rozdávanie vírov a antivírus nič nenájde
Napsal: 19 dub 2010 12:15
Dobrý deň,
mám problém s vírusom prípadne trojanom. Hneď ako nakopírujem niečo na externý disk, alebo USB kľúč tak sa tam nakopíruje aj nejaký trojan. Ale celkovo počítač pracuje pomalšie.
tu je log :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-04-19 13:10:57
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 29 GB (58%) free of 50 GB
Total RAM: 3583 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:11:08, on 19.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SpeedItUpFree\SpeedItUp.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
E:\SOFTWARE\KANCELARIA\Kalkulacka\HEXelonMAX_pack\HEXelonMAX6\hexelon.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\rpcnet.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Documents and Settings\Administrator\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [MsgTranAgt] C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [Power4Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\AsScrProlog.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [System Files Updater] C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe /S
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\SpeedItUpFree\SpeedItUp.exe -MINI
O4 - HKCU\..\Run: [HEXelon MAX] "E:\SOFTWARE\KANCELARIA\Kalkulacka\HEXelonMAX_pack\HEXelonMAX6\hexelon.exe" /auto
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Ovládací prvek AcDcToday) - file://C:\Program Files\AutoCAD 2002 Cz\AcDcToday.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file://C:\Program Files\AutoCAD 2002 Cz\AcPreview.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: Aspwdflt - C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\WINDOWS\system32\rpcnet.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 9955 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_P.dll [2009-07-02 2215960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_P.dll [2009-07-02 2215960]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-04-15 13750272]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-04-15 86016]
"nwiz"=nwiz.exe /installquiet []
"MsgTranAgt"=C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [2008-08-18 117304]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2009-03-20 174648]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-03-24 17567744]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-04-17 1593344]
"Power4Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2009-03-03 92728]
"Net4Switch"=C:\Program Files\ASUS\Net4Switch\Net4Switch.exe [2007-11-20 1145400]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ASUS Camera ScreenSaver"=C:\WINDOWS\AsScrProlog.exe [2010-01-12 47672]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-01-29 180269]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"System Files Updater"=C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe [2006-02-26 118485]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-10-25 1410304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2005-06-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2007-01-16 1694208]
"SpeedItUpEX"=C:\Program Files\SpeedItUpFree\SpeedItUp.exe [2007-03-27 1876992]
"HEXelon MAX"=E:\SOFTWARE\KANCELARIA\Kalkulacka\HEXelonMAX_pack\HEXelonMAX6\hexelon.exe [2007-06-28 2816512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files\ASUS\Splendid\ACMON.exe [2008-10-01 851968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-12-03 35184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2008-04-01 266240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun]
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2008-09-30 237568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]
C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2009-04-21 534528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ6.5\ICQ.exe [2009-03-01 172792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2007-11-12 21760296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRS Premium Sound]
C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [2009-04-07 3405048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\WINDOWS\Installer\{A9FEB6D7-9C52-49FC-B956-7AB275B78890}\_5598CE641C54B66A23693F.exe [2010-01-12 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2
"wscsvc"=2
"SRS_VolSync_Service"=2
"spmgr"=2
"odserv"=3
"nvsvc"=2
"Norton Internet Security"=2
