prosím o kontrolu logu a následný postup

prosíkm o kontrolu logu z COMBOfix:
ComboFix 13-04-15.01 - Anička 15.04.2013 19:50:02.1.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.511.250 [GMT 2:00]
Running from: c:\documents and settings\AniŔka\Desktop\aniko\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\iun6002.exe
c:\windows\regedit.com
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\AegisI5Installer.exe
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\MUI\041b\tourstart.exe
c:\windows\system32\taskmgr.com
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-03-15 to 2013-04-15 )))))))))))))))))))))))))))))))
.
.
2013-04-15 17:17 . 2013-04-15 17:19 -------- dc-h--w- c:\windows\ie8
2013-04-15 15:47 . 2013-04-15 15:47 -------- d-----w- c:\documents and settings\Anička\Application Data\SUPERAntiSpyware.com
2013-04-15 15:47 . 2013-04-15 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2013-04-15 15:47 . 2013-04-15 15:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-04-13 10:24 . 2013-04-13 10:27 -------- d-----w- c:\windows\SxsCaPendDel
2013-04-13 09:52 . 2011-05-04 11:56 1608768 ----a-w- c:\windows\system32\RaCertMgr.dll
2013-04-13 09:52 . 2010-07-01 15:09 185696 ----a-w- c:\windows\system32\W32N55.dll
2013-04-13 09:52 . 2012-10-25 07:43 26336 ----a-w- c:\windows\system32\drivers\Scutum50.sys
2013-04-13 09:52 . 2012-01-30 15:23 151552 ----a-w- c:\windows\system32\RalinkGina.dll
2013-04-13 09:52 . 2011-05-04 11:47 2178112 ----a-w- c:\windows\system32\Scutum.dll
2013-04-13 09:52 . 2010-06-29 08:34 480608 ----a-w- c:\windows\system32\DiagFunc.dll
2013-04-13 09:52 . 2009-11-13 11:42 34080 ----a-w- c:\windows\system32\CTAAEI.dll
2013-04-13 09:51 . 2011-12-26 09:02 238944 ----a-w- c:\windows\system32\RaCoInst.dll
2013-04-13 09:51 . 2013-04-13 09:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Ralink Driver
2013-04-13 09:51 . 2013-04-13 09:51 -------- d-----w- c:\program files\Ralink
2013-04-13 09:47 . 2013-04-13 09:47 -------- d-----w- c:\program files\SiS7012
2013-04-13 09:31 . 2013-04-13 09:31 -------- d-----w- c:\windows\SiS
2013-04-13 09:31 . 2002-12-05 12:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-04-13 09:31 . 2002-12-05 12:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2013-04-13 09:31 . 2002-12-02 13:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-04-13 09:31 . 2002-12-02 11:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-04-13 09:31 . 2002-12-02 11:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-04-13 09:31 . 2013-04-13 09:31 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2013-04-13 09:31 . 2013-04-13 09:31 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2013-04-13 08:44 . 2009-11-02 15:47 11520 ----a-w- c:\windows\system32\drivers\gMouUsb.sys
2013-04-13 08:44 . 2009-06-30 10:13 17408 ----a-w- c:\windows\system32\drivers\gMouPS2.sys
2013-04-13 08:44 . 2009-11-02 15:43 20480 ----a-w- c:\windows\system32\drivers\gHidPnp.sys
2013-04-13 08:26 . 2013-04-13 08:26 -------- d-----w- C:\Genius
2013-04-13 07:57 . 2013-04-13 09:59 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverGenius
2013-04-13 07:30 . 2013-04-15 16:12 -------- d-----w- c:\documents and settings\Anička\Application Data\QuickScan
2013-04-13 07:28 . 2013-04-13 07:28 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-04-13 05:35 . 2013-04-13 05:35 -------- d-----w- c:\documents and settings\Anička\Application Data\Malwarebytes
2013-04-13 05:34 . 2013-04-13 05:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-04-12 20:53 . 2013-04-12 20:53 -------- d---a-w- c:\windows\rundll16.exe
2013-04-12 20:53 . 2013-04-12 20:53 -------- d---a-w- c:\windows\logo1_.exe
2013-04-12 20:45 . 2013-04-12 20:45 -------- d---a-w- c:\windows\VDLL.DLL
2013-04-12 20:45 . 2013-04-12 20:45 -------- d---a-w- c:\windows\system32\runouce.exe
2013-04-12 20:45 . 2013-04-12 20:45 -------- d---a-w- c:\windows\RUNDL132.EXE
2013-04-12 20:45 . 2013-04-12 20:45 -------- d---a-w- c:\windows\logo_1.exe
2013-04-12 20:36 . 2013-04-12 20:36 343456 ----a-w- c:\windows\system32\drivers\trufos.sys
2013-04-12 20:36 . 2013-04-12 20:36 632064 ----a-w- c:\windows\system32\msvcr80.dll
2013-04-12 20:36 . 2013-04-12 20:36 554240 ----a-w- c:\windows\system32\msvcp80.dll
2013-04-12 20:36 . 2013-04-12 20:36 572928 ----a-w- c:\windows\system32\msvcp90.dll
2013-04-12 20:36 . 2013-04-12 20:36 655872 ----a-w- c:\windows\system32\msvcr90.dll
2013-04-12 20:36 . 2013-04-12 20:36 34048 ----a-w- c:\windows\system32\eEmpty.exe
2013-04-12 20:36 . 2008-04-14 04:42 135680 ----a-w- c:\windows\system32\T.COM
2013-04-12 20:36 . 2008-04-14 04:42 146432 ----a-w- c:\windows\R.COM
2013-04-12 20:36 . 2013-04-12 20:36 -------- d-----w- c:\program files\Common Files\MicroWorld
2013-04-12 20:36 . 2013-04-12 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\MicroWorld
2013-04-12 18:02 . 2013-04-12 18:02 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2013-04-12 17:32 . 2013-04-12 17:32 -------- d-----w- c:\program files\VideoLAN
2013-04-12 17:25 . 2013-04-12 17:25 -------- d-----w- c:\documents and settings\Anička\Application Data\ESET
2013-04-12 16:11 . 2012-08-20 08:16 1249888 ----a-w- c:\windows\system32\drivers\rt2870.sys
2013-04-12 16:07 . 2013-04-12 16:07 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys
2013-04-12 16:06 . 2013-04-12 16:06 -------- d-----w- c:\windows\OPTIONS
2013-04-12 16:06 . 2010-11-05 09:13 606056 ----a-w- c:\windows\system32\drivers\rtl8192su.sys
2013-04-12 16:06 . 2013-04-12 16:06 -------- d-----w- c:\windows\system32\RtlGina
2013-04-12 16:06 . 2013-04-12 16:06 -------- d-----w- c:\program files\TP-LINK
2013-04-12 16:06 . 2010-08-05 07:07 451072 ----a-w- c:\windows\system32\ISSRemoveSP.exe
2013-04-12 16:01 . 2013-04-12 16:05 -------- d-----w- c:\documents and settings\Administrator
2013-04-12 15:59 . 2013-04-12 15:59 -------- d-----w- c:\documents and settings\All Users\Application Data\RTLLog
2013-03-21 17:56 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2013-03-21 17:56 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-12 22:01 . 2012-03-30 18:56 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-12 22:01 . 2011-07-03 10:34 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-08 08:36 . 2003-03-31 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:28 . 2003-03-31 12:00 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2002-08-29 01:04 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06 . 2003-03-31 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:06 . 2003-03-31 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-02 02:06 . 2003-03-31 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:25 . 2003-03-31 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08 . 2009-01-29 14:58 385024 ----a-w- c:\windows\system32\html.iec
2013-02-27 07:56 . 2009-01-29 13:17 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-14 11:21 . 2013-02-14 11:21 62512 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2013-02-12 00:32 . 2009-01-29 14:54 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2003-03-31 12:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-01-26 03:55 . 2003-03-31 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-03-20 16:59 . 2013-03-20 16:59 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-04-20 2423752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 5078504]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2013-4-13 15642512]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 09:04 39792 ----a-r- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 04:42 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
2004-01-14 11:10 409600 ----a-w- c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-17 21:00 133104 ----atw- c:\documents and settings\Anička\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
2009-09-03 09:30 61440 ----a-w- c:\genius\ioCentre\gTaskBar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-16 12:01 13529088 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 12:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 12:01 1630208 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSUSBRG]
2002-07-12 10:15 106496 ----a-w- c:\windows\SiSUSBrg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2004-02-09 08:54 65024 ----a-r- c:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winboot]
2008-05-08 11:24 155648 ----a-w- c:\windows\system32\wscript.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Ralink\\Common\\RaMediaServer.exe"=
"c:\\Program Files\\Ralink\\Common\\RaUI.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [10.1.2013 10:25 122240]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.3.2013 15:19 1341664]
R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [13.4.2013 11:52 26336]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [13.4.2013 10:44 20480]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [13.4.2013 10:44 11520]
R3 SiS7012;Service for AC'97 Sample Driver (WDM);c:\windows\system32\drivers\sis7012.sys [3.11.2004 14:14 267136]
S2 GeniusMouseService;GeniusMouseService;c:\genius\ioCentre\GMouseService.exe [13.4.2013 10:45 12288]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 13:55 161536]
S3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\drivers\activhidsermini.sys [16.6.2008 15:38 57088]
S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [13.4.2013 10:44 17408]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [13.4.2013 9:28 40776]
S3 RaMediaServer;Ralink UPnP Media Server;c:\program files\Ralink\Common\RaMediaServer.exe [13.4.2013 11:52 1863680]
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 22:01]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-11 07:20]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-11 07:20]
.
2013-04-15 c:\windows\Tasks\User_Feed_Synchronization-{223BC19B-BD35-425E-8ED4-A08B6D79DD0E}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: DhcpNameServer = 192.168.1.1 193.110.186.240 217.75.71.141
FF - ProfilePath - c:\documents and settings\Anička\Application Data\Mozilla\Firefox\Profiles\5yay17oq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk
FF - ExtSQL: 2013-04-13 09:30; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\documents and settings\Anička\Application Data\Mozilla\Firefox\Profiles\5yay17oq.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
MSConfigStartUp-ActivControl - c:\program files\Activ Software\Activdriver\ActivControl2.exe
MSConfigStartUp-Cmaudio - cmicnfg.cpl
MSConfigStartUp-KSS - c:\program files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-SiS7012 - c:\program files\SiS7012\Uninst\uninst2k.exe PCI\VEN_1039&DEV_7012
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-15 20:01
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
Completion time: 2013-04-15 20:05:08
ComboFix-quarantined-files.txt 2013-04-15 18:05
.
Pre-Run: 18 978 443 264 bytes free
Post-Run: 11 adresárov, 19 005 632 512 voľných bajtov
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - A75A7A6E56C7E002A2B553C93622B0B9


