VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu, neznámý soubor pdfupd.exe

https://forum.viry.cz:443/viewtopic.php?t=99655

Stránka 1 z 1

Prosím o kontrolu logu, neznámý soubor pdfupd.exe

Napsal: 03 dub 2010 08:50
od Dwerw
Zdravím, potřeboval bych zkontrolovat log. Asi jsem včera někde chytil nějakou divnou věc, která se dneska otevřela mezi procesy při spuštění PC, tak jsem ji radši hned killnul. Jde o pdfupd.exe.
Předem díky.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Z1 at 2010-04-03 09:44:51
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 13 GB (31%) free of 40 GB
Total RAM: 2046 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:44:53, on 3.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Sygate\SPF\smc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Creative\Shared Files\CTAudSvc.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\RivaTuner v2.06\RivaTuner.exe
D:\WINDOWS\CTHELPER.EXE
D:\Program Files\Razer\Copperhead\razerhid.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Razer\Copperhead\razerofa.exe
D:\Documents and Settings\Z1\Plocha\speedfan.exe
E:\Program Files\Opera\opera.exe
E:\Program Files\totalcmd\TOTALCMD.EXE
D:\WINDOWS\system32\NOTEPAD.EXE
c:\užitečné\RSIT.exe
c:\užitečné\Z1.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RivaTuner] "D:\Program Files\RivaTuner v2.06\RivaTuner.exe" /T
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [razer] D:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [start 1] D:\DOCUME~1\Z1\LOCALS~1\Temp\pdfupd.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - D:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - D:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Japanese Input Cache Service (GoogleIMEJaCacheService) - Google Inc. - D:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Služba Google Update (gupdate1ca2a1d270654e8) (gupdate1ca2a1d270654e8) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccess - Unknown owner - D:\Program Files\Blaze Media Pro\NMSAccess32.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - D:\Program Files\Sygate\SPF\smc.exe