"Microsoft Office Groove Audit Service"=3
"ICQ Service"=2
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Aspwdflt]
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll [2009-02-10 1556480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Corel\DVD9\WinDVD.exe"="C:\Program Files\Corel\DVD9\WinDVD.exe:*:Enabled:WinDVD"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08c5e094-4785-11df-a9c0-00261888bc75}]
shell\AutoRun\command - J:\bbjl2g.exe
shell\open\command - J:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1332aefc-17a8-11df-a90f-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1803c2fb-0127-11df-a8a5-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{31279695-43a3-11df-a9a5-00261888bc75}]
shell\AutoRun\command - K:\bbjl2g.exe
shell\open\command - K:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{31279697-43a3-11df-a9a5-00261888bc75}]
shell\AutoRun\command - J:\bbjl2g.exe
shell\open\command - J:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d6ac4ee-3bf1-11df-a98c-00261888bc75}]
shell\AutoRun\command - I:\mi9al8rs.exe
shell\open\command - I:\mi9al8rs.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{41d21d64-42d8-11df-a99d-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42fe08c9-4862-11df-a9c7-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{438ab3f3-4939-11df-a9d4-00261888bc75}]
shell\AutoRun\command - 9g86.exe
shell\open\command - 9g86.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{506ac0d8-4792-11df-a9c1-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{529a737b-37da-11df-a97e-00261888bc75}]
shell\AutoRun\command - chxnxyx.exe
shell\open\command - chxnxyx.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64f82110-3bfa-11df-a98d-00261888bc75}]
shell\AutoRun\command - I:\bbjl2g.exe
shell\open\command - I:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0b29846-0cea-11df-a8e7-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a35f94ed-0f4f-11df-a8ed-00261888bc75}]
shell\AutoRun\command - I:\c2e.exe
shell\open\command - I:\c2e.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aab97100-3334-11df-a963-00261888bc75}]
shell\AutoRun\command - J:\bbjl2g.exe
shell\open\command - J:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1765906-0b46-11df-a8e1-00261888bc75}]
shell\AutoRun\command - I:\c2e.exe
shell\open\command - I:\c2e.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b48ee518-26bc-11df-a944-00261888bc75}]
shell\AutoRun\command - I:\c2e.exe
shell\open\command - I:\c2e.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3b38dcc-34eb-11df-a96b-00261888bc75}]
shell\AutoRun\command - I:\c2e.exe
shell\open\command - I:\c2e.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca85d3f0-332c-11df-a962-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbcdb5eb-0a6c-11df-a8da-00261888bc75}]
shell\AutoRun\command - I:\9g86.exe
shell\open\command - I:\9g86.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd46b66e-1625-11df-a908-00261888bc75}]
shell\Auto\command - H:\tel.xls.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL tel.xls.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d4a0c8fc-358b-11df-a96e-00261888bc75}]
shell\AutoRun\command - I:\c2e.exe
shell\open\command - I:\c2e.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8f97990-17b2-11df-a910-00261888bc75}]
shell\AutoRun\command - H:\dqm.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea039f3c-2690-11df-a943-00261888bc75}]
shell\AutoRun\command - J:\bbjl2g.exe
shell\open\command - J:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb678ddc-3e45-11df-a991-00261888bc75}]
shell\AutoRun\command - I:\bbjl2g.exe
shell\open\command - I:\bbjl2g.exe
======File associations======
.scr - open - C:\WINDOWS\NOTEPAD.EXE "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-04-19 13:10:58 ----D---- C:\Program Files\trend micro
2010-04-19 13:10:57 ----D---- C:\rsit
2010-04-18 11:49:43 ----D---- C:\Documents and Settings\All Users\Application Data\scar5
2010-04-18 11:49:43 ----A---- C:\WINDOWS\sfshell.tmp
2010-04-18 11:49:14 ----D---- C:\Program Files\scar5
2010-04-18 11:49:14 ----D---- C:\Documents and Settings\Administrator\Application Data\scar5
2010-04-14 12:25:34 ----D---- C:\Documents and Settings\All Users\Application Data\TrackMania
2010-04-14 12:23:21 ----D---- C:\Program Files\TmNationsForever
2010-04-10 20:43:53 ----A---- C:\WINDOWS\RestoreFlyakiteOSX.txt
2010-04-10 20:43:15 ----HD---- C:\WINDOWS\FlyakiteOSX