LOG HIJACK:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:21:10, on 15.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Ralink\Common\RaRegistry.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Anička\Desktop\aniko\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://hostyn.nwt.cz/activex/AxisCamControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: GeniusMouseService - Unknown owner - C:\Genius\ioCentre\GMouseService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RalinkRegistryWriter - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RaRegistry.exe
O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Ralink - C:\Program Files\Ralink\Common\RaMediaServer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6019 bytes

ako postupovať ďalej

Keď nemáš combofix tak ho presuň na plochu
Spusť poznámkový blok
skopíruj script do poznámkového bloku


Ulož vytvorený TXT súbor ako CFScript
Pretiahni cfscript cez combofix aplikuje sa script
Po aplikovaný scriptu a možnom reštarte pc vlož log sem

Stiahni si RSIT z http://images.malwareremoval.com/random/RSIT.exe pre 64 bit verzie http://images.malwareremoval.com/random/RSITx64.exe spusť daj continue chvíľu počkaj dokým sa vygeneruje log keď ho vygeneruje nájdeš ho na C:\rsit\log.txt log vlož sem

Nový log:
ComboFix 13-04-15.01 - Anička 15.04.2013 20:45:17.2.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.511.190 [GMT 2:00]
Running from: c:\documents and settings\Anička\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Anička\Desktop\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\User_Feed_Synchronization-{223BC19B-BD35-425E-8ED4-A08B6D79DD0E}.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Files Created from 2013-03-15 to 2013-04-15 )))))))))))))))))))))))))))))))
.
.
2013-04-15 17:17 . 2013-04-15 17:19 -------- dc-h--w- c:\windows\ie8
2013-04-15 15:47 . 2013-04-15 15:47 -------- d-----w- c:\documents and settings\Anička\Application Data\SUPERAntiSpyware.com
2013-04-15 15:47 . 2013-04-15 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2013-04-15 15:47 . 2013-04-15 15:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-04-13 10:24 . 2013-04-13 10:27 -------- d-----w- c:\windows\SxsCaPendDel
2013-04-13 09:52 . 2011-05-04 11:56 1608768 ----a-w- c:\windows\system32\RaCertMgr.dll
2013-04-13 09:52 . 2010-07-01 15:09 185696 ----a-w- c:\windows\system32\W32N55.dll
2013-04-13 09:52 . 2012-10-25 07:43 26336 ----a-w- c:\windows\system32\drivers\Scutum50.sys
2013-04-13 09:52 . 2012-01-30 15:23 151552 ----a-w- c:\windows\system32\RalinkGina.dll
2013-04-13 09:52 . 2011-05-04 11:47 2178112 ----a-w- c:\windows\system32\Scutum.dll
2013-04-13 09:52 . 2010-06-29 08:34 480608 ----a-w- c:\windows\system32\DiagFunc.dll
2013-04-13 09:52 . 2009-11-13 11:42 34080 ----a-w- c:\windows\system32\CTAAEI.dll
2013-04-13 09:51 . 2011-12-26 09:02 238944 ----a-w- c:\windows\system32\RaCoInst.dll
2013-04-13 09:51 . 2013-04-13 09:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Ralink Driver
2013-04-13 09:51 . 2013-04-13 09:51 -------- d-----w- c:\program files\Ralink
2013-04-13 09:47 . 2013-04-13 09:47 -------- d-----w- c:\program files\SiS7012
2013-04-13 09:31 . 2013-04-13 09:31 -------- d-----w- c:\windows\SiS
2013-04-13 09:31 . 2002-12-05 12:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-04-13 09:31 . 2002-12-05 12:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2013-04-13 09:31 . 2002-12-02 13:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-04-13 09:31 . 2002-12-02 11:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-04-13 09:31 . 2002-12-02 11:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-04-13 09:31 . 2013-04-13 09:31 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2013-04-13 09:31 . 2013-04-13 09:31 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2013-04-13 08:44 . 2009-11-02 15:47 11520 ----a-w- c:\windows\system32\drivers\gMouUsb.sys
2013-04-13 08:44 . 2009-06-30 10:13 17408 ----a-w- c:\windows\system32\drivers\gMouPS2.sys
2013-04-13 08:44 . 2009-11-02 15:43 20480 ----a-w- c:\windows\system32\drivers\gHidPnp.sys
2013-04-13 08:26 . 2013-04-13 08:26 -------- d-----w- C:\Genius
2013-04-13 07:57 . 2013-04-13 09:59 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverGenius
2013-04-13 07:30 . 2013-04-15 16:12 -------- d-----w- c:\documents and settings\Anička\Application Data\QuickScan
2013-04-13 07:28 . 2013-04-13 07:28 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-04-13 05:35 . 2013-04-13 05:35 -------- d-----w- c:\documents and settings\Anička\Application Data\Malwarebytes
2013-04-13 05:34 . 2013-04-13 05:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-04-12 20:53 . 2013-04-12 20:53 -------- d---a-w- c:\windows\rundll16.exe
2013-04-12 20:53 . 2013-04-12 20:53 -------- d---a-w- c:\windows\logo1_.exe
2013-04-12 20:45 . 2013-04-12 20:45 -------- d---a-w- c:\windows\VDLL.DLL
2013-04-12 20:45 . 2013-04-12 20:45 -------- d---a-w- c:\windows\system32\runouce.exe
2013-04-12 20:45 . 2013-04-12 20:45 -------- d---a-w- c:\windows\RUNDL132.EXE
2013-04-12 20:45 . 2013-04-12 20:45 -------- d---a-w- c:\windows\logo_1.exe
2013-04-12 20:36 . 2013-04-12 20:36 343456 ----a-w- c:\windows\system32\drivers\trufos.sys
2013-04-12 20:36 . 2013-04-12 20:36 632064 ----a-w- c:\windows\system32\msvcr80.dll
2013-04-12 20:36 . 2013-04-12 20:36 554240 ----a-w- c:\windows\system32\msvcp80.dll
2013-04-12 20:36 . 2013-04-12 20:36 572928 ----a-w- c:\windows\system32\msvcp90.dll
2013-04-12 20:36 . 2013-04-12 20:36 655872 ----a-w- c:\windows\system32\msvcr90.dll
2013-04-12 20:36 . 2013-04-12 20:36 34048 ----a-w- c:\windows\system32\eEmpty.exe
2013-04-12 20:36 . 2008-04-14 04:42 135680 ----a-w- c:\windows\system32\T.COM
2013-04-12 20:36 . 2008-04-14 04:42 146432 ----a-w- c:\windows\R.COM
2013-04-12 20:36 . 2013-04-12 20:36 -------- d-----w- c:\program files\Common Files\MicroWorld
2013-04-12 20:36 . 2013-04-12 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\MicroWorld
2013-04-12 18:02 . 2013-04-12 18:02 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2013-04-12 17:32 . 2013-04-12 17:32 -------- d-----w- c:\program files\VideoLAN
2013-04-12 17:25 . 2013-04-12 17:25 -------- d-----w- c:\documents and settings\Anička\Application Data\ESET
2013-04-12 16:11 . 2012-08-20 08:16 1249888 ----a-w- c:\windows\system32\drivers\rt2870.sys
2013-04-12 16:07 . 2013-04-12 16:07 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys
2013-04-12 16:06 . 2013-04-12 16:06 -------- d-----w- c:\windows\OPTIONS
2013-04-12 16:06 . 2010-11-05 09:13 606056 ----a-w- c:\windows\system32\drivers\rtl8192su.sys
2013-04-12 16:06 . 2013-04-12 16:06 -------- d-----w- c:\windows\system32\RtlGina
2013-04-12 16:06 . 2013-04-12 16:06 -------- d-----w- c:\program files\TP-LINK
2013-04-12 16:06 . 2010-08-05 07:07 451072 ----a-w- c:\windows\system32\ISSRemoveSP.exe
2013-04-12 16:01 . 2013-04-12 16:05 -------- d-----w- c:\documents and settings\Administrator
2013-04-12 15:59 . 2013-04-12 15:59 -------- d-----w- c:\documents and settings\All Users\Application Data\RTLLog
2013-03-21 17:56 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2013-03-21 17:56 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-12 22:01 . 2012-03-30 18:56 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-12 22:01 . 2011-07-03 10:34 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-08 08:36 . 2003-03-31 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:28 . 2003-03-31 12:00 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2002-08-29 01:04 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06 . 2003-03-31 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:06 . 2003-03-31 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-02 02:06 . 2003-03-31 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:25 . 2003-03-31 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08 . 2009-01-29 14:58 385024 ----a-w- c:\windows\system32\html.iec
2013-02-27 07:56 . 2009-01-29 13:17 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-14 11:21 . 2013-02-14 11:21 62512 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2013-02-12 00:32 . 2009-01-29 14:54 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2003-03-31 12:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-01-26 03:55 . 2003-03-31 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-03-20 16:59 . 2013-03-20 16:59 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 5078504]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2013-4-13 15642512]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Ralink\\Common\\RaMediaServer.exe"=
"c:\\Program Files\\Ralink\\Common\\RaUI.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [10.1.2013 10:25 122240]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.3.2013 15:19 1341664]
R2 GeniusMouseService;GeniusMouseService;c:\genius\ioCentre\GMouseService.exe [13.4.2013 10:45 12288]
R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [13.4.2013 11:52 26336]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [13.4.2013 10:44 20480]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [13.4.2013 10:44 11520]
R3 SiS7012;Service for AC'97 Sample Driver (WDM);c:\windows\system32\drivers\sis7012.sys [3.11.2004 14:14 267136]
S3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\drivers\activhidsermini.sys [16.6.2008 15:38 57088]
S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [13.4.2013 10:44 17408]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [13.4.2013 9:28 40776]
S3 RaMediaServer;Ralink UPnP Media Server;c:\program files\Ralink\Common\RaMediaServer.exe [13.4.2013 11:52 1863680]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 22:01]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-11 07:20]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-11 07:20]
.
2013-04-15 c:\windows\Tasks\User_Feed_Synchronization-{223BC19B-BD35-425E-8ED4-A08B6D79DD0E}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: DhcpNameServer = 192.168.1.1 193.110.186.240 217.75.71.141
FF - ProfilePath - c:\documents and settings\Anička\Application Data\Mozilla\Firefox\Profiles\5yay17oq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk
FF - ExtSQL: 2013-04-13 09:30; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\documents and settings\Anička\Application Data\Mozilla\Firefox\Profiles\5yay17oq.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-15 21:00
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(816)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(3880)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Ralink\Common\RaRegistry.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2013-04-15 21:04:31 - machine was rebooted
ComboFix-quarantined-files.txt 2013-04-15 19:04
ComboFix2.txt 2013-04-15 18:05
.
Pre-Run: 19 008 118 784 bytes free
Post-Run: 11 adresárov, 18 932 883 456 voľných bajtov
.
- - End Of File - - 1DA592010405D5E26771E951393BEAAC

log RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Anička at 2013-04-15 21:06:15
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 18 GB (60%) free of 30 GB
Total RAM: 511 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:06:21, on 15.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Genius\ioCentre\GMouseService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Ralink\Common\RaRegistry.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Anička\Desktop\RSIT.exe
C:\Program Files\trend micro\Anička.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://hostyn.nwt.cz/activex/AxisCamControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: GeniusMouseService - Unknown owner - C:\Genius\ioCentre\GMouseService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RalinkRegistryWriter - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RaRegistry.exe
O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Ralink - C:\Program Files\Ralink\Common\RaMediaServer.exe

--
End of file - 5870 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{223BC19B-BD35-425E-8ED4-A08B6D79DD0E}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Anička\Application Data\Mozilla\Firefox\Profiles\5yay17oq.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\Anička\Application Data\Mozilla\Firefox\Profiles\5yay17oq.default\extensions\
{e001c731-5e37-4538-a5cb-8168736a2360}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 5078504]
"nwiz"=nwiz.exe /install []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Ralink Wireless Utility.lnk - C:\Program Files\Ralink\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Ralink\Common\RaMediaServer.exe"="C:\Program Files\Ralink\Common\RaMediaServer.exe:*:Enabled:Ralink UPnP Media Server"
"C:\Program Files\Ralink\Common\RaUI.exe"="C:\Program Files\Ralink\Common\RaUI.exe:*:Enabled:Ralink Utility"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"midi2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-04-15 21:06:16 ----D---- C:\Program Files\trend micro
2013-04-15 21:06:15 ----D---- C:\rsit
2013-04-15 21:04:36 ----D---- C:\WINDOWS\temp
2013-04-15 21:04:33 ----A---- C:\ComboFix.txt
2013-04-15 19:42:04 ----A---- C:\Boot.bak
2013-04-15 19:41:59 ----RASHD---- C:\cmdcons
2013-04-15 19:40:07 ----A---- C:\WINDOWS\zip.exe
2013-04-15 19:40:07 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-04-15 19:40:07 ----A---- C:\WINDOWS\SWSC.exe
2013-04-15 19:40:07 ----A---- C:\WINDOWS\SWREG.exe
2013-04-15 19:40:07 ----A---- C:\WINDOWS\sed.exe
2013-04-15 19:40:07 ----A---- C:\WINDOWS\PEV.exe
2013-04-15 19:40:07 ----A---- C:\WINDOWS\NIRCMD.exe
2013-04-15 19:40:07 ----A---- C:\WINDOWS\MBR.exe
2013-04-15 19:40:07 ----A---- C:\WINDOWS\grep.exe
2013-04-15 19:39:23 ----D---- C:\Qoobox
2013-04-15 19:37:53 ----D---- C:\WINDOWS\erdnt
2013-04-15 19:20:44 ----A---- C:\WINDOWS\imsins.BAK
2013-04-15 19:17:42 ----HDC---- C:\WINDOWS\ie8
2013-04-15 17:47:56 ----D---- C:\Documents and Settings\Anička\Application Data\SUPERAntiSpyware.com
2013-04-15 17:47:56 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2013-04-15 17:47:45 ----D---- C:\Program Files\SUPERAntiSpyware
2013-04-13 12:24:51 ----D---- C:\WINDOWS\SxsCaPendDel
2013-04-13 11:52:35 ----A---- C:\WINDOWS\system32\W32N55.INI
2013-04-13 11:52:35 ----A---- C:\WINDOWS\system32\W32N55.dll
2013-04-13 11:52:35 ----A---- C:\WINDOWS\system32\RaCertMgr.dll
2013-04-13 11:52:35 ----A---- C:\WINDOWS\system32\DiagFunc.ini
2013-04-13 11:52:34 ----A---- C:\WINDOWS\system32\Scutum.dll
2013-04-13 11:52:34 ----A---- C:\WINDOWS\system32\RalinkGina.dll
2013-04-13 11:52:34 ----A---- C:\WINDOWS\system32\drivers\Scutum50.sys
2013-04-13 11:52:34 ----A---- C:\WINDOWS\system32\DiagFunc.dll
2013-04-13 11:52:34 ----A---- C:\WINDOWS\system32\CTAAEI.dll
2013-04-13 11:51:37 ----A---- C:\WINDOWS\system32\RaCoInst.dll
2013-04-13 11:51:33 ----D---- C:\Documents and Settings\All Users\Application Data\Ralink Driver
2013-04-13 11:51:31 ----D---- C:\Program Files\Ralink
2013-04-13 11:47:55 ----D---- C:\Program Files\SiS7012
2013-04-13 11:31:38 ----D---- C:\WINDOWS\SiS
2013-04-13 10:44:40 ----A---- C:\WINDOWS\system32\drivers\gMouUsb.sys
2013-04-13 10:44:32 ----A---- C:\WINDOWS\system32\drivers\gMouPS2.sys
2013-04-13 10:44:30 ----A---- C:\WINDOWS\system32\drivers\gHidPnp.sys
2013-04-13 10:26:55 ----D---- C:\Genius
2013-04-13 09:57:42 ----D---- C:\Documents and Settings\All Users\Application Data\DriverGenius
2013-04-13 09:30:32 ----D---- C:\Documents and Settings\Anička\Application Data\QuickScan
2013-04-13 09:28:24 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2013-04-13 07:35:01 ----D---- C:\Documents and Settings\Anička\Application Data\Malwarebytes
2013-04-13 07:34:43 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-04-12 22:53:48 ----AD---- C:\WINDOWS\rundll16.exe
2013-04-12 22:53:48 ----AD---- C:\WINDOWS\logo1_.exe
2013-04-12 22:45:41 ----AD---- C:\WINDOWS\VDLL.DLL
2013-04-12 22:45:41 ----AD---- C:\WINDOWS\system32\runouce.exe
2013-04-12 22:45:41 ----AD---- C:\WINDOWS\RUNDL132.EXE
2013-04-12 22:45:41 ----AD---- C:\WINDOWS\logo_1.exe
2013-04-12 22:36:40 ----A---- C:\WINDOWS\system32\drivers\trufos.sys
2013-04-12 22:36:33 ----A---- C:\WINDOWS\system32\msvcr80.dll
2013-04-12 22:36:31 ----A---- C:\WINDOWS\system32\msvcp80.dll
2013-04-12 22:36:30 ----A---- C:\WINDOWS\system32\msvcp90.dll
2013-04-12 22:36:29 ----A---- C:\WINDOWS\system32\msvcr90.dll
2013-04-12 22:36:27 ----A---- C:\WINDOWS\system32\eEmpty.exe
2013-04-12 22:36:21 ----A---- C:\WINDOWS\system32\T.COM
2013-04-12 22:36:21 ----A---- C:\WINDOWS\R.COM
2013-04-12 22:36:19 ----D---- C:\Program Files\Common Files\MicroWorld
2013-04-12 22:36:03 ----D---- C:\Documents and Settings\All Users\Application Data\MicroWorld
2013-04-12 19:46:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-12 19:32:21 ----D---- C:\Program Files\VideoLAN
2013-04-12 19:25:20 ----D---- C:\Documents and Settings\Anička\Application Data\ESET
2013-04-12 18:11:16 ----A---- C:\WINDOWS\system32\RaCoInst.dat
2013-04-12 18:11:16 ----A---- C:\WINDOWS\system32\drivers\rt2870.sys
2013-04-12 18:07:02 ----A---- C:\WINDOWS\system32\drivers\AegisP.sys
2013-04-12 18:06:39 ----D---- C:\WINDOWS\OPTIONS
2013-04-12 18:06:39 ----A---- C:\WINDOWS\system32\drivers\rtl8192su.sys
2013-04-12 18:06:34 ----D---- C:\WINDOWS\system32\RtlGina
2013-04-12 18:06:34 ----D---- C:\Program Files\TP-LINK
2013-04-12 18:06:33 ----A---- C:\WINDOWS\system32\ISSRemoveSP.exe
2013-04-12 17:59:14 ----D---- C:\Documents and Settings\All Users\Application Data\RTLLog
2013-04-10 23:00:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2808735$
2013-04-10 23:00:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2013-04-10 22:55:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$
2013-04-10 22:55:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2813170$
2013-03-21 23:37:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2807986$
2013-03-20 18:59:59 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-20 18:59:59 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla

======List of files/folders modified in the last 1 month======

2013-04-15 21:06:21 ----D---- C:\WINDOWS\Prefetch
2013-04-15 21:06:16 ----RD---- C:\Program Files
2013-04-15 21:04:39 ----D---- C:\WINDOWS\system32\drivers
2013-04-15 21:04:36 ----D---- C:\WINDOWS
2013-04-15 21:00:38 ----A---- C:\WINDOWS\system.ini
2013-04-15 20:59:50 ----D---- C:\WINDOWS\system32\drivers\etc
2013-04-15 20:57:16 ----D---- C:\WINDOWS\system32\config
2013-04-15 20:52:06 ----D---- C:\WINDOWS\system32
2013-04-15 20:52:06 ----D---- C:\WINDOWS\AppPatch
2013-04-15 20:52:01 ----D---- C:\Program Files\Common Files
2013-04-15 20:03:43 ----SD---- C:\WINDOWS\Tasks
2013-04-15 20:00:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-04-15 19:42:25 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-15 19:42:04 ----RASH---- C:\boot.ini
2013-04-15 19:30:05 ----HD---- C:\WINDOWS\inf
2013-04-15 19:30:04 ----D---- C:\WINDOWS\system32\CatRoot
2013-04-15 19:29:58 ----D---- C:\Program Files\Internet Explorer
2013-04-15 19:29:08 ----HD---- C:\WINDOWS\$hf_mig$
2013-04-15 19:21:26 ----D---- C:\WINDOWS\system32\sk-sk
2013-04-15 19:21:25 ----D---- C:\WINDOWS\Media
2013-04-15 19:21:25 ----D---- C:\WINDOWS\Help
2013-04-15 19:12:48 ----D---- C:\WINDOWS\Debug
2013-04-15 19:05:45 ----D---- C:\WINDOWS\system32\en-us
2013-04-15 19:03:41 ----D---- C:\WINDOWS\ie8updates
2013-04-15 18:46:39 ----D---- C:\WINDOWS\network diagnostic
2013-04-15 18:38:28 ----SHD---- C:\System Volume Information
2013-04-15 18:38:28 ----D---- C:\WINDOWS\system32\Restore
2013-04-15 18:09:41 ----D---- C:\Program Files\Mozilla Firefox
2013-04-14 12:00:43 ----D---- C:\Documents and Settings\Anička\Application Data\Skype
2013-04-13 12:25:18 ----D---- C:\WINDOWS\WinSxS
2013-04-13 11:55:43 ----D---- C:\WINDOWS\nview
2013-04-13 11:52:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-04-13 11:51:36 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-04-13 11:51:30 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-13 11:48:40 ----D---- C:\NVIDIA
2013-04-13 11:00:54 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-04-12 22:38:09 ----A---- C:\WINDOWS\win.ini
2013-04-12 19:47:24 ----D---- C:\WINDOWS\SoftwareDistribution
2013-04-12 19:41:50 ----D---- C:\Documents and Settings
2013-04-12 19:21:56 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2013-04-12 19:18:36 ----D---- C:\Program Files\CCleaner
2013-04-12 18:17:03 ----SD---- C:\Documents and Settings\Anička\Application Data\Microsoft
2013-04-12 18:15:29 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2013-04-10 22:56:49 ----A---- C:\WINDOWS\system32\MRT.exe
2013-03-31 20:16:33 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2013-03-31 20:16:28 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-03-20 18:57:33 ----D---- C:\Documents and Settings\Anička\Application Data\XnView