--
End of file - 6466 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\Google Software Updater.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-08-31 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-29 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmcService"=D:\PROGRA~1\Sygate\SPF\smc.exe [2004-10-15 2577632]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
"RivaTuner"=D:\Program Files\RivaTuner v2.06\RivaTuner.exe [2007-10-30 2650112]
"IMJPMIG8.1"=D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-03-02 208952]
"MSPY2002"=D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2006-03-02 59392]
"PHIME2002ASync"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
"PHIME2002A"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
"CTHelper"=D:\WINDOWS\CTHELPER.EXE [2006-05-24 17920]
"UpdReg"=D:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"razer"=D:\Program Files\Razer\Copperhead\razerhid.exe [2005-10-08 155648]
"egui"=D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-11 2054360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"start 1"=D:\DOCUME~1\Z1\LOCALS~1\Temp\pdfupd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
D:\WINDOWS\system32\CTXFIHLP.EXE [2009-06-04 25600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
E:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
D:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
E:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Java\jre6\bin\jusched.exe [2009-08-29 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-31 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
D:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2006-07-13 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
D:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Z1^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.1.lnk]
D:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-05-15 384512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=2
"gupdate1ca2a1d270654e8"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoActiveDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"D:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="D:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"E:\Program Files\Miranda IM\miranda32.exe"="E:\Program Files\Miranda IM\miranda32.exe:*:Disabled:Miranda IM"
"D:\Program Files\Azureus\Azureus.exe"="D:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"E:\Program Files\iTunes\iTunes.exe"="E:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\DOCUME~1\Z1\LOCALS~1\Temp\pdfupd.exe"="D:\DOCUME~1\Z1\LOCALS~1\Temp\pdfupd.exe:*:Enabled:ldrsoft"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"D:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="D:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-03 09:44:51 ----D---- D:\rsit
2010-03-15 11:44:21 ----D---- D:\Program Files\C-EGG
2010-03-11 02:44:05 ----HDC---- D:\WINDOWS\$NtUninstallKB975561$
2010-03-06 16:21:56 ----HDC---- D:\WINDOWS\$NtUninstallKB977165-v2$
2010-03-06 16:21:50 ----HDC---- D:\WINDOWS\$NtUninstallKB979306$
2010-03-06 16:20:46 ----HDC---- D:\WINDOWS\$NtUninstallKB978706$
2010-03-06 16:20:41 ----HDC---- D:\WINDOWS\$NtUninstallKB971468$
2010-03-06 16:20:35 ----HDC---- D:\WINDOWS\$NtUninstallKB977914$
2010-03-06 16:20:29 ----HDC---- D:\WINDOWS\$NtUninstallKB978262$
2010-03-06 16:20:23 ----HDC---- D:\WINDOWS\$NtUninstallKB975560$
2010-03-06 16:20:15 ----HDC---- D:\WINDOWS\$NtUninstallKB978251$
2010-03-06 16:20:11 ----HDC---- D:\WINDOWS\$NtUninstallKB978037$
2010-03-06 16:20:06 ----HDC---- D:\WINDOWS\$NtUninstallKB975713$
2010-03-06 16:19:58 ----HDC---- D:\WINDOWS\$NtUninstallKB978207$
2010-03-06 16:19:53 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2010-03-06 16:19:41 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2010-03-06 16:18:35 ----D---- D:\WINDOWS\ie8updates
2010-03-06 16:18:12 ----D---- D:\WINDOWS\WBEM
2010-03-06 16:17:35 ----HDC---- D:\WINDOWS\ie8
2010-03-06 16:13:55 ----HDC---- D:\WINDOWS\$NtUninstallKB956744$
2010-03-06 16:13:49 ----HDC---- D:\WINDOWS\$NtUninstallKB973540_WM9$
2010-03-06 16:13:40 ----HDC---- D:\WINDOWS\$NtUninstallKB951978$
2010-03-06 15:56:40 ----A---- D:\WINDOWS\OEWABLog.txt