2010-04-10 20:41:34 ----D---- C:\WINDOWS\SxsCaPendDel
2010-04-10 20:34:37 ----D---- C:\Documents and Settings\Administrator\Application Data\Bump Technologies, Inc
2010-04-10 20:33:53 ----D---- C:\Program Files\BumpTop
2010-04-10 20:29:22 ----D---- C:\Documents and Settings\Administrator\Application Data\Free Download Manager
2010-04-10 20:10:30 ----DC---- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2010-04-10 20:08:09 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-10 19:35:36 ----D---- C:\ComboFix
2010-04-10 19:35:35 ----A---- C:\WINDOWS\system32\CF28437.exe
2010-04-10 19:25:43 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2010-04-10 19:25:42 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-04-10 19:25:40 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-04-10 19:25:39 ----D---- C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2010-04-10 19:25:07 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-04-10 19:25:00 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-04-10 19:24:38 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2010-04-08 21:03:20 ----D---- C:\Program Files\NewLive All Media To Mp3 Converter
2010-04-04 11:19:20 ----D---- C:\Documents and Settings\Administrator\Application Data\Vso
2010-04-04 11:19:20 ----A---- C:\Documents and Settings\Administrator\Application Data\ezpinst.exe
2010-04-04 11:19:08 ----D---- C:\Program Files\vso
2010-04-04 10:58:40 ----D---- C:\Program Files\ParallelGraphics
2010-04-04 10:58:37 ----D---- C:\Program Files\Common Files\ParallelGraphics
2010-03-24 15:21:53 ----A---- C:\WINDOWS\cdplayer.ini
2010-03-23 13:26:57 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2010-03-22 22:20:50 ----A---- C:\WINDOWS\system32\Deutz Engine.exe
2010-03-22 22:19:43 ----D---- C:\Program Files\AimOne_AlltoMP3
2010-03-22 20:22:22 ----D---- C:\Program Files\Stellarium
2010-03-22 20:14:59 ----D---- C:\Program Files\Celestia
2010-03-22 20:08:22 ----D---- C:\Documents and Settings\Administrator\Application Data\HEXelon
2010-03-22 20:02:19 ----A---- C:\WINDOWS\TRNCOM.INI
2010-03-22 20:01:23 ----D---- C:\Documents and Settings\All Users\Application Data\LangSoft
2010-03-22 20:01:23 ----D---- C:\Documents and Settings\Administrator\Application Data\LangSoft
2010-03-22 19:23:51 ----D---- C:\Program Files\Common Files\Wextech Shared
2010-03-22 19:23:29 ----D---- C:\Program Files\AutoCAD 2002 Cz
======List of files/folders modified in the last 1 months======
2010-04-19 13:11:13 ----D---- C:\WINDOWS
2010-04-19 13:11:12 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-19 13:10:58 ----RD---- C:\Program Files
2010-04-19 13:09:37 ----D---- C:\Program Files\Mozilla Firefox
2010-04-19 13:08:47 ----D---- C:\WINDOWS\temp
2010-04-19 13:08:40 ----A---- C:\WINDOWS\system32\rpcnetp.exe
2010-04-19 13:08:38 ----A---- C:\WINDOWS\system32\rpcnet.dll
2010-04-19 11:16:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-19 10:47:23 ----D---- C:\WINDOWS\system32
2010-04-19 10:47:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-18 11:53:56 ----SHD---- C:\WINDOWS\Installer
2010-04-18 11:53:50 ----HD---- C:\WINDOWS\inf
2010-04-18 11:53:50 ----D---- C:\WINDOWS\system32\drivers
2010-04-18 11:52:31 ----D---- C:\Program Files\ESET
2010-04-18 11:48:17 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-16 07:47:10 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2010-04-16 07:41:02 ----A---- C:\WINDOWS\ODBC.INI
2010-04-16 07:38:32 ----D---- C:\WINDOWS\system32\config
2010-04-14 17:43:36 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-04-14 12:25:09 ----D---- C:\WINDOWS\system32\DirectX
2010-04-13 19:22:56 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2010-04-13 17:17:01 ----D---- C:\Program Files\Microsoft Office
2010-04-13 17:16:57 ----D---- C:\Program Files\Common Files\System
2010-04-13 17:16:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-13 17:16:45 ----D---- C:\WINDOWS\SHELLNEW
2010-04-13 17:16:32 ----A---- C:\WINDOWS\win.ini
2010-04-13 17:15:06 ----D---- C:\WINDOWS\system
2010-04-10 21:14:10 ----D---- C:\WINDOWS\security
2010-04-10 21:10:06 ----D---- C:\Program Files\K-Lite Codec Pack
2010-04-10 21:07:18 ----D---- C:\Program Files\windows media player
2010-04-10 21:07:16 ----D---- C:\WINDOWS\RegisteredPackages
2010-04-10 21:07:08 ----D---- C:\WINDOWS\Help
2010-04-10 21:02:42 ----D---- C:\Program Files\RadLight LLC
