PC mrzne, nereaguje - prosim o kontrolu
Napsal: 27 led 2011 00:36
Zdravim, pc ma zjavne problem bezat aspon chvilu bez toho aby sa zasekol. Bude tu toho spusta som si isty..aspon podla procesov ktore su momentalne spustene..problem osobne nepouzivam, takze neviem co vsetko bolo tu instalovane, pripadne co to sposobuje. Prikladam log z RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Lilly at 2011-01-27 00:34:30
Microsoft Windows XP Professional Service Pack 2
System drive C: has 796 MB (8%) free of 10 GB
Total RAM: 255 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:34:58, on 27. 1. 2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE
C:\Documents and Settings\LocalService\Application Data\Microsoft\sytuh.exe
C:\Programy\alcohol\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\j2re1.4.2_14\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Mobility Manager\MobilityManager.exe
C:\WINDOWS\system32\erszisjr.exe
C:\Program Files\Mobility Manager\jre\bin\javaw.exe
C:\windows\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\TEMP\h7963F5E8.tmp
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\TEMP\hozgawwo7B8D53D3.tmp
C:\Documents and Settings\Lilly\Desktop\RSIT.exe
C:\Program Files\trend micro\Lilly.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe "C:\DOCUME~1\Lilly\LOCALS~1\Temp\goqw.tco" vnbyln
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_14\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MobilityManager] C:\Program Files\Mobility Manager\MobilityManager
O4 - HKLM\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKLM\..\Run: [erszisjr] C:\WINDOWS\system32\erszisjr.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [wr] C:\WINDOWS\system32\umdmgr.exe
O4 - HKCU\..\Run: [{39144447-8FF8-61B9-BE65-186E4AB7ADE8}] "C:\Documents and Settings\Lilly\Application Data\Fyabb\nykua.exe"
O4 - HKCU\..\Run: [{9772E225-27CE-E988-5958-BDF5A7BA7607}] "C:\Documents and Settings\Lilly\Application Data\Poik\onvue.exe"
O4 - HKCU\..\Run: [erszisjr] C:\WINDOWS\system32\erszisjr.exe
O4 - HKCU\..\Run: [JP595IR86O] C:\DOCUME~1\Lilly\LOCALS~1\Temp\Xhd.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\wjdrive32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Startup: 0lofhz6.exe
O4 - Startup: bv00bnafza.exe
O4 - Startup: bvkj6xekv.exe
O4 - Startup: dozmc5uf.exe
O4 - Startup: dvo0npgqlxw.exe
O4 - Startup: em56qhvoqz.exe
O4 - Startup: g00lxiuxjiy.exe
O4 - Startup: i01winei56x.exe
O4 - Startup: mltwgts0.exe
O4 - Startup: mmjq01dgcf.exe
O4 - Startup: olnkmj56k.exe
O4 - Startup: osrwkpv0.exe
O4 - Startup: poaz56qnhq.exe
O4 - Startup: pt01vyoxnmf.exe
O4 - Startup: qkfwb5iv.exe
O4 - Startup: sazpqth0.exe
O4 - Startup: ufwx6udoz.exe
O4 - Startup: wjbqkn56o.exe
O4 - Startup: zredjem5.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_14\bin\npjpi142_14.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_14\bin\npjpi142_14.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastavit prekladac - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložit &oznacený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9964EE31-5653-4D26-8E70-30F48FC876A0}: NameServer = 192.138.27.98
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FMMService - Flarion Technologies, Inc. - C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE
O23 - Service: Backbone Service (k8piwl8efu3nr5uh) - Google Inc. - C:\Documents and Settings\LocalService\Application Data\Microsoft\sytuh.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProPortmap Service - Unknown owner - C:\ptc\portmap\portmap.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programy\alcohol\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 7317 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\j2re1.4.2_14\bin\jusched.exe [2007-03-14 32881]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-02-26 2140880]
"MobilityManager"=C:\Program Files\Mobility Manager\MobilityManager []
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe [2010-12-18 65024]