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\System32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 Imagedrv;Imagedrv; C:\WINDOWS\system32\DRIVERS\imagedrv.sys [2003-03-29 89184]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 SISAGP;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R0 SiSide;SiSide; C:\WINDOWS\System32\DRIVERS\siside.sys [2003-03-25 4096]
R0 uagp35;Microsoft AGPv3.5 Filter; C:\WINDOWS\System32\DRIVERS\uagp35.sys [2008-04-14 44672]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 37760]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2013-01-10 161368]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2013-02-14 62512]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2013-04-12 21361]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2013-01-10 150080]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 Scutum50;Scutum50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\Scutum50.sys [2012-10-25 26336]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2013-01-10 40376]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2009-11-02 20480]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2009-11-02 11520]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2012-08-20 1249888]
R3 SiS7012;Service for AC'97 Sample Driver (WDM); C:\WINDOWS\system32\drivers\sis7012.sys [2004-11-03 267136]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-06-30 32768]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ActivHidSerMini;Promethean Serial Board Driver; C:\WINDOWS\system32\DRIVERS\activhidsermini.sys [2008-06-16 57088]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-18 610988]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-10-17 754560]
S3 gMouPS2;PS2 Scroll Mouse Device; C:\WINDOWS\system32\DRIVERS\gMouPS2.sys [2009-06-30 17408]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mbr;mbr; \??\C:\DOCUME~1\ANIKA~1\LOCALS~1\Temp\mbr.sys []
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2002-07-10 32256]
S3 trufos;trufos; C:\WINDOWS\system32\drivers\trufos.sys [2013-04-12 343456]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-03-21 1341664]
R2 GeniusMouseService;GeniusMouseService; C:\Genius\ioCentre\GMouseService.exe [2010-03-11 12288]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 RalinkRegistryWriter;RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [2012-07-04 372736]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-11 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-11 135664]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-20 129976]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 RaMediaServer;Ralink UPnP Media Server; C:\Program Files\Ralink\Common\RaMediaServer.exe [2012-07-06 1863680]

-----------------EOF-----------------

Stiahni si AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
ulož ho na plochu Spusť program stlač tlačidlo search
Po skene sa objaví log budeš ho mať na systémovom disku ako AdwCleaner[R?].txt cely obsah vlož sem

# AdwCleaner v2.200 - Logfile created 04/15/2013 at 21:49:04
# Updated 02/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Anička - COMP025C
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Anička\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar
Folder Found : C:\Program Files\ICQ6Toolbar

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Key Found : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Key Found : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Key Found : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Key Found : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Key Found : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Key Found : HKLM\SOFTWARE\Classes\toolband.useroptions
Key Found : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKU\S-1-5-21-1715567821-1767777339-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v12.0 (sk)

File : C:\Documents and Settings\Anička\Application Data\Mozilla\Firefox\Profiles\5yay17oq.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\Anička\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2951 octets] - [15/04/2013 21:49:04]

########## EOF - C:\AdwCleaner[R1].txt - [3011 octets] ##########

Spusť adwcleaner stlač tlačidlo delete pre odsúhlasenie stlač OK počítač sa reštartuje
log budeš ho mať na systémovom disku ako AdwCleaner[S?].txt cely obsah vlož sem

# AdwCleaner v2.200 - Logfile created 04/16/2013 at 17:40:35
# Updated 02/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Anička - COMP025C
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Anička\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar
Folder Deleted : C:\Program Files\ICQ6Toolbar

***** [Registry] *****

Stiahni si RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe ulož ho na plochu a spusť ako správca
Prebehne test keď skonči stlač tlačidlo prehľadať
Keď to skonči stlač tlačidlo sprava log vlož sem

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spustené v : Normálny režim
Užívateľ : Anička [Práva Správcu]
Režim : Kontrola -- Dátum : 04/16/2013 18:01:37
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 1 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: HDS728080PLAT20 +++++
--- User ---
[MBR] 86156efef5086ac471923faf1566df2d
[BSP] 044db8bddf2ed25e455f186fca28a915 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 29996 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61432560 | Size: 48524 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1]_S_04162013_02d1801.txt >>
RKreport[1]_S_04162013_02d1801.txt

Znovu spusť RogueKiller
Prebehne test keď skonči stlač tlačidlo prehľadať
Po dokončení stlač tlačidlo zmazať
Keď to skonči stlač tlačidlo sprava objaví sa log ten sem vlož
Potom klikni na tlačidlo oprava HOST
Znovu Keď to skonči stlač tlačidlo sprava log vlož sem


Stiahni si tdsskiller http://support.kaspersky.com/downloads/ ... killer.exe na plochu
Spusť daj scan nič nemaž
C:\TDSSKiller.2.8.15.0._datum_log.txt , vlož sem celý log

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spustené v : Normálny režim
Užívateľ : Anička [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 04/16/2013 18:09:58
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončené : << RKreport[4]_H_04162013_02d1809.txt >>
RKreport[1]_S_04162013_02d1801.txt ; RKreport[2]_S_04162013_02d1809.txt ; RKreport[3]_D_04162013_02d1809.txt ; RKreport[4]_H_04162013_02d1809.txt

