Prajem pekný deň
Napsal: 07 črc 2012 11:28
Ahojte,
prosím o kontrolu logu,vopred dakujem (este som zabudol napisat že mi NOD pri kontrole najde nieco v operacnej pamati ale nevie si s tym poradit):
Logfile of random's system information tool 1.09 (written by random/random)
Run by Mogon at 2012-07-07 12:25:20
Microsoft Windows XP Professional Service Pack 3
System drive I: has 25 GB (32%) free of 80 GB
Total RAM: 3326 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:25:26, on 7.7.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
I:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
I:\Program Files\ESET\ESET Smart Security\ekrn.exe
I:\Program Files\Guard-ICQ\GuardICQ.exe
I:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
I:\WINDOWS\system32\svchost.exe
I:\TeklaStructures\License\Server\lmgrd.exe
I:\TeklaStructures\License\Server\lmgrd.exe
I:\TeklaStructures\License\Server\tekla.exe
I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\RTHDCPL.EXE
I:\WINDOWS\SOUNDMAN.EXE
I:\WINDOWS\tsnp325.exe
I:\WINDOWS\vsnp325.exe
I:\WINDOWS\system32\RUNDLL32.EXE
I:\Program Files\ESET\ESET Smart Security\egui.exe
I:\Program Files\PeerGuardian2\pg2.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\ICQ7M\ICQ.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Documents and Settings\Mogon\Desktop\RSIT.exe
I:\Program Files\Trend Micro\Mogon.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/9514
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - I:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - I:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - I:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] I:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [tsnp325] I:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] I:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "I:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [PeerGuardian] I:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Aktualizovat ESET licenci.lnk = I:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://I:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://I:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://I:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://I:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://I:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - I:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - I:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - I:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - I:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file:///I:/Program%20Files/AutoCAD%202002%20Cz/InstFred.ocx
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} (Web Viewer Class) - file:///C:/_Schodiská,%20Balkóny,%20Zábradlia/Zábr.%20točeného%20bet.%20schodiska/PublicWeb/dll/zkitlib.dll
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Ovládací prvek AcDcToday) - file:///I:/Program%20Files/AutoCAD%202002%20Cz/AcDcToday.ocx
O16 - DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file:///I:/Program%20Files/AutoCAD%202002%20Cz/InstBanr.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file:///I:/Program%20Files/AutoCAD%202002%20Cz/AcPreview.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - I:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - I:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - I:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - I:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - I:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - I:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - I:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - I:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - I:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - I:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - I:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Guard.Mail.ru - Unknown owner - I:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - I:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - I:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - I:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - I:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: Tekla Structures Licensing Service - Flexera Software, Inc. - I:\TeklaStructures\License\Server\lmgrd.exe
--
End of file - 10081 bytes
======Scheduled tasks folder======
I:\WINDOWS\tasks\Adobe Flash Player Updater.job
I:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
I:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "extensions.enabledItems" - "{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.2b, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.1&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=I:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=I:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=I:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=I:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32]
"Description"=
"Path"=I:\WINDOWS\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=I:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=I:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=I:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=I:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=I:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=I:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
I:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
I:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
I:\Program Files\Mozilla Firefox\plugins\
npEModelPlugin.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsEModelPlugin.xpt
QuickTimePlugin.class
I:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\extensions\
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{20a82645-c095-46ed-80e3-08825760534b}