"erszisjr"=C:\WINDOWS\system32\erszisjr.exe [2010-04-02 26112]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-09-01 158208]
"wr"=C:\WINDOWS\system32\umdmgr.exe [2011-01-27 61440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\wjdrive32.exe [2011-01-26 65536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"{39144447-8FF8-61B9-BE65-186E4AB7ADE8}"=C:\Documents and Settings\Lilly\Application Data\Fyabb\nykua.exe [2010-05-20 159232]
"{9772E225-27CE-E988-5958-BDF5A7BA7607}"=C:\Documents and Settings\Lilly\Application Data\Poik\onvue.exe [2010-10-30 158208]
"erszisjr"=C:\WINDOWS\system32\erszisjr.exe [2010-04-02 26112]
"JP595IR86O"=C:\DOCUME~1\Lilly\LOCALS~1\Temp\Xhd.exe [2010-12-23 240640]
"12CFG214-K641-12SF-N85P"=C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe [2011-01-27 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\12CFG214-K641-12SF-N85P]
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe [2011-01-27 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\erszisjr]
C:\WINDOWS\system32\erszisjr.exe [2010-04-02 26112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTV Agent]
C:\Program Files\HTV\HTV.exe [2007-05-19 482816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JP595IR86O]
C:\DOCUME~1\Lilly\LOCALS~1\Temp\Xhd.exe [2010-12-23 240640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Driver Setup]
C:\WINDOWS\wjdrive32.exe [2011-01-26 65536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA driver monitor]
c:\windows\nvsvc32.exe [2010-12-18 65024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tyfigoup]
C:\WINDOWS\system32\rodu.exe [2011-01-26 229888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vyre32]
C:\WINDOWS\system32\vyre32.exe [2011-01-26 167936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wr]
C:\WINDOWS\system32\umdmgr.exe [2011-01-27 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{39144447-8FF8-61B9-BE65-186E4AB7ADE8}]
C:\Documents and Settings\Lilly\Application Data\Fyabb\nykua.exe [2010-05-20 159232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{9772E225-27CE-E988-5958-BDF5A7BA7607}]
C:\Documents and Settings\Lilly\Application Data\Poik\onvue.exe [2010-10-30 158208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\Programy\Adobe\READER~1.0\Reader\READER~1.EXE [2006-10-23 40048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
C:\Programy\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2006-10-23 734872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
D:\programy\MSOFFI~1\Office\OSA9.EXE [2007-01-29 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^REALTEK 11n USB Wireless LAN Utility.lnk]
C:\PROGRA~1\REALTEK\11NUSB~1\RtWLan.exe [2009-05-04 933888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^0lofhz6.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\0lofhz6.exe [2011-01-26 42496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^bvkj6xekv.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\bvkj6xekv.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^dozmc5uf.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\dozmc5uf.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^dvo0npgqlxw.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\dvo0npgqlxw.exe [2011-01-26 42496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^em56qhvoqz.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\em56qhvoqz.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^g00lxiuxjiy.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\g00lxiuxjiy.exe [2011-01-26 42496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^i01winei56x.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\i01winei56x.exe [2011-01-26 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^mltwgts0.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\mltwgts0.exe [2011-01-26 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^olnkmj56k.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\olnkmj56k.exe [2011-01-26 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^osrwkpv0.