Obrazovka smrti
Napsal: 20 bře 2010 13:07
Ahoj, po niekoľkých minútach od zapnutia pc sa mi bezdôvodne zobrazuje modrá obrazovka smrti, vypisuje bud kernel data inpage error alebo win32k.sys, atapi.sys. Dakujem za akukolvek pomoc
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-03-20 12:57:34
Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (8%) free of 15 GB
Total RAM: 1014 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:57:37, on 20. 3. 2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\WINDOWS\system32\FSRremoS.EXE
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ppRemoteService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\PestPatrol\PPMCActiveDetection.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Internet programy\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
D:\Stiahnuté súbory\RSIT.exe
D:\Program Files\Internet programy\HijackThis\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.2.4:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = lintweb;infhp;10.*;*.rp;*.*.rp;*.*.*.rp;*.*.*.*.rp;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [UC_Start] C:\Program Files\IBM\Updater\\ucstartup.exe
O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe
O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: SAPlpd.lnk = C:\Program Files\SAP\FrontEnd\SAPgui\SAPlpd\SAPlpd.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4544828265
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PestPatrol Remote - Computer Associates International, Inc. - C:\WINDOWS\system32\ppRemoteService.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 5301 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-10-08 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-10-08 126976]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360]
"UC_Start"=C:\Program Files\IBM\Updater\\ucstartup.exe [2003-09-30 36864]
"UC_SMB"= []
""= []
"ibmmessages"=C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe [2004-04-20 438272]
"IBMPRC"=C:\IBMTOOLS\UTILS\ibmprc.exe [2004-03-19 90112]
"Mouse Suite 98 Daemon"=C:\WINDOWS\system32\ICO.EXE [2003-11-20 57344]
"Realtime Monitor"=C:\PROGRA~1\CA\ETRUST~1\realmon.exe [2004-04-07 504080]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [2003-05-14 188416]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"ibmmessages"=C:\Program Files\IBM\Messages By IBM\ibmmessages.exe [2004-04-20 438272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-10-08 344064]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
pwdmon
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\IBM\Updater\ucsmb.exe"="%ProgramFiles%\IBM\Updater\ucsmb.exe:*:enabled:IBM Update Connector"
"%ProgramFiles%\IBM\Updater\jre\bin\java.exe"="%ProgramFiles%\IBM\Updater\jre\bin\java.exe:*:enabled:IBM Update Connector"
"%ProgramFiles%\IBM\Updater\jre\bin\javaw.exe"="%ProgramFiles%\IBM\Updater\jre\bin\javaw.exe:*:enabled:IBM Update Connector"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\SAP\FrontEnd\SAPgui\saplogon.exe"="C:\Program Files\SAP\FrontEnd\SAPgui\saplogon.exe:*:Enabled:SAP Logon for Windows"
"C:\Program Files\SAP\FrontEnd\SAPgui\SAPlpd\SAPlpd.exe"="C:\Program Files\SAP\FrontEnd\SAPgui\SAPlpd\SAPlpd.exe:*:Enabled:SAPlpd"
"C:\Program Files\CA\eTrust Antivirus\Realmon.exe"="C:\Program Files\CA\eTrust Antivirus\Realmon.exe:*:Enabled:Realmon"
"C:\Program Files\CA\eTrust Antivirus\InoRpc.exe"="C:\Program Files\CA\eTrust Antivirus\InoRpc.exe:*:Enabled:eTrust Antivirus - RPC Server"
"C:\Program Files\CA\eTrust Antivirus\InocIT.exe"="C:\Program Files\CA\eTrust Antivirus\InocIT.exe:*:Enabled:eTrust Antivirus - Local Scanner"
"C:\Program Files\CA\eTrust Antivirus\Shellscn.exe"="C:\Program Files\CA\eTrust Antivirus\Shellscn.exe:*:Disabled:Shellscn"
