updater.exe
c:\program files\SaveTubeVideo.com\SaveTubeVideo\Web Data-journal
c:\program files\SaveTubeVideo.com\SaveTubeVideo\Web Data
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\MUI\041b\tourstart.exe
c:\windows\system32\Packet.dll
c:\windows\system32\SET24C.tmp
c:\windows\system32\SET258.tmp
c:\windows\system32\SET2A3.tmp
c:\windows\system32\wpcap.dll
c:\windows\wininit.ini
.
Infected copy of c:\windows\system32\samsrv.dll was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\samsrv.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2013-04-28 to 2013-05-30 )))))))))))))))))))))))))))))))
.
.
2013-05-30 15:59 . 2013-05-30 15:59 -------- d-----w- c:\program files\trend micro
2013-05-30 15:58 . 2013-05-30 15:59 -------- d-----w- C:\rsit
2013-05-30 15:24 . 2013-05-30 15:24 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2013-05-30 15:24 . 2013-05-30 15:24 3049 ----a-w- c:\documents and settings\All Users\Application Data\b94ej.js
2013-05-30 13:25 . 2013-05-30 13:26 -------- d-----w- c:\documents and settings\Administrator
2013-05-01 13:00 . 2013-05-01 13:00 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-20 18:22 . 2013-01-15 21:25 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-20 18:22 . 2011-05-24 07:48 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-11 16:08 . 2013-03-11 16:08 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-11 16:08 . 2013-03-11 16:08 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-11 16:08 . 2013-03-11 16:08 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-11 16:08 . 2010-10-14 14:00 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-08 08:36 . 2006-02-28 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32 . 2006-02-28 12:00 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2004-08-03 22:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06 . 2006-02-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:06 . 2006-02-28 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-02 02:06 . 2006-02-28 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:25 . 2006-02-28 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08 . 2006-02-28 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-10-01 22:19 . 2011-05-06 08:21 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2008-08-24 4067328]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-08 39408]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-01-24 2200376]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
"Facebook Update"="c:\documents and settings\Janka\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-02-28 18642024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-09-10 16851968]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2008-06-12 1454080]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb06.exe" [2002-07-11 188416]
"Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"NeroCheck"="c:\windows\system32\\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-03 32768]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-09-12 36352]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2010-12-03 141368]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\documents and settings\Default User\Start Menu\Programs\Startup\
msconfig.lnk - c:\windows\system32\rundll32.exe [2006-2-28 33280]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
msconfig.lnk - c:\windows\system32\rundll32.exe [2006-2-28 33280]
.
c:\documents and settings\Janka\Start Menu\Programs\Startup\
msconfig.lnk - c:\windows\system32\rundll32.exe [2006-2-28 33280]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2007-11-1 421888]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Janka^Start Menu^Programs^Startup^msconfig.lnk]
path=c:\documents and settings\Janka\Start Menu\Programs\Startup\msconfig.lnk
backup=c:\windows\pss\msconfig.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Epson Stylus SX420W(Sieť)]
2009-09-14 07:00 200704 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIGCE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Epson Stylus SX420W(Sieť) (Kopírovať 1)]
2009-09-14 07:00 200704 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIGCE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX420W Series]
2009-09-14 07:00 200704 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIGCE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"McComponentHostService"=3 (0x3)
"iPod Service"=3 (0x3)
"ICQ Service"=2 (0x2)
"gusvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Application Updater"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"ABBYY.Licensing.FineReader.Sprint.9.0"=2 (0x2)
"602XML Updater"=2 (0x2)
"BITS"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\EpsonNet\\EpsonNet Setup\\tool10\\ENEasyApp.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Documents and Settings\\Janka\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe [1.5.2009 9:16 68865]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\All Users\Application Data\DatacardService\HWDeviceService.exe [14.3.2011 17:27 271712]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [15.4.2013 15:27 3289208]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [7.12.2011 17:37 73216]
S2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe --> c:\program files\System Control Manager\MSIService.exe [?]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files\Mobile Partner\UpdateDog\ouc.exe [7.12.2011 17:37 246112]
S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe --> c:\program files\System Control Manager\edd.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28.2.2013 18:45 161384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [7.12.2011 17:37 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [7.12.2011 17:37 11136]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [7.12.2011 17:37 235392]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [9.5.2010 13:52 47360]
S4 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 73728]
S4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14.5.2009 17:07 759048]
S4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 14:49 227232]
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-15 18:22]
.
2013-03-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2013-05-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-306896455-1021164264-1928630839-1005Core.job
- c:\documents and settings\Janka\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-11-29 17:45]
.
2013-05-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-306896455-1021164264-1928630839-1005UA.job
- c:\documents and settings\Janka\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-11-29 17:45]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-20 09:24]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-20 09:24]
.
2013-05-30 c:\windows\Tasks\User_Feed_Synchronization-{478ADBD5-5800-470D-BA18-CACD4BE3E595}.job
- c:\windows\system32\msfeedssync.exe [2009-10-08 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube Download - c:\documents and settings\Janka\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Janka\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Janka\Application Data\Mozilla\Firefox\Profiles\4olmro8m.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - ExtSQL: !HIDDEN! 2009-09-02 00:31; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)
HKU-Default-Run-CTFMON.EXE - c:\docume~1\ALLUSE~1\APPLIC~1\rundll32.exe
SafeBoot-03661434.sys
MSConfigStartUp-ctfmon - c:\docume~1\ALLUSE~1\APPLIC~1\rundll32.exe
AddRemove-SaveTubeVideo_is1 - c:\program files\SaveTubeVideo.com\SaveTubeVideo\unins000.exe
AddRemove-Okolie Bratislavy - 0:\program files\Cyklotrasy SK\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-30 20:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(700)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3836)
c:\windows\system32\WININET.dll
c:\program files\ScanSoft\OmniPageSE\ophook32.dll
c:\windows\system32\ieframe.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\MSISIP.DLL
c:\progra~1\MICROS~2\OFFICE11\MCPS.DLL
c:\program files\Microsoft Silverlight\xapauthenticodesip.dll
c:\program files\Epson Software\Easy Photo Print\EPTBL.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.SKY
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\documents and settings\All Users\Application Data\Mobile Partner\OnlineUpdate\ouc.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclToBTSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
c:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Completion time: 2013-05-30 20:12:11 - machine was rebooted
ComboFix-quarantined-files.txt 2013-05-30 18:12
.
Pre-Run: 102 923 976 704 bytes free
Post-Run: 15 adresárov, 103 270 891 520 voľných bajtov
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 412FF3C34DEE9EC717AAF7B10E4CE400

[gekonko]

vykonal som co ste mi povedali, prikladam oba logy.

[gekonko]

ak som spravne pochopil, mal som zakliknut "none" ? mam to totiz po anglicky.
dakujem.


OTL logfile created on: 1.6.2013 15:05:24 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Janka\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 74,94% Memory free
4,84 Gb Paging File | 3,95 Gb Available in Paging File | 81,58% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 100,91 Gb Free Space | 33,85% Space Free | Partition Type: NTFS

Computer Name: JANA | User Name: Janka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========

< End of report >

[gekonko]

b94ej.js som vymazal
idem spustit adwcleaner
hotfix bohuzial nieje pre moju lokalizaciu, a s inym jazykom nejde nainstalovat

-ziadne ine problemy som s pc nezaznamenal, myslim ze je to ok

Dakujem.

[gekonko]

dakujem za rychlu odzvu, za vas cenny cas