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\osrwkpv0.exe [2011-01-26 42496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^poaz56qnhq.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\poaz56qnhq.exe [2011-01-26 42496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^qkfwb5iv.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\qkfwb5iv.exe [2011-01-26 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^sazpqth0.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\sazpqth0.exe [2011-01-26 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^ufwx6udoz.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\ufwx6udoz.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^wjbqkn56o.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\wjbqkn56o.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^zredjem5.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\zredjem5.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gupdate"=2
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup
0lofhz6.exe
bv00bnafza.exe
bvkj6xekv.exe
dozmc5uf.exe
dvo0npgqlxw.exe
em56qhvoqz.exe
g00lxiuxjiy.exe
i01winei56x.exe
mltwgts0.exe
mmjq01dgcf.exe
olnkmj56k.exe
osrwkpv0.exe
poaz56qnhq.exe
pt01vyoxnmf.exe
qkfwb5iv.exe
sazpqth0.exe
ufwx6udoz.exe
wjbqkn56o.exe
zredjem5.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Programy\BORGChat\BORGChat.exe"="C:\Programy\BORGChat\BORGChat.exe:*:Enabled:BORGChat"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Programy\BORGChat\Inbox\LOL\r_server.exe"="C:\Programy\BORGChat\Inbox\LOL\r_server.exe:*:Enabled:Remote control tool"
"C:\hry\Need for Speed Underground 2\speed2.exe"="C:\hry\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Programy\ICQ6\ICQ.exe"="C:\Programy\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\proe2001\i486_nt\obj\xtop.exe"="C:\Program Files\proe2001\i486_nt\obj\xtop.exe:*:Enabled:xtop"
"C:\Program Files\proe2001\i486_nt\nms\nmsd.exe"="C:\Program Files\proe2001\i486_nt\nms\nmsd.exe:*:Enabled:nmsd"
"C:\Program Files\proe2001\i486_nt\obj\pro_comm_msg.exe"="C:\Program Files\proe2001\i486_nt\obj\pro_comm_msg.exe:*:Enabled:pro_comm_msg"
"C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe"="C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan"
"C:\Programy\ICQ6.5\ICQ.exe"="C:\Programy\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Documents and Settings\Lilly\My Documents\Preberanie\image96523489.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\DOCUME~1\Lilly\LOCALS~1\Temp\219.exe"="C:\DOCUME~1\Lilly\LOCALS~1\Temp\219.exe:*:C:\WINDOWS\wjdrive32.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2011-01-27 00:34:33 ----D---- C:\Program Files\trend micro
2011-01-27 00:34:30 ----D---- C:\rsit
2011-01-27 00:24:01 ----A---- C:\WINDOWS\system32\umdmgr.exe
2011-01-26 23:17:25 ----D---- C:\WINDOWS\pss
2011-01-26 20:52:30 ----RSH---- C:\WINDOWS\wjdrive32.exe
2011-01-26 20:48:42 ----A---- C:\WINDOWS\system32\vyre32.exe
2011-01-26 10:38:30 ----A---- C:\WINDOWS\system32\zissessibe.exe
2011-01-25 22:16:03 ----AH---- C:\Documents and Settings\Lilly\Application Data\HhdFJl61DD.txt
2011-01-25 22:16:02 ----AH---- C:\Documents and Settings\Lilly\Application Data\Bgm7fGCGHJ.txt
2011-01-25 22:16:00 ----A---- C:\WINDOWS\system32\rodu.exe
2011-01-25 22:14:59 ----RSH---- C:\Documents and Settings\Lilly\Application Data\juzjf.exe
2011-01-25 22:14:58 ----AH---- C:\Documents and Settings\Lilly\Application Data\IK6fDMGl71.txt
2011-01-25 01:46:11 ----D---- C:\Documents and Settings\Lilly\Application Data\Help
2011-01-25 00:46:35 ----D---- C:\Documents and Settings\Lilly\Application Data\skypePM
2011-01-25 00:40:51 ----D---- C:\Program Files\Common Files\Skype
2011-01-20 02:07:54 ----D---- C:\Documents and Settings\Lilly\Application Data\Poik
2011-01-20 02:07:54 ----D---- C:\Documents and Settings\Lilly\Application Data\Naxy
2011-01-20 02:00:28 ----D---- C:\Documents and Settings\Lilly\Application Data\Udug
2011-01-20 02:00:28 ----D---- C:\Documents and Settings\Lilly\Application Data\Fyabb