tds
18:12:03.0687 2380 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:12:03.0937 2380 ============================================================
18:12:03.0937 2380 Current date / time: 2013/04/16 18:12:03.0937
18:12:03.0937 2380 SystemInfo:
18:12:03.0937 2380
18:12:03.0937 2380 OS Version: 5.1.2600 ServicePack: 3.0
18:12:03.0937 2380 Product type: Workstation
18:12:03.0937 2380 ComputerName: COMP025C
18:12:03.0937 2380 UserName: Anička
18:12:03.0937 2380 Windows directory: C:\WINDOWS
18:12:03.0937 2380 System windows directory: C:\WINDOWS
18:12:03.0937 2380 Processor architecture: Intel x86
18:12:03.0937 2380 Number of processors: 1
18:12:03.0937 2380 Page size: 0x1000
18:12:03.0937 2380 Boot type: Normal boot
18:12:03.0937 2380 ============================================================
18:12:05.0765 2380 Drive \Device\Harddisk0\DR0 - Size: 0x132C570000 (76.69 Gb), SectorSize: 0x200, Cylinders: 0x271B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:12:05.0765 2380 ============================================================
18:12:05.0765 2380 \Device\Harddisk0\DR0:
18:12:05.0765 2380 MBR partitions:
18:12:05.0765 2380 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A962B1
18:12:05.0781 2380 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A9632F, BlocksNum 0x5EC636B
18:12:05.0781 2380 ============================================================
18:12:05.0812 2380 C: <-> \Device\Harddisk0\DR0\Partition1
18:12:05.0828 2380 D: <-> \Device\Harddisk0\DR0\Partition2
18:12:05.0843 2380 ============================================================
18:12:05.0843 2380 Initialize success
18:12:05.0843 2380 ============================================================
18:12:07.0906 2528 ============================================================
18:12:07.0906 2528 Scan started
18:12:07.0906 2528 Mode: Manual;
18:12:07.0906 2528 ============================================================
18:12:08.0578 2528 ================ Scan system memory ========================
18:12:08.0578 2528 System memory - ok
18:12:08.0578 2528 ================ Scan services =============================
18:12:08.0703 2528 Abiosdsk - ok
18:12:08.0718 2528 abp480n5 - ok
18:12:08.0796 2528 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:12:08.0796 2528 ACPI - ok
18:12:08.0843 2528 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:12:08.0843 2528 ACPIEC - ok
18:12:08.0890 2528 [ 31FB534109DECB0930806FAD0B2985E9 ] ActivHidSerMini C:\WINDOWS\system32\DRIVERS\activhidsermini.sys
18:12:08.0906 2528 ActivHidSerMini - ok
18:12:09.0000 2528 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:12:09.0000 2528 AdobeFlashPlayerUpdateSvc - ok
18:12:09.0031 2528 adpu160m - ok
18:12:09.0078 2528 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:12:09.0078 2528 aec - ok
18:12:09.0140 2528 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
18:12:09.0140 2528 AegisP - ok
18:12:09.0187 2528 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:12:09.0203 2528 AFD - ok
18:12:09.0234 2528 Aha154x - ok
18:12:09.0250 2528 aic78u2 - ok
18:12:09.0281 2528 aic78xx - ok
18:12:09.0390 2528 [ FBBCB95F677CBAA924140B6EA2D9A97B ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS
18:12:09.0421 2528 ALCXSENS - ok
18:12:09.0484 2528 [ 4DD2C10FC6434FEDCB7C71FBDC1F107A ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
18:12:09.0500 2528 ALCXWDM - ok
18:12:09.0546 2528 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:12:09.0546 2528 Alerter - ok
18:12:09.0593 2528 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
18:12:09.0593 2528 ALG - ok
18:12:09.0625 2528 AliIde - ok
18:12:09.0671 2528 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys
18:12:09.0671 2528 AmdK7 - ok
18:12:09.0703 2528 amsint - ok
18:12:09.0765 2528 asc - ok
18:12:09.0796 2528 asc3350p - ok
18:12:09.0812 2528 asc3550 - ok
18:12:09.0859 2528 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:12:09.0859 2528 AsyncMac - ok
18:12:09.0906 2528 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:12:09.0921 2528 atapi - ok
18:12:09.0937 2528 Atdisk - ok
18:12:09.0984 2528 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:12:10.0000 2528 Atmarpc - ok
18:12:10.0046 2528 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:12:10.0062 2528 AudioSrv - ok
18:12:10.0109 2528 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:12:10.0109 2528 audstub - ok
18:12:10.0375 2528 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:12:10.0375 2528 Beep - ok
18:12:10.0453 2528 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
18:12:10.0484 2528 BITS - ok
18:12:10.0531 2528 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
18:12:10.0546 2528 Browser - ok
18:12:10.0562 2528 catchme - ok
18:12:10.0609 2528 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:12:10.0609 2528 cbidf2k - ok
18:12:10.0625 2528 cd20xrnt - ok
18:12:10.0703 2528 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:12:10.0703 2528 Cdaudio - ok
18:12:10.0765 2528 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:12:10.0781 2528 Cdfs - ok
18:12:10.0812 2528 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:12:10.0812 2528 Cdrom - ok
18:12:10.0828 2528 Changer - ok
18:12:10.0890 2528 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:12:10.0890 2528 CiSvc - ok
18:12:10.0921 2528 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:12:10.0921 2528 ClipSrv - ok
18:12:10.0968 2528 CmdIde - ok
18:12:11.0046 2528 [ C9ACB382326B55748B2FC38B8A6A0759 ] cmuda C:\WINDOWS\system32\drivers\cmuda.sys
18:12:11.0062 2528 cmuda - ok
18:12:11.0078 2528 COMSysApp - ok
18:12:11.0125 2528 Cpqarray - ok
18:12:11.0187 2528 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:12:11.0203 2528 CryptSvc - ok
18:12:11.0234 2528 dac2w2k - ok
18:12:11.0250 2528 dac960nt - ok
18:12:11.0343 2528 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:12:11.0359 2528 DcomLaunch - ok
18:12:11.0406 2528 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:12:11.0421 2528 Dhcp - ok
18:12:11.0468 2528 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:12:11.0468 2528 Disk - ok
18:12:11.0484 2528 dmadmin - ok
18:12:11.0562 2528 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:12:11.0578 2528 dmboot - ok
18:12:11.0609 2528 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:12:11.0609 2528 dmio - ok
18:12:11.0656 2528 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:12:11.0671 2528 dmload - ok
18:12:11.0718 2528 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:12:11.0718 2528 dmserver - ok
18:12:11.0765 2528 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:12:11.0781 2528 DMusic - ok
18:12:11.0828 2528 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:12:11.0828 2528 Dnscache - ok
18:12:11.0890 2528 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:12:11.0890 2528 Dot3svc - ok
18:12:11.0921 2528 dpti2o - ok
18:12:11.0984 2528 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:12:11.0984 2528 drmkaud - ok
18:12:12.0031 2528 [ 14EA0C26137744636EB25B3FF1F2B02E ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
18:12:12.0046 2528 eamon - ok
18:12:12.0093 2528 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:12:12.0093 2528 EapHost - ok
18:12:12.0156 2528 [ 366369746D1818FDD8589D1F2C8A6D03 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
18:12:12.0171 2528 ehdrv - ok
18:12:12.0218 2528 [ 4E60D89388EDBB852112FD63779D4274 ] EIO C:\WINDOWS\system32\drivers\EIO.sys
18:12:12.0234 2528 EIO - ok
18:12:12.0375 2528 [ 7FE34FD5652C54BDA8D2DF8AC92E833A ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
18:12:12.0421 2528 ekrn - ok
18:12:12.0484 2528 [ 5F08103444A1B5B2A38EAB729DE0A1A3 ] epfw C:\WINDOWS\system32\DRIVERS\epfw.sys
18:12:12.0500 2528 epfw - ok
18:12:12.0546 2528 [ 03C6C226BC364D23682A8A5AE136F038 ] Epfwndis C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
