Logfile of random's system information tool 1.08 (written by random/random)
Run by Pepa at 2011-02-03 22:33:49
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 137 GB (45%) free of 305 GB
Total RAM: 2047 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:34:25, on 3.2.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Games\husita new\husita 1-00-08_client\mu.exe
C:\Games\husita new\husita 1-00-08_client\mini.exe
C:\Games\husita new\husita 1-00-08_client\main.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Pepa\Desktop\RSIT.exe
C:\Program Files\trend micro\Pepa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: UltiDev Cassini Web Server for ASP.NET 2.0 - UltiDev LLC - C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe
--
End of file - 5221 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{5B014712-8C0F-4A4E-BF00-DE5895507B72}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Steam"=C:\Program Files\Steam\steam.exe [2010-11-17 1242448]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2011-01-05 133432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2011-02-03 22:33:49 ----D---- C:\rsit
2011-02-03 22:33:49 ----D---- C:\Program Files\trend micro
2011-01-30 23:28:49 ----D---- C:\Program Files\Lavalys
2011-01-30 22:34:34 ----A---- C:\Windows\system32\drivers\PnkBstrK.sys
2011-01-23 17:42:33 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-01-23 17:13:24 ----D---- C:\Users\Pepa\AppData\Roaming\Ventrilo
2011-01-12 07:37:55 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 07:37:53 ----A---- C:\Windows\system32\sdclt.exe
2011-01-08 18:25:08 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-01-08 18:25:08 ----A---- C:\Windows\system32\x3daudio1_2.dll
2011-01-08 18:25:08 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-01-08 18:25:08 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-01-08 18:25:07 ----A---- C:\Windows\system32\xinput1_3.dll
2011-01-08 18:25:07 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-01-08 18:25:07 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-01-08 18:25:07 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-01-08 18:25:07 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-01-08 18:25:07 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-01-08 18:25:07 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-01-08 18:25:06 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-01-08 18:25:06 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-01-08 18:25:06 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-01-08 18:25:06 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-01-08 18:25:06 ----A---- C:\Windows\system32\d3dx10.dll
2011-01-08 18:25:04 ----A---- C:\Windows\system32\xinput1_2.dll
2011-01-08 18:25:04 ----A---- C:\Windows\system32\xinput1_1.dll
2011-01-08 18:25:04 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-01-08 18:25:04 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-01-08 18:25:04 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-01-08 18:25:04 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-01-08 18:25:00 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-01-08 18:25:00 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-01-08 18:25:00 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-01-08 18:25:00 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-01-08 18:24:59 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-01-08 18:24:59 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-01-08 18:24:59 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-01-08 18:24:59 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-01-08 18:23:14 ----A---- C:\Windows\game.ini
2011-01-08 18:08:51 ----D---- C:\Program Files\Activision
======List of files/folders modified in the last 1 months======
2011-02-03 22:34:01 ----D---- C:\Windows\Temp
2011-02-03 22:34:01 ----D---- C:\Windows\Prefetch
2011-02-03 22:33:49 ----RD---- C:\Program Files
2011-02-03 22:28:07 ----D---- C:\Users\Pepa\AppData\Roaming\Skype
2011-02-03 22:07:30 ----D---- C:\Windows\System32
2011-02-03 22:07:25 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-02-03 16:08:34 ----D---- C:\Users\Pepa\AppData\Roaming\skypePM
2011-02-03 10:19:30 ----SHD---- C:\System Volume Information
2011-02-03 09:16:17 ----D---- C:\Windows\inf
2011-02-03 09:16:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-03 09:12:16 ----D---- C:\Program Files\Steam
2011-02-03 09:11:58 ----D---- C:\ProgramData\NVIDIA
2011-02-02 18:00:20 ----D---- C:\Users\Pepa\AppData\Roaming\ICQ
2011-02-01 16:42:55 ----A---- C:\Windows\system32\PnkBstrA.exe
2011-01-31 19:39:12 ----SHD---- C:\Windows\Installer
2011-01-31 19:39:12 ----SD---- C:\Users\Pepa\AppData\Roaming\Microsoft
2011-01-30 23:27:15 ----D---- C:\Windows\system32\drivers
2011-01-30 22:31:18 ----A---- C:\Windows\system32\pbsvc.exe
2011-01-30 19:22:13 ----A---- C:\Windows\CoD.INI
2011-01-30 18:42:03 ----D---- C:\Windows\system32\catroot2
2011-01-30 18:37:44 ----D---- C:\Windows
2011-01-30 18:37:23 ----D---- C:\Windows\system32\Msdtc
2011-01-30 18:37:20 ----D---- C:\Windows\system32\wbem
2011-01-30 18:34:32 ----D---- C:\Windows\system32\config
2011-01-30 18:34:20 ----D---- C:\Windows\Tasks
2011-01-30 18:34:20 ----D---- C:\Windows\system32\spool
2011-01-30 18:34:19 ----D---- C:\Users\Pepa\AppData\Roaming\Winamp
2011-01-30 18:34:19 ----D---- C:\Users\Pepa\AppData\Roaming\uTorrent
2011-01-30 18:34:19 ----D---- C:\Users\Pepa\AppData\Roaming\TS3Client
2011-01-30 18:34:18 ----D---- C:\Windows\registration
2011-01-30 18:29:25 ----D---- C:\Windows\Logs
2011-01-29 13:17:04 ----D---- C:\Games
2011-01-23 17:42:33 ----D---- C:\Program Files\Common Files
2011-01-12 07:38:51 ----A---- C:\Windows\system32\mrt.exe
2011-01-12 07:38:43 ----D---- C:\Windows\winsxs
2011-01-12 07:37:48 ----D---- C:\Windows\system32\catroot
2011-01-12 07:32:53 ----D---- C:\Program Files\Common Files\Steam
2011-01-08 22:23:34 ----SD---- C:\ProgramData\Microsoft
2011-01-08 19:26:25 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-08 18:25:04 ----RSD---- C:\Windows\assembly
2011-01-08 18:25:01 ----D---- C:\Windows\Microsoft.NET
2011-01-06 07:42:41 ----D---- C:\Program Files\ICQ7.0
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-11-16 50704]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-21 20992]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-04-03 11573800]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Games\Garena\plugins\UI\safedrv.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-02-01 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-04-03 240232]
R2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0; C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2010-08-09 49152]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-01-11 407336]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------