2010-12-28 22:28:47 ----A---- C:\WINDOWS\system32\drivers\appdrv01.sys
2010-12-28 22:28:45 ----A---- C:\WINDOWS\system32\appdrvrem01.exe
2010-12-28 20:18:18 ----D---- C:\Program Files\V mene Pana zastupov
======List of files/folders modified in the last 1 months======
2011-01-27 00:35:02 ----D---- C:\WINDOWS\Temp
2011-01-27 00:34:33 ----RD---- C:\Program Files
2011-01-27 00:33:37 ----RSHD---- C:\RECYCLER
2011-01-27 00:24:37 ----D---- C:\WINDOWS\system32
2011-01-27 00:15:56 ----SD---- C:\WINDOWS\Tasks
2011-01-27 00:13:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-27 00:08:38 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-01-27 00:07:32 ----D---- C:\WINDOWS
2011-01-27 00:07:32 ----A---- C:\WINDOWS\RTacDbg.txt
2011-01-26 23:46:15 ----SH---- C:\boot.ini
2011-01-26 23:46:14 ----A---- C:\WINDOWS\win.ini
2011-01-26 23:46:14 ----A---- C:\WINDOWS\system.ini
2011-01-26 20:34:29 ----D---- C:\WINDOWS\Prefetch
2011-01-26 02:05:55 ----D---- C:\Documents and Settings\Lilly\Application Data\Skype
2011-01-25 18:15:10 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-25 01:46:11 ----D---- C:\WINDOWS\Help
2011-01-25 00:43:38 ----SHD---- C:\WINDOWS\Installer
2011-01-25 00:43:24 ----HD---- C:\Config.Msi
2011-01-25 00:40:59 ----RD---- C:\Program Files\Skype
2011-01-25 00:40:51 ----D---- C:\Program Files\Common Files
2011-01-25 00:39:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-01-25 00:32:31 ----D---- C:\Documents and Settings\Lilly\Application Data\ICQ
2011-01-24 09:42:14 ----D---- C:\WINDOWS\Minidump
2011-01-17 11:40:18 ----SD---- C:\Documents and Settings\Lilly\Application Data\Microsoft
2011-01-17 11:39:08 ----D---- C:\WINDOWS\WinSxS
2011-01-17 11:39:01 ----RSD---- C:\WINDOWS\Fonts
2011-01-17 11:38:39 ----D---- C:\Program Files\Microsoft Office
2011-01-17 11:38:35 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-09 13:07:31 ----D---- C:\Program Files\MSECache
2011-01-06 10:15:11 ----D---- C:\Program Files\ICQ7.2
2010-12-28 21:28:47 ----D---- C:\WINDOWS\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-05-16 46080]
R0 Vax347b;Vax347b; C:\WINDOWS\system32\DRIVERS\Vax347b.sys [2005-04-25 159616]
R0 Vax347s;Vax347s; C:\WINDOWS\System32\Drivers\Vax347s.sys [2004-04-30 5248]
R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2010-12-28 3333808]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-02-26 55232]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.1.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-03-16 21361]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-02-26 139192]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-02-26 134488]
R2 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-02-26 32584]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 FlrnUSB;Leadtek USB Network Interface; C:\WINDOWS\system32\DRIVERS\LtkUSB.sys [2008-05-14 41907]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-09-01 20480]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2009-08-14 1668352]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192su.sys [2009-05-08 583552]
S3 sermouse;Serial Mouse Driver; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2004-09-01 17664]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-02-26 810120]
R2 FMMService;FMMService; C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE [2007-12-06 40960]
R2 StarWindService;StarWind iSCSI Service; C:\Programy\alcohol\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2010-12-28 316888]
S2 k8piwl8efu3nr5uh;Backbone Service; C:\Documents and Settings\LocalService\Application Data\Microsoft\sytuh.exe [2011-01-26 229888]
S2 sgjiomo;Config Support; C:\WINDOWS\system32\svchost.exe [2004-09-01 14336]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2004-09-01 14336]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-02-26 33560]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 ProPortmap Service;ProPortmap Service; C:\ptc\portmap\portmap.exe [2001-01-19 57344]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-17 135664]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Lilly at 2011-01-27 00:34:30