2010-04-10 20:59:14 ----D---- C:\Program Files\WinRAR
2010-04-10 20:58:01 ----D---- C:\WINDOWS\Resources
2010-04-10 20:46:33 ----RSD---- C:\WINDOWS\Fonts
2010-04-10 20:41:36 ----D---- C:\WINDOWS\WinSxS
2010-04-10 19:36:00 ----AHD---- C:\Qoobox
2010-04-10 19:25:40 ----SD---- C:\WINDOWS\Tasks
2010-04-08 20:42:15 ----D---- C:\WINDOWS\Microsoft.NET
2010-04-04 10:58:37 ----D---- C:\Program Files\Common Files
2010-04-02 17:55:34 ----D---- C:\WINDOWS\Prefetch
2010-04-02 14:04:01 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2010-03-25 08:52:49 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-23 13:26:56 ----D---- C:\Documents and Settings\Administrator\Application Data\Real
2010-03-22 22:37:13 ----D---- C:\WINDOWS\system32\Asus_Camera_ScreenSaver dir
2010-03-22 19:44:55 ----D---- C:\Documents and Settings\Administrator\Application Data\Autodesk
2010-03-22 19:28:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-03-22 19:23:55 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-03-22 19:00:25 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2010-03-22 18:59:55 ----D---- C:\Program Files\Common Files\Adobe
2010-03-22 16:39:26 ----D---- C:\WINDOWS\system32\appmgmt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2004-06-13 13248]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-10-25 27144]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-10-25 53768]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-01-16 36096]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2004-06-13 56960]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-10-25 33800]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-10-25 50696]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R2 regi;regi; C:\WINDOWS\system32\drivers\regi.sys [2007-04-17 11032]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2007-01-16 62336]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-02-13 1503840]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 CRFILTER;USB Mass Storage Filter; C:\WINDOWS\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-10-25 30728]
R3 ETD;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2009-04-21 89856]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-01-16 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-24 5056000]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2005-09-20 10368]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-24 5760]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-15 8048544]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2008-08-25 14208]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-04-04 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2010-01-19 10368]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\WINDOWS\system32\drivers\srs_PremiumSound_i386.sys [2009-04-01 233128]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2005-06-14 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-01-16 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-01-16 59264]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2007-01-16 17152]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 ASUSProcObsrv;ASUS Process Creation/Termination Observer; \??\F:\I386\AsProcOb.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 ipswuio;ipswuio; C:\WINDOWS\System32\DRIVERS\ipswuio.sys [2007-08-01 41656]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2005-07-30 121856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2001-04-07 32256]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-10-25 455936]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\WINDOWS\system32\rpcnet.exe [2010-01-26 56680]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-04-10 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2005-06-14 14336]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-01-22 72704]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-10-25 18176]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-04-10 360192]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S4 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-04-15 168004]
S4 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
S4 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-04-07 70880]
-----------------EOF-----------------
ďakujem
mám problém s vírusom prípadne trojanom. Hneď ako nakopírujem niečo na externý disk, alebo USB kľúč tak sa tam nakopíruje aj nejaký trojan. Ale celkovo počítač pracuje pomalšie.