18:12:12.0546 2528 Epfwndis - ok
18:12:12.0578 2528 [ FEDBE43C34EF0D4CB249C22964B0E17D ] epfwtdi C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
18:12:12.0578 2528 epfwtdi - ok
18:12:12.0640 2528 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:12:12.0640 2528 ERSvc - ok
18:12:12.0703 2528 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
18:12:12.0718 2528 Eventlog - ok
18:12:12.0765 2528 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
18:12:12.0781 2528 EventSystem - ok
18:12:12.0828 2528 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:12:12.0828 2528 Fastfat - ok
18:12:12.0906 2528 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:12:12.0921 2528 FastUserSwitchingCompatibility - ok
18:12:12.0953 2528 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:12:12.0953 2528 Fdc - ok
18:12:13.0000 2528 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:12:13.0000 2528 Fips - ok
18:12:13.0046 2528 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:12:13.0046 2528 Flpydisk - ok
18:12:13.0093 2528 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:12:13.0109 2528 FltMgr - ok
18:12:13.0140 2528 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:12:13.0140 2528 Fs_Rec - ok
18:12:13.0171 2528 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:12:13.0171 2528 Ftdisk - ok
18:12:13.0203 2528 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
18:12:13.0218 2528 gagp30kx - ok
18:12:13.0281 2528 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
18:12:13.0281 2528 gameenum - ok
18:12:13.0359 2528 [ 1FC39E7BA16CB0463347265CDC6C10C2 ] GeniusMouseService C:\Genius\ioCentre\GMouseService.exe
18:12:13.0359 2528 GeniusMouseService - ok
18:12:13.0421 2528 [ D4692D4CBBDE6A622A47F63D2CCC26C5 ] gHidPnp C:\WINDOWS\system32\Drivers\gHidPnp.Sys
18:12:13.0421 2528 gHidPnp - ok
18:12:13.0453 2528 [ 93AB8D8345D0B90EB255EC5F4E5B3852 ] gMouPS2 C:\WINDOWS\system32\DRIVERS\gMouPS2.sys
18:12:13.0453 2528 gMouPS2 - ok
18:12:13.0515 2528 [ D7B70109E9589D5F3C3CCDD6BA76E0C1 ] gMouUsb C:\WINDOWS\system32\DRIVERS\gMouUsb.sys
18:12:13.0515 2528 gMouUsb - ok
18:12:13.0562 2528 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:12:13.0578 2528 Gpc - ok
18:12:13.0656 2528 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:12:13.0671 2528 gupdate - ok
18:12:13.0703 2528 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:12:13.0703 2528 gupdatem - ok
18:12:13.0765 2528 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:12:13.0765 2528 gusvc - ok
18:12:13.0843 2528 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:12:13.0843 2528 helpsvc - ok
18:12:13.0906 2528 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:12:13.0906 2528 HidServ - ok
18:12:13.0953 2528 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:12:13.0953 2528 hidusb - ok
18:12:14.0000 2528 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:12:14.0015 2528 hkmsvc - ok
18:12:14.0046 2528 hpn - ok
18:12:14.0093 2528 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:12:14.0109 2528 HTTP - ok
18:12:14.0156 2528 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:12:14.0171 2528 HTTPFilter - ok
18:12:14.0203 2528 i2omgmt - ok
18:12:14.0234 2528 i2omp - ok
18:12:14.0265 2528 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:12:14.0281 2528 i8042prt - ok
18:12:14.0328 2528 [ FCCF4AE4EF72CBABA6D6BEFEFD77E940 ] Imagedrv C:\WINDOWS\system32\DRIVERS\imagedrv.sys
18:12:14.0328 2528 Imagedrv - ok
18:12:14.0359 2528 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:12:14.0375 2528 Imapi - ok
18:12:14.0421 2528 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:12:14.0437 2528 ImapiService - ok
18:12:14.0468 2528 ini910u - ok
18:12:14.0531 2528 IntelIde - ok
18:12:14.0578 2528 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:12:14.0578 2528 ip6fw - ok
18:12:14.0609 2528 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:12:14.0609 2528 IpFilterDriver - ok
18:12:14.0625 2528 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:12:14.0625 2528 IpInIp - ok
18:12:14.0671 2528 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:12:14.0687 2528 IpNat - ok
18:12:14.0703 2528 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:12:14.0703 2528 IPSec - ok
18:12:14.0765 2528 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
18:12:14.0765 2528 irda - ok
18:12:14.0796 2528 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:12:14.0812 2528 IRENUM - ok
18:12:14.0828 2528 [ 49CC4533CE897CB2E93C1E84A818FDE5 ] Irmon C:\WINDOWS\System32\irmon.dll
18:12:14.0843 2528 Irmon - ok
18:12:14.0859 2528 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
18:12:14.0859 2528 irsir - ok
18:12:14.0906 2528 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:12:14.0921 2528 isapnp - ok
18:12:14.0968 2528 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:12:14.0968 2528 Kbdclass - ok
18:12:15.0000 2528 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:12:15.0000 2528 kbdhid - ok
18:12:15.0046 2528 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:12:15.0062 2528 kmixer - ok
18:12:15.0109 2528 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:12:15.0140 2528 KSecDD - ok
18:12:15.0187 2528 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:12:15.0203 2528 lanmanserver - ok
18:12:15.0265 2528 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:12:15.0281 2528 lanmanworkstation - ok
18:12:15.0296 2528 lbrtfdc - ok
18:12:15.0390 2528 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:12:15.0390 2528 LmHosts - ok
18:12:15.0437 2528 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
18:12:15.0437 2528 MBAMSwissArmy - ok
18:12:15.0531 2528 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
18:12:15.0531 2528 MDM - ok
18:12:15.0578 2528 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:12:15.0593 2528 Messenger - ok
18:12:15.0671 2528 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:12:15.0671 2528 mnmdd - ok
18:12:15.0765 2528 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
18:12:15.0765 2528 mnmsrvc - ok
18:12:15.0812 2528 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:12:15.0812 2528 Modem - ok
18:12:15.0859 2528 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:12:15.0859 2528 Mouclass - ok
18:12:15.0875 2528 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:12:15.0875 2528 mouhid - ok
18:12:15.0906 2528 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:12:15.0906 2528 MountMgr - ok
18:12:15.0953 2528 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:12:15.0953 2528 MozillaMaintenance - ok
18:12:15.0984 2528 mraid35x - ok
18:12:16.0015 2528 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:12:16.0015 2528 MRxDAV - ok
18:12:16.0109 2528 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:12:16.0125 2528 MRxSmb - ok
18:12:16.0156 2528 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
18:12:16.0156 2528 MSDTC - ok
18:12:16.0171 2528 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:12:16.0187 2528 Msfs - ok
18:12:16.0203 2528 MSIServer - ok
18:12:16.0250 2528 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:12:16.0250 2528 MSKSSRV - ok
18:12:16.0265 2528 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:12:16.0265 2528 MSPCLOCK - ok
18:12:16.0296 2528 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:12:16.0296 2528 MSPQM - ok
18:12:16.0359 2528 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:12:16.0359 2528 mssmbios - ok
18:12:16.0390 2528 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
18:12:16.0390 2528 ms_mpu401 - ok
18:12:16.0437 2528 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:12:16.0453 2528 Mup - ok
18:12:16.0500 2528 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:12:16.0515 2528 napagent - ok