Microsoft Windows XP Professional Service Pack 2
System drive C: has 796 MB (8%) free of 10 GB
Total RAM: 255 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:34:58, on 27. 1. 2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE
C:\Documents and Settings\LocalService\Application Data\Microsoft\sytuh.exe
C:\Programy\alcohol\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\j2re1.4.2_14\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Mobility Manager\MobilityManager.exe
C:\WINDOWS\system32\erszisjr.exe
C:\Program Files\Mobility Manager\jre\bin\javaw.exe
C:\windows\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\TEMP\h7963F5E8.tmp
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\TEMP\hozgawwo7B8D53D3.tmp
C:\Documents and Settings\Lilly\Desktop\RSIT.exe
C:\Program Files\trend micro\Lilly.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe "C:\DOCUME~1\Lilly\LOCALS~1\Temp\goqw.tco" vnbyln
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_14\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MobilityManager] C:\Program Files\Mobility Manager\MobilityManager
O4 - HKLM\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKLM\..\Run: [erszisjr] C:\WINDOWS\system32\erszisjr.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [wr] C:\WINDOWS\system32\umdmgr.exe
O4 - HKCU\..\Run: [{39144447-8FF8-61B9-BE65-186E4AB7ADE8}] "C:\Documents and Settings\Lilly\Application Data\Fyabb\nykua.exe"
O4 - HKCU\..\Run: [{9772E225-27CE-E988-5958-BDF5A7BA7607}] "C:\Documents and Settings\Lilly\Application Data\Poik\onvue.exe"
O4 - HKCU\..\Run: [erszisjr] C:\WINDOWS\system32\erszisjr.exe
O4 - HKCU\..\Run: [JP595IR86O] C:\DOCUME~1\Lilly\LOCALS~1\Temp\Xhd.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\wjdrive32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Startup: 0lofhz6.exe
O4 - Startup: bv00bnafza.exe
O4 - Startup: bvkj6xekv.exe
O4 - Startup: dozmc5uf.exe
O4 - Startup: dvo0npgqlxw.exe
O4 - Startup: em56qhvoqz.exe
O4 - Startup: g00lxiuxjiy.exe
O4 - Startup: i01winei56x.exe
O4 - Startup: mltwgts0.exe
O4 - Startup: mmjq01dgcf.exe
O4 - Startup: olnkmj56k.exe
O4 - Startup: osrwkpv0.exe
O4 - Startup: poaz56qnhq.exe
O4 - Startup: pt01vyoxnmf.exe
O4 - Startup: qkfwb5iv.exe
O4 - Startup: sazpqth0.exe
O4 - Startup: ufwx6udoz.exe
O4 - Startup: wjbqkn56o.exe
O4 - Startup: zredjem5.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_14\bin\npjpi142_14.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_14\bin\npjpi142_14.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastavit prekladac - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložit &oznacený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9964EE31-5653-4D26-8E70-30F48FC876A0}: NameServer = 192.138.27.98
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FMMService - Flarion Technologies, Inc. - C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE
O23 - Service: Backbone Service (k8piwl8efu3nr5uh) - Google Inc. - C:\Documents and Settings\LocalService\Application Data\Microsoft\sytuh.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProPortmap Service - Unknown owner - C:\ptc\portmap\portmap.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programy\alcohol\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 7317 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\j2re1.4.2_14\bin\jusched.exe [2007-03-14 32881]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-02-26 2140880]
"MobilityManager"=C:\Program Files\Mobility Manager\MobilityManager []
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe [2010-12-18 65024]
"erszisjr"=C:\WINDOWS\system32\erszisjr.exe [2010-04-02 26112]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-09-01 158208]
"wr"=C:\WINDOWS\system32\umdmgr.exe [2011-01-27 61440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\wjdrive32.exe [2011-01-26 65536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"{39144447-8FF8-61B9-BE65-186E4AB7ADE8}"=C:\Documents and Settings\Lilly\Application Data\Fyabb\nykua.exe [2010-05-20 159232]