tu je log :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-04-19 13:10:57
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 29 GB (58%) free of 50 GB
Total RAM: 3583 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:11:08, on 19.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SpeedItUpFree\SpeedItUp.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
E:\SOFTWARE\KANCELARIA\Kalkulacka\HEXelonMAX_pack\HEXelonMAX6\hexelon.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\rpcnet.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Documents and Settings\Administrator\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [MsgTranAgt] C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [Power4Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\AsScrProlog.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [System Files Updater] C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe /S
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\SpeedItUpFree\SpeedItUp.exe -MINI
O4 - HKCU\..\Run: [HEXelon MAX] "E:\SOFTWARE\KANCELARIA\Kalkulacka\HEXelonMAX_pack\HEXelonMAX6\hexelon.exe" /auto
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Ovládací prvek AcDcToday) - file://C:\Program Files\AutoCAD 2002 Cz\AcDcToday.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file://C:\Program Files\AutoCAD 2002 Cz\AcPreview.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: Aspwdflt - C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\WINDOWS\system32\rpcnet.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 9955 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_P.dll [2009-07-02 2215960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_P.dll [2009-07-02 2215960]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-04-15 13750272]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-04-15 86016]
"nwiz"=nwiz.exe /installquiet []
"MsgTranAgt"=C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [2008-08-18 117304]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2009-03-20 174648]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-03-24 17567744]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-04-17 1593344]
"Power4Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2009-03-03 92728]
"Net4Switch"=C:\Program Files\ASUS\Net4Switch\Net4Switch.exe [2007-11-20 1145400]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ASUS Camera ScreenSaver"=C:\WINDOWS\AsScrProlog.exe [2010-01-12 47672]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-01-29 180269]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"System Files Updater"=C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe [2006-02-26 118485]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-10-25 1410304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2005-06-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2007-01-16 1694208]
"SpeedItUpEX"=C:\Program Files\SpeedItUpFree\SpeedItUp.exe [2007-03-27 1876992]
"HEXelon MAX"=E:\SOFTWARE\KANCELARIA\Kalkulacka\HEXelonMAX_pack\HEXelonMAX6\hexelon.exe [2007-06-28 2816512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files\ASUS\Splendid\ACMON.exe [2008-10-01 851968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-12-03 35184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2008-04-01 266240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun]
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2008-09-30 237568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]
C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2009-04-21 534528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ6.5\ICQ.exe [2009-03-01 172792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2007-11-12 21760296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRS Premium Sound]
C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [2009-04-07 3405048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\WINDOWS\Installer\{A9FEB6D7-9C52-49FC-B956-7AB275B78890}\_5598CE641C54B66A23693F.exe [2010-01-12 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2
"wscsvc"=2
"SRS_VolSync_Service"=2
"spmgr"=2
"odserv"=3
"nvsvc"=2
"Norton Internet Security"=2
"Microsoft Office Groove Audit Service"=3
"ICQ Service"=2
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Aspwdflt]