"C:\Documents and Settings\Milco Maros\Local Settings\Application Data\Skype\Phone\Skype.exe"="C:\Documents and Settings\Milco Maros\Local Settings\Application Data\Skype\Phone\Skype.exe:*:Disabled:Skype. Take a deep breath "
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer"
"D:\Program Files\Internet programy\ICQ7.0\ICQ.exe"="D:\Program Files\Internet programy\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Program Files\Internet programy\ICQ7.0\aolload.exe"="D:\Program Files\Internet programy\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"D:\Program Files\Internet programy\Phone\Skype.exe"="D:\Program Files\Internet programy\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%ProgramFiles%\IBM\Updater\ucsmb.exe"="%ProgramFiles%\IBM\Updater\ucsmb.exe:*:enabled:IBM Update Connector"
"%ProgramFiles%\IBM\Updater\jre\bin\java.exe"="%ProgramFiles%\IBM\Updater\jre\bin\java.exe:*:enabled:IBM Update Connector"
"%ProgramFiles%\IBM\Updater\jre\bin\javaw.exe"="%ProgramFiles%\IBM\Updater\jre\bin\javaw.exe:*:enabled:IBM Update Connector"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Internet programy\ICQ7.0\ICQ.exe"="D:\Program Files\Internet programy\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Program Files\Internet programy\ICQ7.0\aolload.exe"="D:\Program Files\Internet programy\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-03-20 12:57:34 ----D---- C:\rsit
2010-03-19 15:16:06 ----A---- C:\Pltfrm2.ini
2010-03-19 14:04:43 ----DC---- C:\WINDOWS\$NtUninstallKB956802$
2010-03-19 14:00:44 ----DC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-19 14:00:26 ----DC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-03-19 13:59:51 ----DC---- C:\WINDOWS\$NtUninstallKB923561$
2010-03-19 13:59:05 ----DC---- C:\WINDOWS\$NtUninstallKB975467$
2010-03-19 13:58:42 ----DC---- C:\WINDOWS\$NtUninstallKB968389$
2010-03-19 13:57:38 ----DC---- C:\WINDOWS\$NtUninstallKB969947$
2010-03-13 17:43:32 ----D---- C:\Config.Msi
2010-03-12 20:49:59 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2010-03-12 20:46:08 ----D---- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2010-03-12 20:39:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-03-12 20:16:28 ----A---- C:\WINDOWS\WTRDICT.INI
2010-03-12 20:16:28 ----A---- C:\WINDOWS\STXKBDSS.INI
2010-03-12 20:15:58 ----A---- C:\WINDOWS\WINTRAN.INI
2010-03-12 20:15:58 ----A---- C:\WINDOWS\STXKBDTS.INI
2010-03-06 15:13:21 ----D---- C:\Documents and Settings\Administrator\Application Data\WinRAR
2010-03-06 12:53:29 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-06 12:50:37 ----D---- C:\Documents and Settings\Administrator\Application Data\Publish Providers
2010-03-06 12:29:16 ----N---- C:\WINDOWS\system32\dbmsqlgc.dll
2010-03-06 12:29:16 ----N---- C:\WINDOWS\system32\dbmsgnet.dll
2010-03-06 12:28:21 ----D---- C:\Program Files\Microsoft SQL Server
2010-03-06 12:26:08 ----D---- C:\Documents and Settings\Administrator\Application Data\Sony
2010-03-06 12:16:56 ----D---- C:\Program Files\Vstplugins
2010-03-06 12:16:29 ----D---- C:\Documents and Settings\All Users\Application Data\Sony
2010-03-06 12:04:17 ----D---- C:\Documents and Settings\Administrator\Application Data\Sony Setup
2010-03-06 11:58:40 ----D---- C:\Documents and Settings\Administrator\Application Data\ACD Systems
2010-03-06 11:57:52 ----D---- C:\Documents and Settings\All Users\Application Data\ACD Systems
2010-03-06 11:57:51 ----D---- C:\Program Files\Common Files\ACD Systems
2010-03-06 11:35:11 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-03-06 11:35:10 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-06 11:30:34 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-03-06 11:30:34 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-03-06 11:30:34 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-03-06 11:30:34 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-03-06 11:06:00 ----A---- C:\WINDOWS\system32\hpzsnt07.dll
2010-03-05 22:26:54 ----D---- C:\WINDOWS\Logs
2010-03-05 22:23:15 ----D---- C:\WINDOWS\RegisteredPackages
2010-03-05 22:20:52 ----D---- C:\Documents and Settings\Administrator\Application Data\Winamp
2010-03-05 22:17:48 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2010-03-05 22:16:50 ----D---- C:\Program Files\Skype
2010-03-05 22:09:25 ----D---- C:\Documents and Settings\Administrator\Application Data\ICQ
2010-03-05 21:54:41 ----D---- C:\Program Files\hp deskjet 3420 series
2010-03-05 21:52:27 ----D---- C:\Program Files\Hewlett-Packard
2010-03-04 15:22:36 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-03-03 17:57:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Mozilla
2010-03-03 17:20:18 ----A---- C:\WINDOWS\IE4 Error Log.txt
2010-03-03 15:45:39 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2010-03-03 15:45:39 ----D---- C:\Documents and Settings\Administrator\Application Data\MSN6
2010-03-02 16:04:00 ----A---- C:\WINDOWS\ntbtlog.txt
======List of files/folders modified in the last 1 months======
2010-03-20 12:44:06 ----AD---- C:\WINDOWS\system32
2010-03-20 12:40:30 ----AD---- C:\WINDOWS
2010-03-20 12:40:03 ----D---- C:\WINDOWS\Temp
2010-03-20 11:59:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-20 11:19:31 ----D---- C:\WINDOWS\Prefetch
2010-03-19 14:46:03 ----D---- C:\WINDOWS\system32\config
2010-03-19 14:39:49 ----D---- C:\WINDOWS\system32\wbem
2010-03-19 14:39:41 ----D---- C:\WINDOWS\Registration
2010-03-19 14:39:07 ----D---- C:\WINDOWS\system32\drivers
2010-03-19 14:38:16 ----SHD---- C:\WINDOWS\Installer
2010-03-19 14:36:06 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-03-19 14:35:52 ----HD---- C:\WINDOWS\inf
2010-03-19 14:34:33 ----D---- C:\WINDOWS\AppPatch
2010-03-19 14:04:21 ----D---- C:\WINDOWS\WinSxS
2010-03-19 14:00:34 ----A---- C:\WINDOWS\imsins.BAK
2010-03-19 13:59:42 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-19 13:58:11 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-19 13:58:08 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-19 03:25:26 ----D---- C:\IBMSHARE
2010-03-16 18:01:57 ----D---- C:\Program Files\CA
2010-03-16 16:58:32 ----D---- C:\WINDOWS\Help
2010-03-13 17:46:52 ----D---- C:\WINDOWS\mui
2010-03-12 21:27:44 ----D---- C:\WINDOWS\PCHealth
2010-03-12 21:27:26 ----D---- C:\Program Files\Windows Media Player
2010-03-12 21:27:02 ----AD---- C:\WINDOWS\system32\oobe
2010-03-12 21:26:57 ----D---- C:\Program Files\Common Files\System
2010-03-06 13:55:54 ----D---- C:\WINDOWS\security
2010-03-06 12:29:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-06 12:29:15 ----HD---- C:\Program Files\Uninstall Information
2010-03-06 12:28:21 ----RD---- C:\Program Files
2010-03-06 12:26:08 ----RSD---- C:\WINDOWS\assembly
2010-03-06 12:20:28 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-06 12:09:16 ----D---- C:\Program Files\Internet Explorer
2010-03-06 11:57:51 ----D---- C:\Program Files\Common Files
2010-03-06 11:35:12 ----D---- C:\WINDOWS\system32\DirectX
2010-03-06 11:10:37 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2010-03-06 10:37:54 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-03-05 22:09:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-05 20:53:18 ----A---- C:\WINDOWS\win.ini
2010-03-03 17:47:03 ----SHD---- C:\RECYCLER
2010-03-03 17:31:02 ----D---- C:\Documents and Settings\All Users\Application Data\IBM
2010-03-03 15:46:26 ----D---- C:\Program Files\MSN
2010-03-02 16:43:43 ----D---- C:\WINDOWS\system32\appmgmt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-11-02 28672]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 36096]
R2 ibmfilter;ibmfilter; \??\C:\WINDOWS\system32\drivers\ibmfilter.sys []
R2 PMEM;PMEM; \??\C:\WINDOWS\system32\drivers\PMEMNT.SYS []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-10-23 100384]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\System32\DRIVERS\b57xp32.sys [2004-03-29 113664]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2004-10-08 752093]
R3 IBMTRP;IBM Token-Ring PCI Adapter (Generic); C:\WINDOWS\system32\DRIVERS\IBMTRP.SYS [2001-08-17 109085]
R3 portio;TPM Service; C:\WINDOWS\System32\DRIVERS\NscTpmDD.sys [2004-04-27 14695]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-04-09 612352]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 pelmouse;Mouse Suite Driver; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2003-01-10 16384]
S3 pelusblf;USB Mouse Low Filter Driver; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2003-02-11 9216]
S3 psadd;IBM PSA Access Driver; \??\C:\WINDOWS\system32\Drivers\psadd.sys []
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2004-08-04 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2004-08-04 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2004-08-04 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2004-08-04 43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2004-08-04 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2004-08-04 41088]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2004-08-04 42240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 IBM Rapid Restore Ultra Service;IBM Rapid Restore Ultra Service; C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe [2004-03-19 339968]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 InoRPC;eTrust Antivirus RPC Server; C:\Program Files\CA\eTrust Antivirus\InoRpc.exe [2004-04-07 139536]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 PestPatrol Remote;PestPatrol Remote; C:\WINDOWS\system32\ppRemoteService.exe [2006-09-22 286720]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 InoRT;eTrust Antivirus Realtime Server; C:\Program Files\CA\eTrust Antivirus\InoRT.exe [2004-04-07 241936]
S2 InoTask;eTrust Antivirus Job Server; C:\Program Files\CA\eTrust Antivirus\InoTask.exe [2004-04-07 254224]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe [2003-09-30 96824]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-03-20 12:57:34
Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (8%) free of 15 GB
Total RAM: 1014 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:57:37, on 20. 3. 2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\WINDOWS\system32\FSRremoS.EXE
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ppRemoteService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\PestPatrol\PPMCActiveDetection.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Internet programy\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
D:\Stiahnuté súbory\RSIT.exe
D:\Program Files\Internet programy\HijackThis\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.2.4:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = lintweb;infhp;10.*;*.rp;*.*.rp;*.*.*.rp;*.*.*.*.rp;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [UC_Start] C:\Program Files\IBM\Updater\\ucstartup.exe
O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe
O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: SAPlpd.lnk = C:\Program Files\SAP\FrontEnd\SAPgui\SAPlpd\SAPlpd.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4544828265
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PestPatrol Remote - Computer Associates International, Inc. - C:\WINDOWS\system32\ppRemoteService.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 5301 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-10-08 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-10-08 126976]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360]
"UC_Start"=C:\Program Files\IBM\Updater\\ucstartup.exe [2003-09-30 36864]
"UC_SMB"= []
""= []
"ibmmessages"=C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe [2004-04-20 438272]
"IBMPRC"=C:\IBMTOOLS\UTILS\ibmprc.exe [2004-03-19 90112]
"Mouse Suite 98 Daemon"=C:\WINDOWS\system32\ICO.EXE [2003-11-20 57344]
"Realtime Monitor"=C:\PROGRA~1\CA\ETRUST~1\realmon.exe [2004-04-07 504080]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [2003-05-14 188416]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"ibmmessages"=C:\Program Files\IBM\Messages By IBM\ibmmessages.exe [2004-04-20 438272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-10-08 344064]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
pwdmon
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\IBM\Updater\ucsmb.exe"="%ProgramFiles%\IBM\Updater\ucsmb.exe:*:enabled:IBM Update Connector"
"%ProgramFiles%\IBM\Updater\jre\bin\java.exe"="%ProgramFiles%\IBM\Updater\jre\bin\java.exe:*:enabled:IBM Update Connector"
"%ProgramFiles%\IBM\Updater\jre\bin\javaw.exe"="%ProgramFiles%\IBM\Updater\jre\bin\javaw.exe:*:enabled:IBM Update Connector"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\SAP\FrontEnd\SAPgui\saplogon.exe"="C:\Program Files\SAP\FrontEnd\SAPgui\saplogon.exe:*:Enabled:SAP Logon for Windows"
"C:\Program Files\SAP\FrontEnd\SAPgui\SAPlpd\SAPlpd.exe"="C:\Program Files\SAP\FrontEnd\SAPgui\SAPlpd\SAPlpd.exe:*:Enabled:SAPlpd"
"C:\Program Files\CA\eTrust Antivirus\Realmon.exe"="C:\Program Files\CA\eTrust Antivirus\Realmon.exe:*:Enabled:Realmon"
"C:\Program Files\CA\eTrust Antivirus\InoRpc.exe"="C:\Program Files\CA\eTrust Antivirus\InoRpc.exe:*:Enabled:eTrust Antivirus - RPC Server"
"C:\Program Files\CA\eTrust Antivirus\InocIT.exe"="C:\Program Files\CA\eTrust Antivirus\InocIT.exe:*:Enabled:eTrust Antivirus - Local Scanner"
"C:\Program Files\CA\eTrust Antivirus\Shellscn.exe"="C:\Program Files\CA\eTrust Antivirus\Shellscn.exe:*:Disabled:Shellscn"
"C:\Documents and Settings\Milco Maros\Local Settings\Application Data\Skype\Phone\Skype.exe"="C:\Documents and Settings\Milco Maros\Local Settings\Application Data\Skype\Phone\Skype.exe:*:Disabled:Skype. Take a deep breath "
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer"
"D:\Program Files\Internet programy\ICQ7.0\ICQ.exe"="D:\Program Files\Internet programy\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Program Files\Internet programy\ICQ7.0\aolload.exe"="D:\Program Files\Internet programy\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"D:\Program Files\Internet programy\Phone\Skype.exe"="D:\Program Files\Internet programy\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%ProgramFiles%\IBM\Updater\ucsmb.exe"="%ProgramFiles%\IBM\Updater\ucsmb.exe:*:enabled:IBM Update Connector"
"%ProgramFiles%\IBM\Updater\jre\bin\java.exe"="%ProgramFiles%\IBM\Updater\jre\bin\java.exe:*:enabled:IBM Update Connector"
"%ProgramFiles%\IBM\Updater\jre\bin\javaw.exe"="%ProgramFiles%\IBM\Updater\jre\bin\javaw.exe:*:enabled:IBM Update Connector"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Internet programy\ICQ7.0\ICQ.exe"="D:\Program Files\Internet programy\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Program Files\Internet programy\ICQ7.0\aolload.exe"="D:\Program Files\Internet programy\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-03-20 12:57:34 ----D---- C:\rsit
2010-03-19 15:16:06 ----A---- C:\Pltfrm2.ini
2010-03-19 14:04:43 ----DC---- C:\WINDOWS\$NtUninstallKB956802$
2010-03-19 14:00:44 ----DC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-19 14:00:26 ----DC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-03-19 13:59:51 ----DC---- C:\WINDOWS\$NtUninstallKB923561$
2010-03-19 13:59:05 ----DC---- C:\WINDOWS\$NtUninstallKB975467$
2010-03-19 13:58:42 ----DC---- C:\WINDOWS\$NtUninstallKB968389$
2010-03-19 13:57:38 ----DC---- C:\WINDOWS\$NtUninstallKB969947$
2010-03-13 17:43:32 ----D---- C:\Config.Msi
2010-03-12 20:49:59 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2010-03-12 20:46:08 ----D---- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2010-03-12 20:39:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-03-12 20:16:28 ----A---- C:\WINDOWS\WTRDICT.INI