2010-03-06 15:53:29 ----HDC---- D:\WINDOWS\$NtUninstallKB976749$
2010-03-06 15:53:17 ----HDC---- D:\WINDOWS\$NtUninstallKB976325$
2010-03-06 15:53:10 ----HDC---- D:\WINDOWS\$NtUninstallKB975467$
2010-03-06 15:53:05 ----HDC---- D:\WINDOWS\$NtUninstallKB975025$
2010-03-06 15:52:57 ----HDC---- D:\WINDOWS\$NtUninstallKB974571$
2010-03-06 15:52:49 ----HDC---- D:\WINDOWS\$NtUninstallKB974455$
2010-03-06 15:52:42 ----HDC---- D:\WINDOWS\$NtUninstallKB974392$
2010-03-06 15:52:36 ----HDC---- D:\WINDOWS\$NtUninstallKB974318$
2010-03-06 15:52:30 ----HDC---- D:\WINDOWS\$NtUninstallKB974112$
2010-03-06 15:52:22 ----HDC---- D:\WINDOWS\$NtUninstallKB973869$
2010-03-06 15:52:15 ----HDC---- D:\WINDOWS\$NtUninstallKB973815$
2010-03-06 15:52:09 ----HDC---- D:\WINDOWS\$NtUninstallKB973687$
2010-03-06 15:52:02 ----HDC---- D:\WINDOWS\$NtUninstallKB973507$
2010-03-06 15:51:55 ----HDC---- D:\WINDOWS\$NtUninstallKB973354$
2010-03-06 15:51:45 ----HDC---- D:\WINDOWS\$NtUninstallKB974455_1$
2010-03-06 15:51:37 ----HDC---- D:\WINDOWS\$NtUninstallKB972260$
2010-03-06 15:51:30 ----HDC---- D:\WINDOWS\$NtUninstallKB971737$
2010-03-06 15:51:24 ----HDC---- D:\WINDOWS\$NtUninstallKB971657$
2010-03-06 15:51:17 ----HDC---- D:\WINDOWS\$NtUninstallKB971633$
2010-03-06 15:51:11 ----HDC---- D:\WINDOWS\$NtUninstallKB971557$
2010-03-06 15:51:02 ----HDC---- D:\WINDOWS\$NtUninstallKB971486$
2010-03-06 15:50:54 ----HDC---- D:\WINDOWS\$NtUninstallKB970430$
2010-03-06 15:50:47 ----HDC---- D:\WINDOWS\$NtUninstallKB970238$
2010-03-06 15:50:41 ----HDC---- D:\WINDOWS\$NtUninstallKB969947$
2010-03-06 15:50:35 ----HDC---- D:\WINDOWS\$NtUninstallKB969059$
2010-03-06 15:50:28 ----HDC---- D:\WINDOWS\$NtUninstallKB968537$
2010-03-06 15:50:20 ----HDC---- D:\WINDOWS\$NtUninstallKB968389$
2010-03-06 15:50:12 ----HDC---- D:\WINDOWS\$NtUninstallKB967715$
2010-03-06 15:50:06 ----HDC---- D:\WINDOWS\$NtUninstallKB961501$
2010-03-06 15:50:00 ----HDC---- D:\WINDOWS\$NtUninstallKB961371-v2$
2010-03-06 15:49:47 ----HDC---- D:\WINDOWS\$NtUninstallKB961118$
2010-03-06 15:49:40 ----HDC---- D:\WINDOWS\$NtUninstallKB960859$
2010-03-06 15:49:33 ----HDC---- D:\WINDOWS\$NtUninstallKB960803$
2010-03-06 15:49:27 ----HDC---- D:\WINDOWS\$NtUninstallKB960225$
2010-03-06 15:49:21 ----HDC---- D:\WINDOWS\$NtUninstallKB959426$
2010-03-06 15:49:14 ----HDC---- D:\WINDOWS\$NtUninstallKB958687$
2010-03-06 15:49:08 ----HDC---- D:\WINDOWS\$NtUninstallKB958644$
2010-03-06 15:49:01 ----HDC---- D:\WINDOWS\$NtUninstallKB957097$
2010-03-06 15:48:56 ----HDC---- D:\WINDOWS\$NtUninstallKB956844$
2010-03-06 15:48:49 ----HDC---- D:\WINDOWS\$NtUninstallKB956803$
2010-03-06 15:48:42 ----HDC---- D:\WINDOWS\$NtUninstallKB956802$
2010-03-06 15:48:29 ----HDC---- D:\WINDOWS\$NtUninstallKB956572$
2010-03-06 15:48:21 ----HDC---- D:\WINDOWS\$NtUninstallKB973687_1$
2010-03-06 15:48:15 ----HDC---- D:\WINDOWS\$NtUninstallKB955069$
2010-03-06 15:48:09 ----HDC---- D:\WINDOWS\$NtUninstallKB974112_1$
2010-03-06 15:48:03 ----HDC---- D:\WINDOWS\$NtUninstallKB954600$
2010-03-06 15:47:57 ----HDC---- D:\WINDOWS\$NtUninstallKB952954$
2010-03-06 15:47:50 ----HDC---- D:\WINDOWS\$NtUninstallKB952287$
2010-03-06 15:47:40 ----HDC---- D:\WINDOWS\$NtUninstallKB952004$
2010-03-06 15:47:32 ----HDC---- D:\WINDOWS\$NtUninstallKB951748$
2010-03-06 15:47:26 ----HDC---- D:\WINDOWS\$NtUninstallKB951376-v2$
2010-03-06 15:47:20 ----HDC---- D:\WINDOWS\$NtUninstallKB951066$
2010-03-06 15:47:12 ----HDC---- D:\WINDOWS\$NtUninstallKB950974$
2010-03-06 15:47:06 ----HDC---- D:\WINDOWS\$NtUninstallKB950762$
2010-03-06 15:47:00 ----HDC---- D:\WINDOWS\$NtUninstallKB946648$
2010-03-06 15:46:54 ----HDC---- D:\WINDOWS\$NtUninstallKB938464-v2$
2010-03-06 15:46:46 ----HDC---- D:\WINDOWS\$NtUninstallKB923561$
2010-03-06 15:44:59 ----A---- D:\WINDOWS\setuplog.txt
2010-03-06 15:43:50 ----D---- D:\WINDOWS\system32\cs-cz
2010-03-06 15:43:48 ----D---- D:\WINDOWS\system32\cs
2010-03-06 15:43:48 ----D---- D:\WINDOWS\system32\bits
2010-03-06 15:43:48 ----D---- D:\WINDOWS\l2schemas
2010-03-06 15:34:06 ----D---- D:\WINDOWS\network diagnostic
2010-03-06 15:30:34 ----HDC---- D:\WINDOWS\$NtServicePackUninstall$
2010-03-06 15:30:32 ----D---- D:\WINDOWS\EHome
2010-03-06 11:10:26 ----D---- D:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage

======List of files/folders modified in the last 1 months======

2010-04-03 09:44:51 ----D---- D:\WINDOWS\Prefetch
2010-04-03 09:43:50 ----D---- D:\WINDOWS\temp
2010-04-03 09:39:16 ----A---- D:\WINDOWS\wincmd.ini
2010-04-03 09:33:32 ----SD---- D:\WINDOWS\Tasks
2010-04-03 01:00:16 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-04-03 01:00:07 ----D---- D:\Documents and Settings\Z1\Data aplikací\uTorrent
2010-04-02 22:27:33 ----D---- D:\Documents and Settings\Z1\Data aplikací\Adobe
2010-04-01 09:20:37 ----D---- D:\WINDOWS
2010-04-01 09:18:55 ----D---- D:\WINDOWS\system32
2010-04-01 01:09:51 ----HD---- D:\WINDOWS\inf
2010-04-01 01:09:42 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-04-01 01:09:37 ----D---- D:\Program Files\Internet Explorer
2010-04-01 01:09:00 ----HD---- D:\WINDOWS\$hf_mig$
2010-04-01 01:08:58 ----D---- D:\WINDOWS\system32\CatRoot2
2010-03-31 17:59:13 ----A---- D:\WINDOWS\NeroDigital.ini
2010-03-29 19:44:53 ----D---- D:\WINDOWS\AppPatch
2010-03-29 19:34:52 ----SHD---- D:\WINDOWS\Installer
2010-03-29 19:34:52 ----D---- D:\Config.Msi
2010-03-28 10:25:40 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-03-15 11:44:21 ----RD---- D:\Program Files
2010-03-11 02:44:16 ----A---- D:\WINDOWS\imsins.BAK
2010-03-11 02:44:09 ----D---- D:\Program Files\Movie Maker
2010-03-06 22:41:26 ----D---- D:\Documents and Settings\Z1\Data aplikací\vlc
2010-03-06 16:23:13 ----D---- D:\WINDOWS\Help
2010-03-06 16:20:43 ----D---- D:\WINDOWS\system32\drivers
2010-03-06 16:19:50 ----D---- D:\WINDOWS\WinSxS
2010-03-06 16:19:50 ----D---- D:\Program Files\MSXML 4.0
2010-03-06 16:19:36 ----HDC---- D:\WINDOWS\$NtUninstallKB971961$
2010-03-06 16:18:15 ----D---- D:\WINDOWS\system32\config
2010-03-06 16:18:07 ----D---- D:\WINDOWS\Media
2010-03-06 16:16:28 ----D---- D:\WINDOWS\Debug
2010-03-06 16:15:27 ----D---- D:\WINDOWS\system32\CatRoot
2010-03-06 15:55:13 ----D---- D:\WINDOWS\system32\wbem
2010-03-06 15:55:13 ----D---- D:\WINDOWS\system32\Setup
2010-03-06 15:55:12 ----RSD---- D:\WINDOWS\Fonts
2010-03-06 15:54:22 ----D---- D:\WINDOWS\security
2010-03-06 15:51:57 ----D---- D:\Program Files\Outlook Express
2010-03-06 15:47:01 ----D---- D:\Program Files\Messenger
2010-03-06 15:44:29 ----D---- D:\Program Files\Windows Media Player
2010-03-06 15:44:11 ----D---- D:\WINDOWS\ime
2010-03-06 15:43:50 ----D---- D:\WINDOWS\system32\usmt
2010-03-06 15:43:48 ----D---- D:\WINDOWS\PeerNet
2010-03-06 15:38:23 ----D---- D:\WINDOWS\ServicePackFiles
2010-03-06 15:38:08 ----D---- D:\WINDOWS\system32\Restore
2010-03-06 15:38:07 ----D---- D:\WINDOWS\system32\npp
2010-03-06 15:38:06 ----D---- D:\WINDOWS\msagent
2010-03-06 15:38:03 ----D---- D:\WINDOWS\srchasst
2010-03-06 15:37:57 ----D---- D:\Program Files\NetMeeting
2010-03-06 15:37:54 ----D---- D:\WINDOWS\system32\Com
2010-03-06 15:37:46 ----D---- D:\Program Files\Windows NT
2010-03-06 15:37:41 ----D---- D:\Program Files\Common Files\System
2010-03-06 15:37:08 ----D---- D:\WINDOWS\system32\oobe
2010-03-06 15:37:04 ----D---- D:\WINDOWS\system
2010-03-05 21:43:54 ----D---- D:\WINDOWS\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; D:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 ehdrv;ehdrv; D:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 ElbyCDIO;ElbyCDIO Driver; D:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 epfwtdir;epfwtdir; D:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-11 96408]
R1 FsVga;FsVga; D:\WINDOWS\system32\DRIVERS\fsvga.sys [2006-03-02 12160]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 wpsdrvnt;wpsdrvnt; \??\D:\WINDOWS\system32\drivers\wpsdrvnt.sys []
R2 eamon;eamon; D:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 wg3n;SyGate for NT, wg3n; D:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [2004-10-15 14568]
R2 wg4n;SyGate for NT, wg4n; D:\WINDOWS\SYSTEM32\Drivers\wg4n.sys [2004-10-15 14568]
R2 wg5n;SyGate for NT, wg5n; D:\WINDOWS\SYSTEM32\Drivers\wg5n.sys [2004-10-15 14568]
R2 wg6n;SyGate for NT, wg6n; D:\WINDOWS\SYSTEM32\Drivers\wg6n.sys [2004-10-15 14568]
R3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CT20XUT.SYS;CT20XUT.SYS; D:\WINDOWS\System32\drivers\CT20XUT.SYS [2009-06-04 171032]