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll [2009-02-10 1556480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Corel\DVD9\WinDVD.exe"="C:\Program Files\Corel\DVD9\WinDVD.exe:*:Enabled:WinDVD"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08c5e094-4785-11df-a9c0-00261888bc75}]
shell\AutoRun\command - J:\bbjl2g.exe
shell\open\command - J:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1332aefc-17a8-11df-a90f-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1803c2fb-0127-11df-a8a5-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{31279695-43a3-11df-a9a5-00261888bc75}]
shell\AutoRun\command - K:\bbjl2g.exe
shell\open\command - K:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{31279697-43a3-11df-a9a5-00261888bc75}]
shell\AutoRun\command - J:\bbjl2g.exe
shell\open\command - J:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d6ac4ee-3bf1-11df-a98c-00261888bc75}]
shell\AutoRun\command - I:\mi9al8rs.exe
shell\open\command - I:\mi9al8rs.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{41d21d64-42d8-11df-a99d-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42fe08c9-4862-11df-a9c7-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{438ab3f3-4939-11df-a9d4-00261888bc75}]
shell\AutoRun\command - 9g86.exe
shell\open\command - 9g86.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{506ac0d8-4792-11df-a9c1-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{529a737b-37da-11df-a97e-00261888bc75}]
shell\AutoRun\command - chxnxyx.exe
shell\open\command - chxnxyx.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64f82110-3bfa-11df-a98d-00261888bc75}]
shell\AutoRun\command - I:\bbjl2g.exe
shell\open\command - I:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0b29846-0cea-11df-a8e7-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a35f94ed-0f4f-11df-a8ed-00261888bc75}]
shell\AutoRun\command - I:\c2e.exe
shell\open\command - I:\c2e.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aab97100-3334-11df-a963-00261888bc75}]
shell\AutoRun\command - J:\bbjl2g.exe
shell\open\command - J:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1765906-0b46-11df-a8e1-00261888bc75}]
shell\AutoRun\command - I:\c2e.exe
shell\open\command - I:\c2e.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b48ee518-26bc-11df-a944-00261888bc75}]
shell\AutoRun\command - I:\c2e.exe
shell\open\command - I:\c2e.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3b38dcc-34eb-11df-a96b-00261888bc75}]
shell\AutoRun\command - I:\c2e.exe
shell\open\command - I:\c2e.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca85d3f0-332c-11df-a962-00261888bc75}]
shell\AutoRun\command - H:\bbjl2g.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbcdb5eb-0a6c-11df-a8da-00261888bc75}]
shell\AutoRun\command - I:\9g86.exe
shell\open\command - I:\9g86.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd46b66e-1625-11df-a908-00261888bc75}]
shell\Auto\command - H:\tel.xls.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL tel.xls.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d4a0c8fc-358b-11df-a96e-00261888bc75}]
shell\AutoRun\command - I:\c2e.exe
shell\open\command - I:\c2e.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8f97990-17b2-11df-a910-00261888bc75}]
shell\AutoRun\command - H:\dqm.exe
shell\open\command - H:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea039f3c-2690-11df-a943-00261888bc75}]
shell\AutoRun\command - J:\bbjl2g.exe
shell\open\command - J:\bbjl2g.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb678ddc-3e45-11df-a991-00261888bc75}]
shell\AutoRun\command - I:\bbjl2g.exe
shell\open\command - I:\bbjl2g.exe
======File associations======
.scr - open - C:\WINDOWS\NOTEPAD.EXE "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-04-19 13:10:58 ----D---- C:\Program Files\trend micro
2010-04-19 13:10:57 ----D---- C:\rsit
2010-04-18 11:49:43 ----D---- C:\Documents and Settings\All Users\Application Data\scar5
2010-04-18 11:49:43 ----A---- C:\WINDOWS\sfshell.tmp
2010-04-18 11:49:14 ----D---- C:\Program Files\scar5
2010-04-18 11:49:14 ----D---- C:\Documents and Settings\Administrator\Application Data\scar5
2010-04-14 12:25:34 ----D---- C:\Documents and Settings\All Users\Application Data\TrackMania
2010-04-14 12:23:21 ----D---- C:\Program Files\TmNationsForever
2010-04-10 20:43:53 ----A---- C:\WINDOWS\RestoreFlyakiteOSX.txt