I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\searchplugins\
icqplugin.gif
icqplugin.src
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - I:\Program Files\Java\jre6\bin\ssv.dll [2012-05-06 329504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-05-06 59168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-05-06 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - I:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - I:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=I:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"SoundMan"=I:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=I:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"JMB36X IDE Setup"=I:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"tsnp325"=I:\WINDOWS\tsnp325.exe [2007-04-21 270336]
"snp325"=I:\WINDOWS\vsnp325.exe [2007-05-10 835584]
"NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"egui"=I:\Program Files\ESET\ESET Smart Security\egui.exe [2009-09-11 2054360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"=I:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"ctfmon.exe"=I:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DT PLP]
I:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [2010-05-17 121456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
I:\Program Files\Guard-ICQ\GuardICQ.exe [2012-06-19 1564368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
I:\Program Files\ICQ7M\ICQ.exe [2012-06-19 127040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
I:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [2010-05-13 110192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
I:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-07-25 433360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
I:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
I:\Program Files\Winamp\winampa.exe [2003-12-13 33792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]
I:\PROGRA~1\WI459E~1\WINDOW~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^GIGABYTE Gamer HUD.lnk]
I:\PROGRA~1\GIGABYTE\GAMERH~1\HUD.exe [2008-06-26 1940992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^SolidWorks Task Scheduler Engine.lnk]
I:\PROGRA~1\SOLIDW~1\SWSCHE~1\SWBOEN~1.EXE [2007-09-09 488728]
I:\Documents and Settings\All Users\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - I:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
I:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2007-02-27 282624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
I:\WINDOWS\system32\WgaLogon.dll [2008-10-18 200064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=I:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=I:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=I:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.xvid"=xvidvfw.dll
======File associations======
.scr - open - I:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2012-06-19 21:08:49 ----D---- I:\Documents and Settings\Mogon\Application Data\ICQ Search
2012-06-19 21:08:45 ----D---- I:\Program Files\ICQ6Toolbar
2012-06-19 21:08:43 ----D---- I:\Program Files\Guard-ICQ
2012-06-19 21:08:40 ----D---- I:\Documents and Settings\All Users\Application Data\ICQ
2012-06-19 21:07:59 ----D---- I:\Program Files\ICQ7M
2012-06-15 00:42:07 ----HDC---- I:\WINDOWS\$NtUninstallKB2707511$
2012-06-15 00:32:36 ----HDC---- I:\WINDOWS\$NtUninstallKB2685939$
2012-06-15 00:29:59 ----HDC---- I:\WINDOWS\$NtUninstallKB2709162$
======List of files/folders modified in the last 1 month======
2012-07-07 12:25:23 ----D---- I:\Program Files\PeerGuardian2
2012-07-07 12:25:20 ----D---- I:\Program Files\Trend Micro
2012-07-07 12:23:56 ----D---- I:\WINDOWS\Temp
2012-07-07 12:12:38 ----D---- I:\WINDOWS
2012-07-07 09:32:00 ----D---- I:\WINDOWS\system32\drivers
2012-07-07 00:17:35 ----N---- I:\WINDOWS\SchedLgU.Txt
2012-07-06 23:39:09 ----D---- I:\WINDOWS\system32\CatRoot2
2012-07-06 22:35:35 ----D---- I:\WINDOWS\Prefetch
2012-07-06 22:34:38 ----D---- I:\Program Files\SUPERAntiSpyware
2012-07-06 22:29:21 ----D---- I:\Documents and Settings\All Users\Application Data\YouTube Downloader
2012-07-05 17:47:34 ----A---- I:\WINDOWS\NeroDigital.ini
2012-07-05 13:51:36 ----D---- I:\Documents and Settings\Mogon\Application Data\ICQ
2012-07-04 16:39:05 ----A---- I:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-02 20:10:48 ----D---- I:\Documents and Settings\Mogon\Application Data\SolidWorks
2012-06-29 13:36:53 ----D---- I:\WINDOWS\system32
2012-06-25 23:23:32 ----HD---- I:\BJPrinter
2012-06-24 19:21:15 ----HD---- I:\WINDOWS\inf
2012-06-24 11:47:15 ----D---- I:\Documents and Settings\Mogon\Application Data\Skype
2012-06-24 11:05:04 ----D---- I:\Documents and Settings\Mogon\Application Data\skypePM
2012-06-22 18:35:20 ----D---- I:\WINDOWS\Debug
2012-06-21 19:36:15 ----SHD---- I:\WINDOWS\Installer
2012-06-21 19:36:14 ----D---- I:\Config.Msi
2012-06-20 18:34:09 ----RSHDC---- I:\WINDOWS\system32\dllcache
2012-06-19 21:25:49 ----A---- I:\WINDOWS\wincmd.ini
2012-06-19 21:08:45 ----HD---- I:\Program Files\InstallShield Installation Information
2012-06-19 21:08:45 ----D---- I:\Program Files
2012-06-19 18:14:33 ----D---- I:\WINDOWS\Help
2012-06-17 08:54:58 ----D---- I:\Program Files\Mozilla Maintenance Service
2012-06-16 20:53:06 ----D---- I:\Program Files\Mozilla Firefox
2012-06-15 15:14:24 ----RSD---- I:\WINDOWS\assembly
2012-06-15 15:14:24 ----D---- I:\WINDOWS\Microsoft.NET
2012-06-15 00:42:33 ----D---- I:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-06-15 00:41:59 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI
2012-06-15 00:41:55 ----D---- I:\WINDOWS\WinSxS
2012-06-15 00:35:55 ----A---- I:\WINDOWS\system32\MRT.exe
2012-06-15 00:33:04 ----D---- I:\Program Files\Internet Explorer