2010-03-12 20:16:28 ----A---- C:\WINDOWS\STXKBDSS.INI
2010-03-12 20:15:58 ----A---- C:\WINDOWS\WINTRAN.INI
2010-03-12 20:15:58 ----A---- C:\WINDOWS\STXKBDTS.INI
2010-03-06 15:13:21 ----D---- C:\Documents and Settings\Administrator\Application Data\WinRAR
2010-03-06 12:53:29 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-06 12:50:37 ----D---- C:\Documents and Settings\Administrator\Application Data\Publish Providers
2010-03-06 12:29:16 ----N---- C:\WINDOWS\system32\dbmsqlgc.dll
2010-03-06 12:29:16 ----N---- C:\WINDOWS\system32\dbmsgnet.dll
2010-03-06 12:28:21 ----D---- C:\Program Files\Microsoft SQL Server
2010-03-06 12:26:08 ----D---- C:\Documents and Settings\Administrator\Application Data\Sony
2010-03-06 12:16:56 ----D---- C:\Program Files\Vstplugins
2010-03-06 12:16:29 ----D---- C:\Documents and Settings\All Users\Application Data\Sony
2010-03-06 12:04:17 ----D---- C:\Documents and Settings\Administrator\Application Data\Sony Setup
2010-03-06 11:58:40 ----D---- C:\Documents and Settings\Administrator\Application Data\ACD Systems
2010-03-06 11:57:52 ----D---- C:\Documents and Settings\All Users\Application Data\ACD Systems
2010-03-06 11:57:51 ----D---- C:\Program Files\Common Files\ACD Systems
2010-03-06 11:35:11 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-03-06 11:35:10 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-06 11:30:34 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-03-06 11:30:34 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-03-06 11:30:34 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-03-06 11:30:34 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-03-06 11:06:00 ----A---- C:\WINDOWS\system32\hpzsnt07.dll
2010-03-05 22:26:54 ----D---- C:\WINDOWS\Logs
2010-03-05 22:23:15 ----D---- C:\WINDOWS\RegisteredPackages
2010-03-05 22:20:52 ----D---- C:\Documents and Settings\Administrator\Application Data\Winamp
2010-03-05 22:17:48 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2010-03-05 22:16:50 ----D---- C:\Program Files\Skype
2010-03-05 22:09:25 ----D---- C:\Documents and Settings\Administrator\Application Data\ICQ
2010-03-05 21:54:41 ----D---- C:\Program Files\hp deskjet 3420 series
2010-03-05 21:52:27 ----D---- C:\Program Files\Hewlett-Packard
2010-03-04 15:22:36 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-03-03 17:57:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Mozilla
2010-03-03 17:20:18 ----A---- C:\WINDOWS\IE4 Error Log.txt
2010-03-03 15:45:39 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2010-03-03 15:45:39 ----D---- C:\Documents and Settings\Administrator\Application Data\MSN6
2010-03-02 16:04:00 ----A---- C:\WINDOWS\ntbtlog.txt
======List of files/folders modified in the last 1 months======
2010-03-20 12:44:06 ----AD---- C:\WINDOWS\system32
2010-03-20 12:40:30 ----AD---- C:\WINDOWS
2010-03-20 12:40:03 ----D---- C:\WINDOWS\Temp
2010-03-20 11:59:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-20 11:19:31 ----D---- C:\WINDOWS\Prefetch
2010-03-19 14:46:03 ----D---- C:\WINDOWS\system32\config
2010-03-19 14:39:49 ----D---- C:\WINDOWS\system32\wbem
2010-03-19 14:39:41 ----D---- C:\WINDOWS\Registration
2010-03-19 14:39:07 ----D---- C:\WINDOWS\system32\drivers
2010-03-19 14:38:16 ----SHD---- C:\WINDOWS\Installer
2010-03-19 14:36:06 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-03-19 14:35:52 ----HD---- C:\WINDOWS\inf
2010-03-19 14:34:33 ----D---- C:\WINDOWS\AppPatch
2010-03-19 14:04:21 ----D---- C:\WINDOWS\WinSxS
2010-03-19 14:00:34 ----A---- C:\WINDOWS\imsins.BAK
2010-03-19 13:59:42 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-19 13:58:11 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-19 13:58:08 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-19 03:25:26 ----D---- C:\IBMSHARE