18:12:16.0578 2528 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:12:16.0593 2528 NDIS - ok
18:12:16.0640 2528 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:12:16.0640 2528 NdisTapi - ok
18:12:16.0656 2528 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:12:16.0656 2528 Ndisuio - ok
18:12:16.0703 2528 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:12:16.0703 2528 NdisWan - ok
18:12:16.0734 2528 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:12:16.0750 2528 NDProxy - ok
18:12:16.0781 2528 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:12:16.0781 2528 NetBIOS - ok
18:12:16.0812 2528 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:12:16.0812 2528 NetBT - ok
18:12:16.0859 2528 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
18:12:16.0859 2528 NetDDE - ok
18:12:16.0875 2528 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:12:16.0875 2528 NetDDEdsdm - ok
18:12:16.0937 2528 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:12:16.0968 2528 Netlogon - ok
18:12:17.0046 2528 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
18:12:17.0062 2528 Netman - ok
18:12:17.0125 2528 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
18:12:17.0125 2528 Nla - ok
18:12:17.0187 2528 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:12:17.0187 2528 Npfs - ok
18:12:17.0234 2528 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:12:17.0234 2528 Ntfs - ok
18:12:17.0265 2528 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
18:12:17.0265 2528 NtLmSsp - ok
18:12:17.0343 2528 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:12:17.0375 2528 NtmsSvc - ok
18:12:17.0406 2528 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:12:17.0421 2528 Null - ok
18:12:17.0765 2528 [ 9F4384AA43548DDD438F7B7825D11699 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:12:18.0046 2528 nv - ok
18:12:18.0109 2528 [ 0C41C4ACFE00D826DB479C40C1D9EDC8 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
18:12:18.0125 2528 NVSvc - ok
18:12:18.0156 2528 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:12:18.0156 2528 NwlnkFlt - ok
18:12:18.0187 2528 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:12:18.0187 2528 NwlnkFwd - ok
18:12:18.0234 2528 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:12:18.0234 2528 ose - ok
18:12:18.0296 2528 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:12:18.0296 2528 Parport - ok
18:12:18.0328 2528 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:12:18.0328 2528 PartMgr - ok
18:12:18.0375 2528 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:12:18.0375 2528 ParVdm - ok
18:12:18.0390 2528 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:12:18.0390 2528 PCI - ok
18:12:18.0406 2528 PCIDump - ok
18:12:18.0453 2528 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:12:18.0453 2528 PCIIde - ok
18:12:18.0500 2528 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:12:18.0500 2528 Pcmcia - ok
18:12:18.0515 2528 PDCOMP - ok
18:12:18.0531 2528 PDFRAME - ok
18:12:18.0562 2528 PDRELI - ok
18:12:18.0578 2528 PDRFRAME - ok
18:12:18.0609 2528 perc2 - ok
18:12:18.0625 2528 perc2hib - ok
18:12:18.0687 2528 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
18:12:18.0703 2528 PlugPlay - ok
18:12:18.0718 2528 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:12:18.0718 2528 PolicyAgent - ok
18:12:18.0765 2528 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:12:18.0765 2528 PptpMiniport - ok
18:12:18.0781 2528 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:12:18.0781 2528 ProtectedStorage - ok
18:12:18.0812 2528 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:12:18.0812 2528 PSched - ok
18:12:18.0859 2528 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:12:18.0859 2528 Ptilink - ok
18:12:18.0890 2528 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:12:18.0890 2528 PxHelp20 - ok
18:12:18.0906 2528 ql1080 - ok
18:12:18.0937 2528 Ql10wnt - ok
18:12:18.0968 2528 ql12160 - ok
18:12:18.0984 2528 ql1240 - ok
18:12:19.0015 2528 ql1280 - ok
18:12:19.0046 2528 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:12:19.0046 2528 RasAcd - ok
18:12:19.0093 2528 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:12:19.0093 2528 RasAuto - ok
18:12:19.0140 2528 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
18:12:19.0140 2528 Rasirda - ok
18:12:19.0156 2528 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:12:19.0156 2528 Rasl2tp - ok
18:12:19.0218 2528 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:12:19.0218 2528 RasMan - ok
18:12:19.0234 2528 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:12:19.0250 2528 RasPppoe - ok
18:12:19.0281 2528 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:12:19.0281 2528 Raspti - ok
18:12:19.0296 2528 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:12:19.0312 2528 Rdbss - ok
18:12:19.0328 2528 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:12:19.0343 2528 RDPCDD - ok
18:12:19.0390 2528 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:12:19.0406 2528 RDPWD - ok
18:12:19.0437 2528 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:12:19.0453 2528 RDSessMgr - ok
18:12:19.0484 2528 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:12:19.0484 2528 redbook - ok
18:12:19.0531 2528 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:12:19.0531 2528 RemoteAccess - ok
18:12:19.0578 2528 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
18:12:19.0578 2528 RpcLocator - ok
18:12:19.0656 2528 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
18:12:19.0656 2528 RpcSs - ok
18:12:19.0718 2528 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
18:12:19.0718 2528 RSVP - ok
18:12:19.0812 2528 [ 0A7293EDC2537652A4914018A7589F14 ] rt2870 C:\WINDOWS\system32\DRIVERS\rt2870.sys
18:12:19.0843 2528 rt2870 - ok
18:12:19.0875 2528 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
18:12:19.0875 2528 SamSs - ok
18:12:19.0921 2528 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:12:19.0921 2528 SASDIFSV - ok
18:12:19.0937 2528 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:12:19.0953 2528 SASKUTIL - ok
18:12:19.0984 2528 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:12:19.0984 2528 SCardSvr - ok
18:12:20.0046 2528 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:12:20.0062 2528 Schedule - ok
18:12:20.0093 2528 Scutum50 - ok
18:12:20.0125 2528 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:12:20.0125 2528 Secdrv - ok
18:12:20.0171 2528 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:12:20.0171 2528 seclogon - ok
18:12:20.0234 2528 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
18:12:20.0234 2528 SENS - ok
18:12:20.0265 2528 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:12:20.0265 2528 serenum - ok
18:12:20.0296 2528 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:12:20.0296 2528 Serial - ok
18:12:20.0328 2528 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:12:20.0328 2528 Sfloppy - ok
18:12:20.0375 2528 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:12:20.0390 2528 SharedAccess - ok
18:12:20.0421 2528 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:12:20.0421 2528 ShellHWDetection - ok
18:12:20.0437 2528 Simbad - ok
18:12:20.0515 2528 [ 3FB1DBD8A787BB5AFD8D4EC3C5701608 ] SiS7012 C:\WINDOWS\system32\drivers\sis7012.sys
18:12:20.0531 2528 SiS7012 - ok
18:12:20.0593 2528 [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
18:12:20.0609 2528 SISAGP - ok
18:12:20.0625 2528 [ B4485881BD8AED9B157A2E6CF43C2D51 ] SiSide C:\WINDOWS\system32\DRIVERS\siside.sys
18:12:20.0640 2528 SiSide - ok
18:12:20.0656 2528 [ 8204C49CDE112F7B9C2F15707FE2CC5A ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys
18:12:20.0671 2528 SISNIC - ok
18:12:20.0734 2528 [ 9FFBF0D8881A985175BC86597A1B429F ] SISNICXP C:\WINDOWS\system32\DRIVERS\sisnicxp.sys