2012-06-15 00:32:45 ----HD---- I:\WINDOWS\$hf_mig$
2012-06-12 18:36:13 ----D---- I:\Program Files\JDownloader
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 imagedrv;imagedrv; I:\WINDOWS\System32\Drivers\imagedrv.sys [2005-08-15 5888]
R0 imagesrv;imagesrv; I:\WINDOWS\system32\DRIVERS\imagesrv.sys [2005-08-15 127488]
R0 JRAID;JRAID; I:\WINDOWS\system32\DRIVERS\jraid.sys [2008-11-04 83296]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; I:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; I:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; I:\WINDOWS\System32\Drivers\sptd.sys [2010-12-24 685816]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; I:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ehdrv;ehdrv; I:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 epfwtdi;epfwtdi; I:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-09-11 55768]
R1 intelppm;Intel Processor Driver; I:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\I:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\I:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 Aspi32;Aspi32; I:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 eamon;eamon; I:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 epfw;epfw; I:\WINDOWS\system32\DRIVERS\epfw.sys [2009-09-11 135048]
R2 Sentinel;Sentinel; I:\WINDOWS\System32\Drivers\SENTINEL.SYS [2006-03-14 90176]
R3 Arp1394;1394 ARP Client Protocol; I:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 Epfwndis;Eset Personal Firewall; I:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 gdrv;gdrv; \??\I:\WINDOWS\gdrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 NIC1394;1394 Net Driver; I:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 PdiPorts;Portrait Displays low level device driver; I:\WINDOWS\System32\Drivers\PdiPorts.sys [2010-04-16 17136]
R3 pgfilter;pgfilter; \??\I:\Program Files\PeerGuardian2\pgfilter.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; I:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-16 115840]
R3 SNP325;USB PC Camera (SNPSTD325); I:\WINDOWS\system32\DRIVERS\snp325.sys [2007-07-24 10394624]
R3 usbstor;USB Mass Storage Driver; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 Pivot;Pivot; I:\WINDOWS\System32\drivers\pivot.sys [2010-05-13 17465]
S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\I:\Program Files\CyberLink\PowerDVD\000.fcl []
S3 aepwvini;aepwvini; I:\WINDOWS\system32\drivers\aepwvini.sys []
S3 CCDECODE;Closed Caption Decoder; I:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\I:\WINDOWS\system32\drivers\CDANT.SYS []
S3 HidUsb;Microsoft HID Class Driver; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; I:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; I:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; I:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pivotmou;Pivot Mouse/Pointers Filter Driver; \??\I:\WINDOWS\System32\drivers\pivotmou.sys []
S3 SASENUM;SASENUM; \??\I:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; I:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; I:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; I:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Sony Ericsson USB Serial Port; I:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 WpdUsb;WpdUsb; I:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; I:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; I:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 C-DillaSrv;C-DillaSrv; I:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2009-08-18 32256]
R2 DTSRVC;Portrait Displays Display Tune Service; I:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2010-05-17 121456]
R2 ekrn;ESET Service; I:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-09-11 735960]
R2 Guard.Mail.ru;Guard.Mail.ru; I:\Program Files\Guard-ICQ\GuardICQ.exe [2012-06-19 1564368]
R2 ICQ Service;ICQ Service; I:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2012-05-06 153376]
R2 NVSvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 PdiService;Portrait Displays SDK Service; I:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-04-16 109168]
R2 Tekla Structures Licensing Service;Tekla Structures Licensing Service; I:\TeklaStructures\License\Server\lmgrd.exe [2010-07-12 1377104]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-02-01 1044816]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 GEST Service;GEST Service for program management.; I:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-12-08 68136]
S2 gupdate;Služba Google Update (gupdate); I:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; I:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-04 250056]
S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; I:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-04-02 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; I:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-10-15 87336]
S3 EhttpSrv;ESET HTTP Server; I:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-09-11 20680]
S3 gupdatem;Služba Google Update (gupdatem); I:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S3 IDriverT;InstallDriver Table Manager; I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120]
S3 odserv;Microsoft Office Diagnostics Service; I:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; I:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; I:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2012-02-26 79360]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; I:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; I:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NBService;NBService; I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
prosím o kontrolu logu,vopred dakujem (este som zabudol napisat že mi NOD pri kontrole najde nieco v operacnej pamati ale nevie si s tym poradit):
