Stránka 1 z 1

Preventívka (kamošové PC)

Napsal: 10 lis 2010 17:31
od Narfyk
Kamoš má dosť pomalý PC, tak mu idem urobiť preventívku.
Tu je log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Andrej at 2010-11-10 17:18:00
Microsoft Windows XP Professional Service Pack 3
System drive F: has 1 GB (15%) free of 10 GB
Total RAM: 3071 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:02, on 10.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\ATKKBService.exe
F:\Program Files\ESET\ESET Smart Security\ekrn.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
F:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
F:\Program Files\ABIT\ABIT uGuru\uGuru.exe
F:\Program Files\D-Tools\daemon.exe
F:\Program Files\ESET\ESET Smart Security\egui.exe
F:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\Logitech\Gaming Software\LWEMon.exe
F:\Program Files\Common Files\Java\Java Update\jusched.exe
I:\DoTa\Warcraft III\eb.exe
F:\Program Files\ABIT\ABIT uGuru\uGuru_Event_Receiver.exe
F:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
F:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
I:\SuperAntiSpyware\SUPERAntiSpyware.exe
F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
F:\Program Files\Common Files\Java\Java Update\jucheck.exe
G:\FL 9\FL Studio 9\FL.exe
G:\RSIT.exe
F:\Program Files\trend micro\Andrej.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [nTrayFw] F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [GuruClock] F:\Program Files\ABIT\ABIT uGuru\GuruClock.exe
O4 - HKLM\..\Run: [ABIT uGuru] F:\Program Files\ABIT\ABIT uGuru\uGuru.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [egui] "F:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Start WingMan Profiler] F:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "I:\Games\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eurobattlegui] "I:\DoTa\Warcraft III\eb.exe"
O4 - HKLM\..\Run: [NokiaMServer] F:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] I:\SuperAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: hp psc 2000 Series.lnk = F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://F:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://F:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - I:\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - I:\ICQ7.1\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - I:\SuperAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - F:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - F:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: app_filter - Unknown owner - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - F:\WINDOWS\ATKKBService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - F:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - F:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - F:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - F:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: Pml Driver HPZ12 - HP - F:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7939 bytes

======Scheduled tasks folder======

F:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1209929023.job
F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2025429265-1417001333-1009Core.job
F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2025429265-1417001333-1009UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - F:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-11 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-02 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nTrayFw"=F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe [2004-11-24 266240]
"GuruClock"=F:\Program Files\ABIT\ABIT uGuru\GuruClock.exe [2004-10-06 4489280]
"ABIT uGuru"=F:\Program Files\ABIT\ABIT uGuru\uGuru.exe [2005-01-11 1695830]
"DAEMON Tools-1033"=F:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"egui"=F:\Program Files\ESET\ESET Smart Security\egui.exe [2009-04-09 2029640]
"StartCCC"=F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 98304]
"SoundMan"=F:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"Start WingMan Profiler"=F:\Program Files\Logitech\Gaming Software\LWEMon.exe [2007-09-25 93208]
"SunJavaUpdateSched"=F:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"QuickTime Task"=I:\Games\QuickTime\qttask.exe [2010-03-17 421888]
"eurobattlegui"=I:\DoTa\Warcraft III\eb.exe [2009-10-22 757760]
"NokiaMServer"=F:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=F:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"SUPERAntiSpyware"=I:\SuperAntiSpyware\SUPERAntiSpyware.exe [2010-05-18 2397424]

F:\Documents and Settings\All Users\Start Menu\Programs\Startup
hp psc 2000 Series.lnk - F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
hpoddt01.exe.lnk - F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
Microsoft Office.lnk - F:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
I:\SuperAntiSpyware\SASWINLO.DLL [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
F:\WINDOWS\system32\Ati2evxx.dll [2010-03-31 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - F:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=I:\SuperAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="F:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"I:\ICQ6.5\ICQ.exe"="I:\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"I:\ICQ7.1\ICQ.exe"="I:\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"I:\ICQ7.1\aolload.exe"="I:\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"I:\Games\CS-ko\Garry's Mod\hl2.exe"="I:\Games\CS-ko\Garry's Mod\hl2.exe:*:Enabled:Garry's_Mod"
"I:\Games\CS-ko\Garry's Mod\srcds.exe"="I:\Games\CS-ko\Garry's Mod\srcds.exe:*:Enabled:Garry's_Mod_Dedicated_Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\ICQ7.1\ICQ.exe"="I:\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"I:\ICQ7.1\aolload.exe"="I:\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-11-10 17:18:00 ----D---- F:\rsit
2010-11-10 17:18:00 ----D---- F:\Program Files\trend micro
2010-11-05 18:55:37 ----SHD---- F:\$RECYCLE.BIN
2010-11-05 18:43:39 ----A---- F:\WINDOWS\log.txt
2010-10-25 19:42:27 ----A---- F:\WINDOWS\system32\xactengine2_6.dll
2010-10-25 19:42:27 ----A---- F:\WINDOWS\system32\xactengine2_5.dll
2010-10-25 19:42:26 ----A---- F:\WINDOWS\system32\xinput1_3.dll
2010-10-25 19:42:26 ----A---- F:\WINDOWS\system32\xactengine2_4.dll
2010-10-25 19:42:26 ----A---- F:\WINDOWS\system32\x3daudio1_1.dll
2010-10-25 19:42:26 ----A---- F:\WINDOWS\system32\d3dx9_32.dll
2010-10-25 19:42:26 ----A---- F:\WINDOWS\system32\d3dx9_31.dll
2010-10-25 19:42:25 ----A---- F:\WINDOWS\system32\xinput1_2.dll
2010-10-25 19:42:25 ----A---- F:\WINDOWS\system32\xactengine2_3.dll
2010-10-25 19:42:25 ----A---- F:\WINDOWS\system32\xactengine2_2.dll
2010-10-25 19:42:24 ----A---- F:\WINDOWS\system32\xinput1_1.dll
2010-10-25 19:42:23 ----A---- F:\WINDOWS\system32\xactengine2_1.dll
2010-10-25 19:42:06 ----A---- F:\WINDOWS\system32\d3dx9_30.dll
2010-10-25 19:42:05 ----A---- F:\WINDOWS\system32\xactengine2_0.dll
2010-10-25 19:42:05 ----A---- F:\WINDOWS\system32\x3daudio1_0.dll
2010-10-25 19:42:04 ----A---- F:\WINDOWS\system32\d3dx9_29.dll
2010-10-25 19:42:04 ----A---- F:\WINDOWS\system32\d3dx9_28.dll
2010-10-25 19:42:03 ----A---- F:\WINDOWS\system32\xinput9_1_0.dll
2010-10-25 19:42:03 ----A---- F:\WINDOWS\system32\d3dx9_27.dll
2010-10-25 19:42:02 ----A---- F:\WINDOWS\system32\d3dx9_26.dll
2010-10-25 19:42:02 ----A---- F:\WINDOWS\system32\d3dx9_25.dll
2010-10-25 19:41:59 ----A---- F:\WINDOWS\system32\d3dx9_24.dll
2010-10-24 14:45:14 ----D---- F:\Program Files\Common Files\PCSuite
2010-10-24 14:18:28 ----D---- F:\Program Files\PC Connectivity Solution
2010-10-24 14:18:21 ----SHD---- F:\Config.Msi
2010-10-24 14:05:36 ----D---- F:\Documents and Settings\All Users\Application Data\Nokia
2010-10-24 14:02:44 ----N---- F:\WINDOWS\system32\spmsg.dll
2010-10-24 14:02:36 ----HDC---- F:\WINDOWS\$NtUninstallWudf01009$
2010-10-24 13:53:03 ----A---- F:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2010-10-24 13:53:01 ----A---- F:\WINDOWS\system32\drivers\nmwcdnsu.sys
2010-10-24 13:53:00 ----A---- F:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2010-10-24 13:52:58 ----A---- F:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-10-24 13:52:56 ----A---- F:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-10-24 13:52:55 ----A---- F:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-10-24 13:52:55 ----A---- F:\WINDOWS\system32\nmwcdcocls.dll
2010-10-24 13:52:55 ----A---- F:\WINDOWS\system32\drivers\ccdcmb.sys
2010-10-24 13:51:10 ----HDC---- F:\WINDOWS\$NtUninstallWMFDist11$
2010-10-24 13:50:40 ----D---- F:\WINDOWS\system32\LogFiles
2010-10-24 13:50:40 ----D---- F:\WINDOWS\system32\drivers\UMDF
2010-10-24 13:50:34 ----HDC---- F:\WINDOWS\$NtUninstallWudf01000$
2010-10-24 13:49:15 ----D---- F:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
2010-10-24 13:25:47 ----A---- F:\WINDOWS\system32\drivers\usbser.sys
2010-10-24 13:25:26 ----N---- F:\WINDOWS\system32\spmsgXP_2k3.dll
2010-10-24 13:25:22 ----HDC---- F:\WINDOWS\$NtUninstallWdf01009$
2010-10-24 13:21:04 ----D---- F:\Documents and Settings\All Users\Application Data\PC Suite
2010-10-24 13:14:47 ----D---- F:\Program Files\Common Files\Nokia
2010-10-24 13:14:41 ----D---- F:\Program Files\DIFX
2010-10-24 13:14:39 ----A---- F:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-10-24 13:14:15 ----A---- F:\WINDOWS\system32\nmwcdcls.dll
2010-10-24 13:14:14 ----D---- F:\Program Files\Nokia
2010-10-24 13:13:33 ----D---- F:\Documents and Settings\All Users\Application Data\Installations
2010-10-22 20:27:31 ----D---- F:\Program Files\Sonnox

======List of files/folders modified in the last 1 months======

2010-11-10 17:18:12 ----D---- F:\WINDOWS\Prefetch
2010-11-10 17:18:00 ----RD---- F:\Program Files
2010-11-10 17:18:00 ----D---- F:\WINDOWS\Temp
2010-11-10 17:11:05 ----D---- F:\Documents and Settings\Andrej\Application Data\Skype
2010-11-10 07:47:18 ----D---- F:\WINDOWS\system32\config
2010-11-09 19:33:20 ----A---- F:\WINDOWS\SchedLgU.Txt
2010-11-07 19:03:10 ----D---- F:\WINDOWS\system32
2010-11-07 14:33:26 ----D---- F:\WINDOWS\system32\CatRoot2
2010-11-07 14:17:06 ----HD---- F:\Program Files\InstallShield Installation Information
2010-11-06 10:24:47 ----D---- F:\WINDOWS
2010-11-05 18:42:32 ----SHD---- F:\RECYCLER
2010-11-02 20:21:22 ----SD---- F:\WINDOWS\Tasks
2010-10-31 09:49:47 ----A---- F:\WINDOWS\system32\PerfStringBackup.INI
2010-10-29 19:59:34 ----D---- F:\Documents and Settings\Andrej\Application Data\ICQ
2010-10-27 10:43:28 ----D---- F:\Documents and Settings\Andrej\Application Data\skypePM
2010-10-26 19:20:50 ----HD---- F:\WINDOWS\inf
2010-10-25 19:42:30 ----D---- F:\WINDOWS\system32\DirectX
2010-10-25 19:42:23 ----RSD---- F:\WINDOWS\assembly
2010-10-25 19:42:08 ----D---- F:\WINDOWS\Microsoft.NET
2010-10-24 17:47:12 ----A---- F:\WINDOWS\win.ini
2010-10-24 14:45:26 ----DC---- F:\WINDOWS\system32\DRVSTORE
2010-10-24 14:45:24 ----SHD---- F:\WINDOWS\Installer
2010-10-24 14:45:14 ----D---- F:\Program Files\Common Files
2010-10-24 14:25:08 ----D---- F:\WINDOWS\system32\drivers
2010-10-24 14:17:03 ----D---- F:\WINDOWS\WinSxS
2010-10-24 14:03:06 ----SD---- F:\Documents and Settings\All Users\Application Data\Microsoft
2010-10-24 13:51:17 ----D---- F:\Program Files\Windows Media Player
2010-10-24 13:51:15 ----RSHDC---- F:\WINDOWS\system32\dllcache
2010-10-15 22:32:31 ----D---- F:\Program Files\GNU
2010-10-15 20:33:12 ----A---- F:\WINDOWS\ODBC.INI
2010-10-15 20:26:25 ----SD---- F:\WINDOWS\Downloaded Program Files
2010-10-15 20:25:56 ----A---- F:\WINDOWS\NeroDigital.ini
2010-10-14 16:09:24 ----D---- F:\Documents and Settings\All Users\Application Data\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 d347bus;d347bus; F:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; F:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
R0 nvatabus;nvatabus; F:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-12-07 87936]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; F:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 uGuru;uGuru; F:\WINDOWS\system32\Drivers\uGuru.sys [2004-08-04 10752]
R1 AFS2K;AFS2k; F:\WINDOWS\system32\drivers\AFS2K.sys [2008-05-04 82380]
R1 ASPI32;ASPI32; F:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 asuskbnt;Enhanced Display Driver Helper Service; F:\WINDOWS\system32\drivers\atkkbnt.sys [2009-02-17 11136]
R1 ehdrv;ehdrv; F:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
R1 EIO;EIO; \??\F:\WINDOWS\system32\drivers\EIO.sys []
R1 epfwtdi;epfwtdi; F:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-04-09 55768]
R1 kbdhid;Keyboard HID Driver; F:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 NVTCP;NVIDIA TCP/IP Protocol Driver; F:\WINDOWS\System32\DRIVERS\NVTcp.sys [2004-11-24 96384]
R1 SASDIFSV;SASDIFSV; \??\I:\SuperAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\I:\SuperAntiSpyware\SASKUTIL.SYS []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; F:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 DefragFS;DefragFS; F:\WINDOWS\system32\DRIVERS\DefragFS.sys [2008-01-10 68624]
R2 eamon;eamon; F:\WINDOWS\system32\DRIVERS\eamon.sys [2009-04-09 113960]
R2 epfw;epfw; F:\WINDOWS\system32\DRIVERS\epfw.sys [2009-04-09 133000]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); F:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 Arp1394;1394 ARP Client Protocol; F:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; F:\WINDOWS\system32\drivers\asusgsb.sys [2009-02-17 12416]
R3 ati2mtag;ati2mtag; F:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-03-31 4605952]
R3 Epfwndis;Eset Personal Firewall; F:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-04-09 33096]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; F:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; F:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; F:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; F:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-02-18 12160]
R3 NIC1394;1394 Net Driver; F:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; F:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-11-24 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; F:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-11-24 12928]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; F:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 Video3D;ASUS Video3D Service; F:\WINDOWS\System32\Drivers\Video3D32.sys [2009-02-17 10752]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; F:\WINDOWS\system32\drivers\WmBEnum.sys [2007-09-14 19352]
R3 WmFilter;Logitech Gaming HID Filter Driver; F:\WINDOWS\system32\drivers\WmFilter.sys [2007-09-14 29976]
R3 WmHidLo;Logitech Gaming USB Filter Driver; F:\WINDOWS\system32\drivers\WmHidLo.sys [2007-09-14 29208]
R3 WmVirHid;Logitech Virtual Hid Device Driver; F:\WINDOWS\system32\drivers\WmVirHid.sys [2007-09-14 14744]
R3 WmXlCore;Logitech Translation Layer Driver; F:\WINDOWS\system32\drivers\WmXlCore.sys [2007-09-14 51608]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; F:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S1 AmdK8;AMD Athlon64 Processor Driver; F:\WINDOWS\system32\DRIVERS\AmdK8.sys []
S2 EIO_XP;EIO_XP; \??\F:\WINDOWS\system32\drivers\EIO_XP.sys []
S3 Bridge;MAC Bridge; F:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;MAC Bridge Miniport; F:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Closed Caption Decoder; F:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver; F:\WINDOWS\system32\DRIVERS\CnxEtP.sys []
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver; F:\WINDOWS\system32\DRIVERS\CnxEtU.sys []
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver; F:\WINDOWS\system32\DRIVERS\CnxTgNP.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; F:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; F:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; F:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; F:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; F:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; F:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nmwcd;Nokia USB Phone Parent; F:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; F:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; F:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; F:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; F:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RenameMe;RenameMe; \??\C:\WINDOWS\system32\RenameMe.sys []
S3 SLIP;BDA Slip De-Framer; F:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; F:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 upperdev;upperdev; F:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Microsoft USB Generic Parent Driver; F:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; F:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; F:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; F:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; F:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;USB Mass Storage Driver; F:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; F:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; F:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; F:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; F:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 app_filter;app_filter; F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2004-11-24 139264]
R2 Ati HotKey Poller;Ati HotKey Poller; F:\WINDOWS\system32\Ati2evxx.exe [2010-03-31 602112]
R2 ATKKeyboardService;ATK Keyboard Service; F:\WINDOWS\ATKKBService.exe [2009-09-29 253952]
R2 ekrn;ESET Service; F:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-04-09 731840]
R2 ForcewareWebInterface;Forceware Web Interface; F:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2004-10-20 20543]
R2 JavaQuickStarterService;Java Quick Starter; F:\Program Files\Java\jre6\bin\jqs.exe [2010-07-02 153376]
R2 MDM;Machine Debug Manager; F:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 nSvcIp;ForceWare IP service; F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2004-11-24 110653]
R2 nSvcLog;ForceWare user log service; F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2004-11-24 53313]
R2 PD91Agent;PD91Agent; F:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-01-16 664840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; F:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-05-30 68096]
S3 aspnet_state;ASP.NET State Service; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;ESET HTTP Server; F:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-04-09 20680]
S3 gusvc;Google Updater Service; F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 PD91Engine;PD91Engine; F:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-01-16 894216]
S3 Pml Driver HPZ12;Pml Driver HPZ12; F:\WINDOWS\system32\HPZipm12.exe [2003-04-07 65795]
S3 ServiceLayer;ServiceLayer; F:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]

-----------------EOF-----------------

Re: Preventívka (kamošové PC)

Napsal: 11 lis 2010 11:00
od vyosek
Zdravim, log vypada cisty...