2010-04-10 20:43:15 ----HD---- C:\WINDOWS\FlyakiteOSX
2010-04-10 20:41:34 ----D---- C:\WINDOWS\SxsCaPendDel
2010-04-10 20:34:37 ----D---- C:\Documents and Settings\Administrator\Application Data\Bump Technologies, Inc
2010-04-10 20:33:53 ----D---- C:\Program Files\BumpTop
2010-04-10 20:29:22 ----D---- C:\Documents and Settings\Administrator\Application Data\Free Download Manager
2010-04-10 20:10:30 ----DC---- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2010-04-10 20:08:09 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-10 19:35:36 ----D---- C:\ComboFix
2010-04-10 19:35:35 ----A---- C:\WINDOWS\system32\CF28437.exe
2010-04-10 19:25:43 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2010-04-10 19:25:42 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-04-10 19:25:40 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-04-10 19:25:39 ----D---- C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2010-04-10 19:25:07 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-04-10 19:25:00 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-04-10 19:24:38 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2010-04-08 21:03:20 ----D---- C:\Program Files\NewLive All Media To Mp3 Converter
2010-04-04 11:19:20 ----D---- C:\Documents and Settings\Administrator\Application Data\Vso
2010-04-04 11:19:20 ----A---- C:\Documents and Settings\Administrator\Application Data\ezpinst.exe
2010-04-04 11:19:08 ----D---- C:\Program Files\vso
2010-04-04 10:58:40 ----D---- C:\Program Files\ParallelGraphics
2010-04-04 10:58:37 ----D---- C:\Program Files\Common Files\ParallelGraphics
2010-03-24 15:21:53 ----A---- C:\WINDOWS\cdplayer.ini
2010-03-23 13:26:57 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2010-03-22 22:20:50 ----A---- C:\WINDOWS\system32\Deutz Engine.exe
2010-03-22 22:19:43 ----D---- C:\Program Files\AimOne_AlltoMP3
2010-03-22 20:22:22 ----D---- C:\Program Files\Stellarium
2010-03-22 20:14:59 ----D---- C:\Program Files\Celestia
2010-03-22 20:08:22 ----D---- C:\Documents and Settings\Administrator\Application Data\HEXelon
2010-03-22 20:02:19 ----A---- C:\WINDOWS\TRNCOM.INI
2010-03-22 20:01:23 ----D---- C:\Documents and Settings\All Users\Application Data\LangSoft
2010-03-22 20:01:23 ----D---- C:\Documents and Settings\Administrator\Application Data\LangSoft
2010-03-22 19:23:51 ----D---- C:\Program Files\Common Files\Wextech Shared
2010-03-22 19:23:29 ----D---- C:\Program Files\AutoCAD 2002 Cz
======List of files/folders modified in the last 1 months======
2010-04-19 13:11:13 ----D---- C:\WINDOWS
2010-04-19 13:11:12 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-19 13:10:58 ----RD---- C:\Program Files
2010-04-19 13:09:37 ----D---- C:\Program Files\Mozilla Firefox
2010-04-19 13:08:47 ----D---- C:\WINDOWS\temp
2010-04-19 13:08:40 ----A---- C:\WINDOWS\system32\rpcnetp.exe
2010-04-19 13:08:38 ----A---- C:\WINDOWS\system32\rpcnet.dll
2010-04-19 11:16:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-19 10:47:23 ----D---- C:\WINDOWS\system32
2010-04-19 10:47:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-18 11:53:56 ----SHD---- C:\WINDOWS\Installer
2010-04-18 11:53:50 ----HD---- C:\WINDOWS\inf
2010-04-18 11:53:50 ----D---- C:\WINDOWS\system32\drivers
2010-04-18 11:52:31 ----D---- C:\Program Files\ESET
2010-04-18 11:48:17 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-16 07:47:10 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2010-04-16 07:41:02 ----A---- C:\WINDOWS\ODBC.INI
2010-04-16 07:38:32 ----D---- C:\WINDOWS\system32\config
2010-04-14 17:43:36 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-04-14 12:25:09 ----D---- C:\WINDOWS\system32\DirectX
2010-04-13 19:22:56 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2010-04-13 17:17:01 ----D---- C:\Program Files\Microsoft Office
2010-04-13 17:16:57 ----D---- C:\Program Files\Common Files\System
2010-04-13 17:16:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-13 17:16:45 ----D---- C:\WINDOWS\SHELLNEW
2010-04-13 17:16:32 ----A---- C:\WINDOWS\win.ini
2010-04-13 17:15:06 ----D---- C:\WINDOWS\system
2010-04-10 21:14:10 ----D---- C:\WINDOWS\security
2010-04-10 21:10:06 ----D---- C:\Program Files\K-Lite Codec Pack
2010-04-10 21:07:18 ----D---- C:\Program Files\windows media player
2010-04-10 21:07:16 ----D---- C:\WINDOWS\RegisteredPackages
2010-04-10 21:07:08 ----D---- C:\WINDOWS\Help
2010-04-10 21:02:42 ----D---- C:\Program Files\RadLight LLC
2010-04-10 20:59:14 ----D---- C:\Program Files\WinRAR
2010-04-10 20:58:01 ----D---- C:\WINDOWS\Resources
2010-04-10 20:46:33 ----RSD---- C:\WINDOWS\Fonts
2010-04-10 20:41:36 ----D---- C:\WINDOWS\WinSxS
2010-04-10 19:36:00 ----AHD---- C:\Qoobox
2010-04-10 19:25:40 ----SD---- C:\WINDOWS\Tasks
2010-04-08 20:42:15 ----D---- C:\WINDOWS\Microsoft.NET
2010-04-04 10:58:37 ----D---- C:\Program Files\Common Files
2010-04-02 17:55:34 ----D---- C:\WINDOWS\Prefetch
2010-04-02 14:04:01 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2010-03-25 08:52:49 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-23 13:26:56 ----D---- C:\Documents and Settings\Administrator\Application Data\Real
2010-03-22 22:37:13 ----D---- C:\WINDOWS\system32\Asus_Camera_ScreenSaver dir
2010-03-22 19:44:55 ----D---- C:\Documents and Settings\Administrator\Application Data\Autodesk
2010-03-22 19:28:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-03-22 19:23:55 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-03-22 19:00:25 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2010-03-22 18:59:55 ----D---- C:\Program Files\Common Files\Adobe
2010-03-22 16:39:26 ----D---- C:\WINDOWS\system32\appmgmt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2004-06-13 13248]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-10-25 27144]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-10-25 53768]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-01-16 36096]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2004-06-13 56960]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-10-25 33800]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-10-25 50696]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R2 regi;regi; C:\WINDOWS\system32\drivers\regi.sys [2007-04-17 11032]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2007-01-16 62336]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-02-13 1503840]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 CRFILTER;USB Mass Storage Filter; C:\WINDOWS\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-10-25 30728]
R3 ETD;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2009-04-21 89856]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-01-16 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-24 5056000]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2005-09-20 10368]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-24 5760]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-15 8048544]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2008-08-25 14208]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-04-04 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2010-01-19 10368]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\WINDOWS\system32\drivers\srs_PremiumSound_i386.sys [2009-04-01 233128]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2005-06-14 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-01-16 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-01-16 59264]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2007-01-16 17152]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 ASUSProcObsrv;ASUS Process Creation/Termination Observer; \??\F:\I386\AsProcOb.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 ipswuio;ipswuio; C:\WINDOWS\System32\DRIVERS\ipswuio.sys [2007-08-01 41656]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2005-07-30 121856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2001-04-07 32256]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-10-25 455936]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\WINDOWS\system32\rpcnet.exe [2010-01-26 56680]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-04-10 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2005-06-14 14336]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-01-22 72704]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-10-25 18176]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-04-10 360192]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S4 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-04-15 168004]
S4 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
S4 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-04-07 70880]
-----------------EOF-----------------
ďakujem