18:12:20.0734 2528 SISNICXP - ok
18:12:20.0750 2528 Sparrow - ok
18:12:20.0796 2528 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:12:20.0796 2528 splitter - ok
18:12:20.0843 2528 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:12:20.0843 2528 Spooler - ok
18:12:20.0875 2528 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:12:20.0875 2528 sr - ok
18:12:20.0921 2528 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
18:12:20.0937 2528 srservice - ok
18:12:21.0000 2528 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:12:21.0000 2528 Srv - ok
18:12:21.0046 2528 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:12:21.0062 2528 SSDPSRV - ok
18:12:21.0093 2528 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:12:21.0109 2528 stisvc - ok
18:12:21.0156 2528 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:12:21.0156 2528 swenum - ok
18:12:21.0171 2528 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:12:21.0187 2528 swmidi - ok
18:12:21.0203 2528 SwPrv - ok
18:12:21.0234 2528 symc810 - ok
18:12:21.0265 2528 symc8xx - ok
18:12:21.0296 2528 sym_hi - ok
18:12:21.0312 2528 sym_u3 - ok
18:12:21.0343 2528 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:12:21.0343 2528 sysaudio - ok
18:12:21.0390 2528 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:12:21.0390 2528 SysmonLog - ok
18:12:21.0437 2528 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:12:21.0453 2528 TapiSrv - ok
18:12:21.0500 2528 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:12:21.0515 2528 Tcpip - ok
18:12:21.0546 2528 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:12:21.0562 2528 TDPIPE - ok
18:12:21.0578 2528 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:12:21.0578 2528 TDTCP - ok
18:12:21.0625 2528 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:12:21.0625 2528 TermDD - ok
18:12:21.0687 2528 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
18:12:21.0703 2528 TermService - ok
18:12:21.0734 2528 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
18:12:21.0734 2528 Themes - ok
18:12:21.0765 2528 TosIde - ok
18:12:21.0796 2528 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:12:21.0812 2528 TrkWks - ok
18:12:21.0890 2528 [ F2AEE22231046CAD8D2F94D2C0F9BEFB ] trufos C:\WINDOWS\system32\drivers\trufos.sys
18:12:21.0906 2528 trufos - ok
18:12:21.0953 2528 [ D85938F272D1BCF3DB3A31FC0A048928 ] uagp35 C:\WINDOWS\system32\DRIVERS\uagp35.sys
18:12:21.0953 2528 uagp35 - ok
18:12:21.0984 2528 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:12:21.0984 2528 Udfs - ok
18:12:22.0000 2528 ultra - ok
18:12:22.0078 2528 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
18:12:22.0078 2528 UMWdf - ok
18:12:22.0125 2528 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:12:22.0140 2528 Update - ok
18:12:22.0203 2528 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:12:22.0203 2528 upnphost - ok
18:12:22.0250 2528 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
18:12:22.0250 2528 UPS - ok
18:12:22.0296 2528 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:12:22.0296 2528 usbccgp - ok
18:12:22.0328 2528 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:12:22.0328 2528 usbehci - ok
18:12:22.0359 2528 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:12:22.0359 2528 usbhub - ok
18:12:22.0406 2528 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:12:22.0406 2528 usbohci - ok
18:12:22.0453 2528 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:12:22.0453 2528 usbprint - ok
18:12:22.0500 2528 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:12:22.0500 2528 USBSTOR - ok
18:12:22.0515 2528 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:12:22.0531 2528 VgaSave - ok
18:12:22.0546 2528 ViaIde - ok
18:12:22.0593 2528 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:12:22.0593 2528 VolSnap - ok
18:12:22.0656 2528 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
18:12:22.0671 2528 VSS - ok
18:12:22.0718 2528 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
18:12:22.0734 2528 W32Time - ok
18:12:22.0796 2528 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:12:22.0796 2528 Wanarp - ok
18:12:22.0812 2528 WDICA - ok
18:12:22.0843 2528 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:12:22.0859 2528 wdmaud - ok
18:12:22.0906 2528 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:12:22.0921 2528 WebClient - ok
18:12:22.0984 2528 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:12:22.0984 2528 winmgmt - ok
18:12:23.0062 2528 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:12:23.0062 2528 WmdmPmSN - ok
18:12:23.0125 2528 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
18:12:23.0125 2528 WmiApSrv - ok
18:12:23.0156 2528 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:12:23.0156 2528 WS2IFSL - ok
18:12:23.0218 2528 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:12:23.0328 2528 wscsvc - ok
18:12:23.0359 2528 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:12:23.0359 2528 wuauserv - ok
18:12:23.0421 2528 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:12:23.0453 2528 WZCSVC - ok
18:12:23.0500 2528 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:12:23.0515 2528 xmlprov - ok
18:12:23.0546 2528 ================ Scan global ===============================
18:12:23.0578 2528 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:12:23.0640 2528 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
18:12:23.0687 2528 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
18:12:23.0718 2528 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:12:23.0718 2528 [Global] - ok
18:12:23.0734 2528 ================ Scan MBR ==================================
18:12:23.0750 2528 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:12:23.0953 2528 \Device\Harddisk0\DR0 - ok
18:12:23.0968 2528 ================ Scan VBR ==================================
18:12:23.0984 2528 [ 53A7549C07A0AF5CA6D7351CC2D04C95 ] \Device\Harddisk0\DR0\Partition1
18:12:23.0984 2528 \Device\Harddisk0\DR0\Partition1 - ok
18:12:24.0015 2528 [ EF7CFBD163FC2DAD243B7B3744EB590F ] \Device\Harddisk0\DR0\Partition2
18:12:24.0015 2528 \Device\Harddisk0\DR0\Partition2 - ok
18:12:24.0031 2528 ============================================================
18:12:24.0031 2528 Scan finished
18:12:24.0031 2528 ============================================================
18:12:24.0078 0136 Detected object count: 0
18:12:24.0078 0136 Actual detected object count: 0

Stiahni si MBAM z http://www.techspot.com/downloads/4716- ... lware.html nainštaluj spusť daj plnú kontrolu predom nič nemaž pošli výpis z protokolov

sorry toto je rýchly scan
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verzia databázy: v2013.04.16.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Anička :: COMP025C [administrátor]

16.4.2013 19:10:52
mbam-log-2013-04-16 (19-10-52).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 238720
Uplynutý čas: 11 min, 24 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

ja chcem ale uplnu kontrolu

ďakujem za ochotuu a rady ale nabral som odvahu a
lock, idem ho komplet preinštalovať uvidíme čo sa s tým stane

Som tu nový - môže aj mne niekto skontrolovať log z Hijackthis? mám strašne spomalené PC a neviem čím to je. Tu je log:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 16:40:47, on 13. 3. 2014
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\INCOMING\PROGRAMY\SOFTWARE PC\HiJackThis_v2\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\Spy Emergency\SpyEmergency.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\system32\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\Spy Emergency\SpyEmergencySrv.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe

--
End of file - 6603 bytes

Odinštaluj McAfee ,Trend Micro Titanium

mám odinštalované. vďaka za radu.