"{9772E225-27CE-E988-5958-BDF5A7BA7607}"=C:\Documents and Settings\Lilly\Application Data\Poik\onvue.exe [2010-10-30 158208]
"erszisjr"=C:\WINDOWS\system32\erszisjr.exe [2010-04-02 26112]
"JP595IR86O"=C:\DOCUME~1\Lilly\LOCALS~1\Temp\Xhd.exe [2010-12-23 240640]
"12CFG214-K641-12SF-N85P"=C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe [2011-01-27 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\12CFG214-K641-12SF-N85P]
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe [2011-01-27 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\erszisjr]
C:\WINDOWS\system32\erszisjr.exe [2010-04-02 26112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTV Agent]
C:\Program Files\HTV\HTV.exe [2007-05-19 482816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JP595IR86O]
C:\DOCUME~1\Lilly\LOCALS~1\Temp\Xhd.exe [2010-12-23 240640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Driver Setup]
C:\WINDOWS\wjdrive32.exe [2011-01-26 65536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA driver monitor]
c:\windows\nvsvc32.exe [2010-12-18 65024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tyfigoup]
C:\WINDOWS\system32\rodu.exe [2011-01-26 229888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vyre32]
C:\WINDOWS\system32\vyre32.exe [2011-01-26 167936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wr]
C:\WINDOWS\system32\umdmgr.exe [2011-01-27 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{39144447-8FF8-61B9-BE65-186E4AB7ADE8}]
C:\Documents and Settings\Lilly\Application Data\Fyabb\nykua.exe [2010-05-20 159232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{9772E225-27CE-E988-5958-BDF5A7BA7607}]
C:\Documents and Settings\Lilly\Application Data\Poik\onvue.exe [2010-10-30 158208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\Programy\Adobe\READER~1.0\Reader\READER~1.EXE [2006-10-23 40048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
C:\Programy\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2006-10-23 734872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
D:\programy\MSOFFI~1\Office\OSA9.EXE [2007-01-29 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^REALTEK 11n USB Wireless LAN Utility.lnk]
C:\PROGRA~1\REALTEK\11NUSB~1\RtWLan.exe [2009-05-04 933888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^0lofhz6.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\0lofhz6.exe [2011-01-26 42496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^bvkj6xekv.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\bvkj6xekv.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^dozmc5uf.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\dozmc5uf.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^dvo0npgqlxw.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\dvo0npgqlxw.exe [2011-01-26 42496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^em56qhvoqz.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\em56qhvoqz.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^g00lxiuxjiy.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\g00lxiuxjiy.exe [2011-01-26 42496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^i01winei56x.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\i01winei56x.exe [2011-01-26 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^mltwgts0.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\mltwgts0.exe [2011-01-26 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^olnkmj56k.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\olnkmj56k.exe [2011-01-26 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^osrwkpv0.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\osrwkpv0.exe [2011-01-26 42496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^poaz56qnhq.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\poaz56qnhq.exe [2011-01-26 42496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^qkfwb5iv.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\qkfwb5iv.exe [2011-01-26 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^sazpqth0.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\sazpqth0.exe [2011-01-26 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^ufwx6udoz.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\ufwx6udoz.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^wjbqkn56o.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\wjbqkn56o.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lilly^Start Menu^Programs^Startup^zredjem5.exe]