R3 ctac32k;Creative AC3 Software Decoder; D:\WINDOWS\system32\drivers\ctac32k.sys [2009-06-04 511000]
R3 ctaud2k;Creative Audio Driver (WDM); D:\WINDOWS\system32\drivers\ctaud2k.sys [2009-06-04 526232]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; D:\WINDOWS\System32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
R3 CTHWIUT.SYS;CTHWIUT.SYS; D:\WINDOWS\System32\drivers\CTHWIUT.SYS [2009-06-04 72728]
R3 ctprxy2k;Creative Proxy Driver; D:\WINDOWS\system32\drivers\ctprxy2k.sys [2009-06-04 14360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; D:\WINDOWS\system32\drivers\ctsfm2k.sys [2009-06-04 158744]
R3 ElbyCDFL;ElbyCDFL; D:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 emupia;E-mu Plug-in Architecture Driver; D:\WINDOWS\system32\drivers\emupia2k.sys [2009-06-04 95768]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ha20x2k;Creative 20X HAL Driver; D:\WINDOWS\system32\drivers\ha20x2k.sys [2009-06-04 1177624]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-05-01 8055584]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; D:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; D:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944]
R3 ossrv;Creative OS Services Driver; D:\WINDOWS\system32\drivers\ctoss2k.sys [2009-06-04 130072]
R3 Razerlow;Razer Copperhead Driver; D:\WINDOWS\System32\Drivers\Razerlow.sys [2005-08-12 19020]
R3 RivaTuner32;RivaTuner32; \??\D:\Program Files\RivaTuner v2.06\RivaTuner32.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; D:\WINDOWS\system32\drivers\ADIHdAud.sys []
S3 AEAudio;AE Audio Service; D:\WINDOWS\system32\drivers\AEAudio.sys []
S3 ahhhfeto;ahhhfeto; D:\WINDOWS\system32\drivers\ahhhfeto.sys []
S3 catchme;catchme; \??\D:\DOCUME~1\Z1\LOCALS~1\Temp\catchme.sys []
S3 CT20XUT;CT20XUT; D:\WINDOWS\system32\drivers\CT20XUT.SYS [2009-06-04 171032]
S3 ctdvda2k;Creative DVD-Audio Device Driver; D:\WINDOWS\system32\drivers\ctdvda2k.sys [2009-06-04 347080]
S3 CTEXFIFX;CTEXFIFX; D:\WINDOWS\system32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
S3 CTHWIUT;CTHWIUT; D:\WINDOWS\system32\drivers\CTHWIUT.SYS [2009-06-04 72728]
S3 esihdrv;esihdrv; \??\D:\DOCUME~1\Z1\LOCALS~1\Temp\esihdrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; D:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-25 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; D:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-25 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; D:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-25 21568]
S3 SenFiltService;SenFilt Service; D:\WINDOWS\system32\drivers\Senfilt.sys []
S3 USBAAPL;Apple Mobile USB Driver; D:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;Ovladač zvukové karty USB (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
S4 vsdatant;vsdatant; D:\WINDOWS\system32\drivers\vsdatant.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CTAudSvcService;Creative Audio Service; D:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 ekrn;ESET Service; D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]
R2 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SmcService;Sygate Personal Firewall; D:\Program Files\Sygate\SPF\smc.exe [2004-10-15 2577632]
R3 hpqcxs08;hpqcxs08; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 GoogleIMEJaCacheService;Google Japanese Input Cache Service; D:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [2010-03-12 558720]
S2 gupdate1ca2a1d270654e8;Služba Google Update (gupdate1ca2a1d270654e8); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-31 133104]
S2 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-31 194032]
S2 NMSAccess;NMSAccess; D:\Program Files\Blaze Media Pro\NMSAccess32.exe [2009-01-12 71096]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; D:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-08-30 79360]
S3 EhttpSrv;ESET HTTP Server; D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-11 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-30 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; D:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Prosím o kontrolu logu, neznámý soubor pdfupd.exe