Logfile of random's system information tool 1.09 (written by random/random)
Run by Mogon at 2012-07-07 12:25:20
Microsoft Windows XP Professional Service Pack 3
System drive I: has 25 GB (32%) free of 80 GB
Total RAM: 3326 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:25:26, on 7.7.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
I:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
I:\Program Files\ESET\ESET Smart Security\ekrn.exe
I:\Program Files\Guard-ICQ\GuardICQ.exe
I:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
I:\WINDOWS\system32\svchost.exe
I:\TeklaStructures\License\Server\lmgrd.exe
I:\TeklaStructures\License\Server\lmgrd.exe
I:\TeklaStructures\License\Server\tekla.exe
I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\RTHDCPL.EXE
I:\WINDOWS\SOUNDMAN.EXE
I:\WINDOWS\tsnp325.exe
I:\WINDOWS\vsnp325.exe
I:\WINDOWS\system32\RUNDLL32.EXE
I:\Program Files\ESET\ESET Smart Security\egui.exe
I:\Program Files\PeerGuardian2\pg2.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\ICQ7M\ICQ.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Documents and Settings\Mogon\Desktop\RSIT.exe
I:\Program Files\Trend Micro\Mogon.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/9514
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - I:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - I:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - I:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] I:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [tsnp325] I:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] I:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "I:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [PeerGuardian] I:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Aktualizovat ESET licenci.lnk = I:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://I:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://I:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://I:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://I:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://I:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - I:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - I:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - I:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - I:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file:///I:/Program%20Files/AutoCAD%202002%20Cz/InstFred.ocx
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} (Web Viewer Class) - file:///C:/_Schodiská,%20Balkóny,%20Zábradlia/Zábr.%20točeného%20bet.%20schodiska/PublicWeb/dll/zkitlib.dll
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Ovládací prvek AcDcToday) - file:///I:/Program%20Files/AutoCAD%202002%20Cz/AcDcToday.ocx
O16 - DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file:///I:/Program%20Files/AutoCAD%202002%20Cz/InstBanr.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file:///I:/Program%20Files/AutoCAD%202002%20Cz/AcPreview.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - I:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - I:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - I:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - I:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - I:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - I:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - I:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - I:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - I:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - I:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - I:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Guard.Mail.ru - Unknown owner - I:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - I:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - I:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - I:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - I:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: Tekla Structures Licensing Service - Flexera Software, Inc. - I:\TeklaStructures\License\Server\lmgrd.exe
--
End of file - 10081 bytes
======Scheduled tasks folder======
I:\WINDOWS\tasks\Adobe Flash Player Updater.job
I:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
I:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "extensions.enabledItems" - "{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.2b, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.1&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=I:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=I:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=I:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=I:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32]
"Description"=
"Path"=I:\WINDOWS\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=I:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=I:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=I:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=I:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=I:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=I:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
I:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
I:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
I:\Program Files\Mozilla Firefox\plugins\
npEModelPlugin.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsEModelPlugin.xpt
QuickTimePlugin.class
I:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\extensions\
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{20a82645-c095-46ed-80e3-08825760534b}
I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\searchplugins\
icqplugin.gif
icqplugin.src
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - I:\Program Files\Java\jre6\bin\ssv.dll [2012-05-06 329504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-05-06 59168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-05-06 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - I:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - I:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=I:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"SoundMan"=I:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=I:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"JMB36X IDE Setup"=I:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"tsnp325"=I:\WINDOWS\tsnp325.exe [2007-04-21 270336]
"snp325"=I:\WINDOWS\vsnp325.exe [2007-05-10 835584]
"NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"egui"=I:\Program Files\ESET\ESET Smart Security\egui.exe [2009-09-11 2054360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"=I:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"ctfmon.exe"=I:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DT PLP]
I:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [2010-05-17 121456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
I:\Program Files\Guard-ICQ\GuardICQ.exe [2012-06-19 1564368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
I:\Program Files\ICQ7M\ICQ.exe [2012-06-19 127040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
I:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [2010-05-13 110192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
I:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-07-25 433360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
I:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
I:\Program Files\Winamp\winampa.exe [2003-12-13 33792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]
I:\PROGRA~1\WI459E~1\WINDOW~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^GIGABYTE Gamer HUD.lnk]
I:\PROGRA~1\GIGABYTE\GAMERH~1\HUD.exe [2008-06-26 1940992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^SolidWorks Task Scheduler Engine.lnk]
I:\PROGRA~1\SOLIDW~1\SWSCHE~1\SWBOEN~1.EXE [2007-09-09 488728]
I:\Documents and Settings\All Users\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - I:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
I:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2007-02-27 282624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
I:\WINDOWS\system32\WgaLogon.dll [2008-10-18 200064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=I:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=I:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=I:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.xvid"=xvidvfw.dll
======File associations======
.scr - open - I:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2012-06-19 21:08:49 ----D---- I:\Documents and Settings\Mogon\Application Data\ICQ Search
2012-06-19 21:08:45 ----D---- I:\Program Files\ICQ6Toolbar
2012-06-19 21:08:43 ----D---- I:\Program Files\Guard-ICQ
2012-06-19 21:08:40 ----D---- I:\Documents and Settings\All Users\Application Data\ICQ
2012-06-19 21:07:59 ----D---- I:\Program Files\ICQ7M
2012-06-15 00:42:07 ----HDC---- I:\WINDOWS\$NtUninstallKB2707511$
2012-06-15 00:32:36 ----HDC---- I:\WINDOWS\$NtUninstallKB2685939$
2012-06-15 00:29:59 ----HDC---- I:\WINDOWS\$NtUninstallKB2709162$
======List of files/folders modified in the last 1 month======
2012-07-07 12:25:23 ----D---- I:\Program Files\PeerGuardian2
2012-07-07 12:25:20 ----D---- I:\Program Files\Trend Micro
2012-07-07 12:23:56 ----D---- I:\WINDOWS\Temp
2012-07-07 12:12:38 ----D---- I:\WINDOWS
2012-07-07 09:32:00 ----D---- I:\WINDOWS\system32\drivers
2012-07-07 00:17:35 ----N---- I:\WINDOWS\SchedLgU.Txt
2012-07-06 23:39:09 ----D---- I:\WINDOWS\system32\CatRoot2
2012-07-06 22:35:35 ----D---- I:\WINDOWS\Prefetch
2012-07-06 22:34:38 ----D---- I:\Program Files\SUPERAntiSpyware
2012-07-06 22:29:21 ----D---- I:\Documents and Settings\All Users\Application Data\YouTube Downloader
2012-07-05 17:47:34 ----A---- I:\WINDOWS\NeroDigital.ini
2012-07-05 13:51:36 ----D---- I:\Documents and Settings\Mogon\Application Data\ICQ
2012-07-04 16:39:05 ----A---- I:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-02 20:10:48 ----D---- I:\Documents and Settings\Mogon\Application Data\SolidWorks
2012-06-29 13:36:53 ----D---- I:\WINDOWS\system32
2012-06-25 23:23:32 ----HD---- I:\BJPrinter
2012-06-24 19:21:15 ----HD---- I:\WINDOWS\inf
2012-06-24 11:47:15 ----D---- I:\Documents and Settings\Mogon\Application Data\Skype
2012-06-24 11:05:04 ----D---- I:\Documents and Settings\Mogon\Application Data\skypePM
2012-06-22 18:35:20 ----D---- I:\WINDOWS\Debug
2012-06-21 19:36:15 ----SHD---- I:\WINDOWS\Installer
2012-06-21 19:36:14 ----D---- I:\Config.Msi
2012-06-20 18:34:09 ----RSHDC---- I:\WINDOWS\system32\dllcache
2012-06-19 21:25:49 ----A---- I:\WINDOWS\wincmd.ini
2012-06-19 21:08:45 ----HD---- I:\Program Files\InstallShield Installation Information
2012-06-19 21:08:45 ----D---- I:\Program Files
2012-06-19 18:14:33 ----D---- I:\WINDOWS\Help
2012-06-17 08:54:58 ----D---- I:\Program Files\Mozilla Maintenance Service
2012-06-16 20:53:06 ----D---- I:\Program Files\Mozilla Firefox
2012-06-15 15:14:24 ----RSD---- I:\WINDOWS\assembly
2012-06-15 15:14:24 ----D---- I:\WINDOWS\Microsoft.NET
2012-06-15 00:42:33 ----D---- I:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-06-15 00:41:59 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI
2012-06-15 00:41:55 ----D---- I:\WINDOWS\WinSxS
2012-06-15 00:35:55 ----A---- I:\WINDOWS\system32\MRT.exe
2012-06-15 00:33:04 ----D---- I:\Program Files\Internet Explorer
2012-06-15 00:32:45 ----HD---- I:\WINDOWS\$hf_mig$
2012-06-12 18:36:13 ----D---- I:\Program Files\JDownloader