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup\zredjem5.exe [2011-01-26 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gupdate"=2
C:\Documents and Settings\Lilly\Start Menu\Programs\Startup
0lofhz6.exe
bv00bnafza.exe
bvkj6xekv.exe
dozmc5uf.exe
dvo0npgqlxw.exe
em56qhvoqz.exe
g00lxiuxjiy.exe
i01winei56x.exe
mltwgts0.exe
mmjq01dgcf.exe
olnkmj56k.exe
osrwkpv0.exe
poaz56qnhq.exe
pt01vyoxnmf.exe
qkfwb5iv.exe
sazpqth0.exe
ufwx6udoz.exe
wjbqkn56o.exe
zredjem5.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Programy\BORGChat\BORGChat.exe"="C:\Programy\BORGChat\BORGChat.exe:*:Enabled:BORGChat"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Programy\BORGChat\Inbox\LOL\r_server.exe"="C:\Programy\BORGChat\Inbox\LOL\r_server.exe:*:Enabled:Remote control tool"
"C:\hry\Need for Speed Underground 2\speed2.exe"="C:\hry\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Programy\ICQ6\ICQ.exe"="C:\Programy\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\proe2001\i486_nt\obj\xtop.exe"="C:\Program Files\proe2001\i486_nt\obj\xtop.exe:*:Enabled:xtop"
"C:\Program Files\proe2001\i486_nt\nms\nmsd.exe"="C:\Program Files\proe2001\i486_nt\nms\nmsd.exe:*:Enabled:nmsd"
"C:\Program Files\proe2001\i486_nt\obj\pro_comm_msg.exe"="C:\Program Files\proe2001\i486_nt\obj\pro_comm_msg.exe:*:Enabled:pro_comm_msg"
"C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe"="C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan"
"C:\Programy\ICQ6.5\ICQ.exe"="C:\Programy\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Documents and Settings\Lilly\My Documents\Preberanie\image96523489.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\DOCUME~1\Lilly\LOCALS~1\Temp\219.exe"="C:\DOCUME~1\Lilly\LOCALS~1\Temp\219.exe:*:C:\WINDOWS\wjdrive32.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2011-01-27 00:34:33 ----D---- C:\Program Files\trend micro
2011-01-27 00:34:30 ----D---- C:\rsit
2011-01-27 00:24:01 ----A---- C:\WINDOWS\system32\umdmgr.exe
2011-01-26 23:17:25 ----D---- C:\WINDOWS\pss
2011-01-26 20:52:30 ----RSH---- C:\WINDOWS\wjdrive32.exe
2011-01-26 20:48:42 ----A---- C:\WINDOWS\system32\vyre32.exe
2011-01-26 10:38:30 ----A---- C:\WINDOWS\system32\zissessibe.exe
2011-01-25 22:16:03 ----AH---- C:\Documents and Settings\Lilly\Application Data\HhdFJl61DD.txt
2011-01-25 22:16:02 ----AH---- C:\Documents and Settings\Lilly\Application Data\Bgm7fGCGHJ.txt
2011-01-25 22:16:00 ----A---- C:\WINDOWS\system32\rodu.exe
2011-01-25 22:14:59 ----RSH---- C:\Documents and Settings\Lilly\Application Data\juzjf.exe
2011-01-25 22:14:58 ----AH---- C:\Documents and Settings\Lilly\Application Data\IK6fDMGl71.txt
2011-01-25 01:46:11 ----D---- C:\Documents and Settings\Lilly\Application Data\Help
2011-01-25 00:46:35 ----D---- C:\Documents and Settings\Lilly\Application Data\skypePM
2011-01-25 00:40:51 ----D---- C:\Program Files\Common Files\Skype
2011-01-20 02:07:54 ----D---- C:\Documents and Settings\Lilly\Application Data\Poik
2011-01-20 02:07:54 ----D---- C:\Documents and Settings\Lilly\Application Data\Naxy
2011-01-20 02:00:28 ----D---- C:\Documents and Settings\Lilly\Application Data\Udug
2011-01-20 02:00:28 ----D---- C:\Documents and Settings\Lilly\Application Data\Fyabb
2010-12-28 22:28:47 ----A---- C:\WINDOWS\system32\drivers\appdrv01.sys
2010-12-28 22:28:45 ----A---- C:\WINDOWS\system32\appdrvrem01.exe
2010-12-28 20:18:18 ----D---- C:\Program Files\V mene Pana zastupov
======List of files/folders modified in the last 1 months======
2011-01-27 00:35:02 ----D---- C:\WINDOWS\Temp
2011-01-27 00:34:33 ----RD---- C:\Program Files
2011-01-27 00:33:37 ----RSHD---- C:\RECYCLER
2011-01-27 00:24:37 ----D---- C:\WINDOWS\system32
2011-01-27 00:15:56 ----SD---- C:\WINDOWS\Tasks
2011-01-27 00:13:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-27 00:08:38 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-01-27 00:07:32 ----D---- C:\WINDOWS
2011-01-27 00:07:32 ----A---- C:\WINDOWS\RTacDbg.txt
2011-01-26 23:46:15 ----SH---- C:\boot.ini
2011-01-26 23:46:14 ----A---- C:\WINDOWS\win.ini
2011-01-26 23:46:14 ----A---- C:\WINDOWS\system.ini
2011-01-26 20:34:29 ----D---- C:\WINDOWS\Prefetch
2011-01-26 02:05:55 ----D---- C:\Documents and Settings\Lilly\Application Data\Skype
2011-01-25 18:15:10 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-25 01:46:11 ----D---- C:\WINDOWS\Help
2011-01-25 00:43:38 ----SHD---- C:\WINDOWS\Installer
2011-01-25 00:43:24 ----HD---- C:\Config.Msi
2011-01-25 00:40:59 ----RD---- C:\Program Files\Skype
2011-01-25 00:40:51 ----D---- C:\Program Files\Common Files
2011-01-25 00:39:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-01-25 00:32:31 ----D---- C:\Documents and Settings\Lilly\Application Data\ICQ
2011-01-24 09:42:14 ----D---- C:\WINDOWS\Minidump
2011-01-17 11:40:18 ----SD---- C:\Documents and Settings\Lilly\Application Data\Microsoft
2011-01-17 11:39:08 ----D---- C:\WINDOWS\WinSxS
2011-01-17 11:39:01 ----RSD---- C:\WINDOWS\Fonts
2011-01-17 11:38:39 ----D---- C:\Program Files\Microsoft Office
2011-01-17 11:38:35 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-09 13:07:31 ----D---- C:\Program Files\MSECache
2011-01-06 10:15:11 ----D---- C:\Program Files\ICQ7.2
2010-12-28 21:28:47 ----D---- C:\WINDOWS\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-05-16 46080]
R0 Vax347b;Vax347b; C:\WINDOWS\system32\DRIVERS\Vax347b.sys [2005-04-25 159616]
R0 Vax347s;Vax347s; C:\WINDOWS\System32\Drivers\Vax347s.sys [2004-04-30 5248]
R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2010-12-28 3333808]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-02-26 55232]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.1.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-03-16 21361]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-02-26 139192]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-02-26 134488]
R2 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-02-26 32584]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 FlrnUSB;Leadtek USB Network Interface; C:\WINDOWS\system32\DRIVERS\LtkUSB.sys [2008-05-14 41907]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-09-01 20480]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2009-08-14 1668352]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192su.sys [2009-05-08 583552]
S3 sermouse;Serial Mouse Driver; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2004-09-01 17664]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-02-26 810120]
R2 FMMService;FMMService; C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE [2007-12-06 40960]
R2 StarWindService;StarWind iSCSI Service; C:\Programy\alcohol\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2010-12-28 316888]
S2 k8piwl8efu3nr5uh;Backbone Service; C:\Documents and Settings\LocalService\Application Data\Microsoft\sytuh.exe [2011-01-26 229888]
S2 sgjiomo;Config Support; C:\WINDOWS\system32\svchost.exe [2004-09-01 14336]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2004-09-01 14336]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-02-26 33560]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 ProPortmap Service;ProPortmap Service; C:\ptc\portmap\portmap.exe [2001-01-19 57344]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-17 135664]
-----------------EOF-----------------
Vy jste se dal na chov konicku trojskych a stadecka rootkitu 
Zaliskane to mate jak jetel 
) Start je ovela rychlejsi, pc nezamrza, oproti tomu ako sa spraval pred tym je to o 100 % lepsie