2010-03-16 18:01:57 ----D---- C:\Program Files\CA
2010-03-16 16:58:32 ----D---- C:\WINDOWS\Help
2010-03-13 17:46:52 ----D---- C:\WINDOWS\mui
2010-03-12 21:27:44 ----D---- C:\WINDOWS\PCHealth
2010-03-12 21:27:26 ----D---- C:\Program Files\Windows Media Player
2010-03-12 21:27:02 ----AD---- C:\WINDOWS\system32\oobe
2010-03-12 21:26:57 ----D---- C:\Program Files\Common Files\System
2010-03-06 13:55:54 ----D---- C:\WINDOWS\security
2010-03-06 12:29:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-06 12:29:15 ----HD---- C:\Program Files\Uninstall Information
2010-03-06 12:28:21 ----RD---- C:\Program Files
2010-03-06 12:26:08 ----RSD---- C:\WINDOWS\assembly
2010-03-06 12:20:28 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-06 12:09:16 ----D---- C:\Program Files\Internet Explorer
2010-03-06 11:57:51 ----D---- C:\Program Files\Common Files
2010-03-06 11:35:12 ----D---- C:\WINDOWS\system32\DirectX
2010-03-06 11:10:37 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2010-03-06 10:37:54 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-03-05 22:09:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-05 20:53:18 ----A---- C:\WINDOWS\win.ini
2010-03-03 17:47:03 ----SHD---- C:\RECYCLER
2010-03-03 17:31:02 ----D---- C:\Documents and Settings\All Users\Application Data\IBM
2010-03-03 15:46:26 ----D---- C:\Program Files\MSN
2010-03-02 16:43:43 ----D---- C:\WINDOWS\system32\appmgmt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-11-02 28672]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 36096]
R2 ibmfilter;ibmfilter; \??\C:\WINDOWS\system32\drivers\ibmfilter.sys []
R2 PMEM;PMEM; \??\C:\WINDOWS\system32\drivers\PMEMNT.SYS []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-10-23 100384]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\System32\DRIVERS\b57xp32.sys [2004-03-29 113664]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2004-10-08 752093]
R3 IBMTRP;IBM Token-Ring PCI Adapter (Generic); C:\WINDOWS\system32\DRIVERS\IBMTRP.SYS [2001-08-17 109085]
R3 portio;TPM Service; C:\WINDOWS\System32\DRIVERS\NscTpmDD.sys [2004-04-27 14695]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-04-09 612352]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 pelmouse;Mouse Suite Driver; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2003-01-10 16384]
S3 pelusblf;USB Mouse Low Filter Driver; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2003-02-11 9216]
S3 psadd;IBM PSA Access Driver; \??\C:\WINDOWS\system32\Drivers\psadd.sys []
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2004-08-04 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2004-08-04 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2004-08-04 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2004-08-04 43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2004-08-04 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2004-08-04 41088]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2004-08-04 42240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 IBM Rapid Restore Ultra Service;IBM Rapid Restore Ultra Service; C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe [2004-03-19 339968]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 InoRPC;eTrust Antivirus RPC Server; C:\Program Files\CA\eTrust Antivirus\InoRpc.exe [2004-04-07 139536]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 PestPatrol Remote;PestPatrol Remote; C:\WINDOWS\system32\ppRemoteService.exe [2006-09-22 286720]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 InoRT;eTrust Antivirus Realtime Server; C:\Program Files\CA\eTrust Antivirus\InoRT.exe [2004-04-07 241936]
S2 InoTask;eTrust Antivirus Job Server; C:\Program Files\CA\eTrust Antivirus\InoTask.exe [2004-04-07 254224]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe [2003-09-30 96824]
-----------------EOF-----------------