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 imagedrv;imagedrv; I:\WINDOWS\System32\Drivers\imagedrv.sys [2005-08-15 5888]
R0 imagesrv;imagesrv; I:\WINDOWS\system32\DRIVERS\imagesrv.sys [2005-08-15 127488]
R0 JRAID;JRAID; I:\WINDOWS\system32\DRIVERS\jraid.sys [2008-11-04 83296]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; I:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; I:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; I:\WINDOWS\System32\Drivers\sptd.sys [2010-12-24 685816]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; I:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ehdrv;ehdrv; I:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 epfwtdi;epfwtdi; I:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-09-11 55768]
R1 intelppm;Intel Processor Driver; I:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\I:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\I:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 Aspi32;Aspi32; I:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 eamon;eamon; I:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 epfw;epfw; I:\WINDOWS\system32\DRIVERS\epfw.sys [2009-09-11 135048]
R2 Sentinel;Sentinel; I:\WINDOWS\System32\Drivers\SENTINEL.SYS [2006-03-14 90176]
R3 Arp1394;1394 ARP Client Protocol; I:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 Epfwndis;Eset Personal Firewall; I:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 gdrv;gdrv; \??\I:\WINDOWS\gdrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 NIC1394;1394 Net Driver; I:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 PdiPorts;Portrait Displays low level device driver; I:\WINDOWS\System32\Drivers\PdiPorts.sys [2010-04-16 17136]
R3 pgfilter;pgfilter; \??\I:\Program Files\PeerGuardian2\pgfilter.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; I:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-16 115840]
R3 SNP325;USB PC Camera (SNPSTD325); I:\WINDOWS\system32\DRIVERS\snp325.sys [2007-07-24 10394624]
R3 usbstor;USB Mass Storage Driver; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 Pivot;Pivot; I:\WINDOWS\System32\drivers\pivot.sys [2010-05-13 17465]
S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\I:\Program Files\CyberLink\PowerDVD\000.fcl []
S3 aepwvini;aepwvini; I:\WINDOWS\system32\drivers\aepwvini.sys []
S3 CCDECODE;Closed Caption Decoder; I:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\I:\WINDOWS\system32\drivers\CDANT.SYS []
S3 HidUsb;Microsoft HID Class Driver; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; I:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; I:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; I:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pivotmou;Pivot Mouse/Pointers Filter Driver; \??\I:\WINDOWS\System32\drivers\pivotmou.sys []
S3 SASENUM;SASENUM; \??\I:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; I:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; I:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; I:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Sony Ericsson USB Serial Port; I:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 WpdUsb;WpdUsb; I:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; I:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; I:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 C-DillaSrv;C-DillaSrv; I:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2009-08-18 32256]
R2 DTSRVC;Portrait Displays Display Tune Service; I:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2010-05-17 121456]
R2 ekrn;ESET Service; I:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-09-11 735960]
R2 Guard.Mail.ru;Guard.Mail.ru; I:\Program Files\Guard-ICQ\GuardICQ.exe [2012-06-19 1564368]
R2 ICQ Service;ICQ Service; I:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2012-05-06 153376]
R2 NVSvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 PdiService;Portrait Displays SDK Service; I:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-04-16 109168]
R2 Tekla Structures Licensing Service;Tekla Structures Licensing Service; I:\TeklaStructures\License\Server\lmgrd.exe [2010-07-12 1377104]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-02-01 1044816]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 GEST Service;GEST Service for program management.; I:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-12-08 68136]
S2 gupdate;Služba Google Update (gupdate); I:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; I:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-04 250056]
S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; I:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-04-02 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; I:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-10-15 87336]
S3 EhttpSrv;ESET HTTP Server; I:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-09-11 20680]
S3 gupdatem;Služba Google Update (gupdatem); I:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S3 IDriverT;InstallDriver Table Manager; I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120]
S3 odserv;Microsoft Office Diagnostics Service; I:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; I:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; I:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2012-02-26 79360]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; I:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; I:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NBService;NBService; I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Pokud chcete pomoci, tak odinstalujte ten nelegalni NOD a nahradte jej free resenim. Pote dejte novy log z RSIT. Tento muj "pozadavek" vychazi z platnych pravidel fora, ktere jste vy i ja povinnen dodrzovat