Napsal: 03 dub 2010 10:04
od Marek-26
Udělejte pro jistotu ještě úplný scan v MBAM :wink: Odkaz na program a návod v mém podpisu.

Re: Prosím o kontrolu logu, neznámý soubor pdfupd.exe

Napsal: 03 dub 2010 12:33
od Dwerw
Ještě se chci zeptat na výsledky skenu (momentálně jsem ve spěchu, takže jsem udělal jen rychlý sken, pak kdyžtak udělám ještě úplný). Předpokládám, že všech 6 věcí mám odstranit, že?

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Verze databáze: 3948

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3.4.2010 13:30:12
mbam-log-2010-04-03 (13-30-12).txt

Typ skenu: Rychlý sken
Skenované objekty: 101456
Uplynulý čas: 4 minuta(y), 34 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 5

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\D:\WINDOWS\system32\memman.vxd (Rogue.sysCleaner) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
D:\WINDOWS\system32\memman.vxd (Rogue.sysCleaner) -> No action taken.
D:\Documents and Settings\Z1\Local Settings\Temporary Internet Files\Content.IE5\7QXGEX7B\svchost[1].exe (Trojan.Downloader) -> No action taken.
D:\Documents and Settings\Z1\Data aplikací\wiaserva.log (Malware.Trace) -> No action taken.
D:\Documents and Settings\Z1\Data aplikací\avdrn.dat (Malware.Trace) -> No action taken.
D:\WINDOWS\system32\config\systemprofile\Data aplikací\fvgqad.dat (Malware.Trace) -> No action taken.

Re: Prosím o kontrolu logu, neznámý soubor pdfupd.exe

Napsal: 03 dub 2010 12:46
od Marek-26
Určitě vše odstranit :)

Re: Prosím o kontrolu logu, neznámý soubor pdfupd.exe

Napsal: 03 dub 2010 16:54
od Dwerw
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Verze databáze: 3948

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3.4.2010 17:52:57
mbam-log-2010-04-03 (17-52-57).txt

Typ skenu: Rychlý sken
Skenované objekty: 101456
Uplynulý čas: 4 minuta(y), 34 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 5

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\D:\WINDOWS\system32\memman.vxd (Rogue.sysCleaner) -> Quarantined and deleted successfully.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
D:\WINDOWS\system32\memman.vxd (Rogue.sysCleaner) -> Quarantined and deleted successfully.
D:\Documents and Settings\Z1\Local Settings\Temporary Internet Files\Content.IE5\7QXGEX7B\svchost[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Documents and Settings\Z1\Data aplikací\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
D:\Documents and Settings\Z1\Data aplikací\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\config\systemprofile\Data aplikací\fvgqad.dat (Malware.Trace) -> Quarantined and deleted successfully.

Re: Prosím o kontrolu logu, neznámý soubor pdfupd.exe

Napsal: 03 dub 2010 18:27
od Dwerw
Tak jsem tedy udělal ještě i úplný sken.

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Verze databáze: 3948

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3.4.2010 19:26:24
mbam-log-2010-04-03 (19-26-24).txt

Typ skenu: Úplný sken (C:\|D:\|E:\|)
Skenované objekty: 261221
Uplynulý čas: 53 minuta(y), 48 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Honza\cracks\Adobe DreamWeaver CS3 9.0 Keygen + activation.exe (Trojan.Horst) -> Quarantined and deleted successfully.
D:\Documents and Settings\Z1\Local Settings\Data aplikací\{784E3329-1B2A-421E-9427-596088B766F6}\OFFLINE\71747601\2302A1E7\memman.vxd (Rogue.sysCleaner) -> Quarantined and deleted successfully.
D:\Documents and Settings\Z1\Local Settings\temp\mia1EE9.tmp\OFFLINE\71747601\2302A1E7\memman.vxd (Rogue.sysCleaner) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{6C79A327-CDDB-4623-8B2D-1D285AB3B989}\RP209\A0044352.vxd (Rogue.sysCleaner) -> Quarantined and deleted successfully.

Re: Prosím o kontrolu logu, neznámý soubor pdfupd.exe

Napsal: 03 dub 2010 23:30
od Marek-26
PC by měl být již čistý :) Klikněte na T-Cleaner v mém podpise a spusťte :wink: Doporučuji poté ještě proscanovat PC s tímto:
http://www.viry.cz/go.php?p=viry&t=clanek&id=59

A taky pročistit PC CCleanerem a Defragmentovat pevné disky :D
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz