předvánoční dáreček

Zpráva

atka3211 · #1 Příspěvek od **atka3211** » 24 pro 2015 21:06

Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2015-12-24 20:57:21
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (3%) free of 57 GB
Total RAM: 1526 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:57:41, on 24.12.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Panasonic\Hotkey Appendix\HKEYAPP.EXE
C:\Program Files\Sophos\AutoUpdate\almon.exe
C:\Program Files\FIDTPU\WIN2K\FTMSFLTU.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RButton.exe
C:\Program Files\Panasonic\CHGBMODE\ChgBmode.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Program Files\Opera\34.0.2036.25\opera_crashreporter.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Program Files\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\ALUpdate.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://houmpage.com/?src=hp&ssid=144994 ... a506a00588
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://unstopp.me/wpad.dat?a2ef535ccc82 ... 90d2526728
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - (no file)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Panasonic Hotkey Manager] C:\Program Files\Panasonic\Hotkey Appendix\HKEYAPP.EXE
O4 - HKLM\..\Run: [Sophos AutoUpdate Monitor] C:\Program Files\Sophos\AutoUpdate\almon.exe
O4 - HKLM\..\Run: [Andy] C:\Program Files\Andy\HandyAndy.exe
O4 - HKLM\..\Run: [FTMSFLT(USB)] C:\Program Files\FIDTPU\WIN2K\FTMSFLTU.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Economy Mode(ECO) Setting Utility.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application data\sophos\web intelligence\swi_ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application data\sophos\web intelligence\swi_ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application data\sophos\web intelligence\swi_ifslsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0809850468
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: mrDPMServer3 - SPSS Limited - C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\5.6.0.0\DPMServerService.exe
O23 - Service: mrPerfMonitoring - SPSS Limited - C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\5.6.0.0\SPSSMR.Management.Monitoring.Service.exe
O23 - Service: mrUserAdminServer - SPSS Limited - C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\mrUserAdminServer.exe
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Limited - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Sophos Web Intelligence Service (swi_service) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
O23 - Service: Sophos Web Intelligence Update (swi_update) - Sophos Limited - C:\Documents and Settings\All Users\Application Data\Sophos\Web Intelligence\swi_update.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

--
End of file - 6626 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1450956353.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-15 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-15 688218]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-10-06 98304]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-10-06 114688]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-10-06 94208]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"Panasonic Hotkey Manager"=C:\Program Files\Panasonic\Hotkey Appendix\HKEYAPP.EXE [2006-11-30 976528]
"Sophos AutoUpdate Monitor"=C:\Program Files\Sophos\AutoUpdate\almon.exe [2015-06-30 1592104]
"Andy"=C:\Program Files\Andy\HandyAndy.exe []
"FTMSFLT(USB)"=C:\Program Files\FIDTPU\WIN2K\FTMSFLTU.EXE [2005-06-23 82063]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2015-08-06 2162152]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Economy Mode(ECO) Setting Utility.lnk - C:\Program Files\Panasonic\CHGBMODE\ChgBmode.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-10-06 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SAVService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\UltraVNC\winvnc.exe"="C:\Program Files\UltraVNC\winvnc.exe:*:Enabled:winvnc.exe"
"C:\Program Files\UltraVNC\vncviewer.exe"="C:\Program Files\UltraVNC\vncviewer.exe:*:Enabled:vncviewer.exe"
"C:\Program Files\BrillKids\Little Math\Little Math.exe"="C:\Program Files\BrillKids\Little Math\Little Math.exe:*:Enabled:BrillKids Little Math"
"C:\Program Files\BrillKids\Little Musician\Little Musician.exe"="C:\Program Files\BrillKids\Little Musician\Little Musician.exe:*:Enabled:BrillKids Little Musician"
"C:\Program Files\BrillKids\Little Reader\Little Reader.exe"="C:\Program Files\BrillKids\Little Reader\Little Reader.exe:*:Enabled:BrillKids Little Reader"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.5"
"C:\Program Files\SimpleFiles\SimpleFiles.exe"="C:\Program Files\SimpleFiles\SimpleFiles.exe:*:Enabled:SimpleFiles"
"C:\Program Files\SimpleFiles\downloader.exe"="C:\Program Files\SimpleFiles\downloader.exe:*:Enabled:SimpleFiles"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-12-24 20:56:01 ----D---- C:\rsit
2015-12-24 20:56:01 ----D---- C:\Program Files\trend micro
2015-12-24 18:36:18 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2015-12-24 12:35:44 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-24 12:26:12 ----D---- C:\Documents and Settings\user\Application Data\Opera Software
2015-12-24 12:25:53 ----D---- C:\Program Files\Opera
2015-12-12 19:15:12 ----D---- C:\Documents and Settings\user\Application Data\SimpleFiles
2015-12-12 19:09:31 ----D---- C:\Program Files\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77
2015-12-12 19:09:10 ----D---- C:\Documents and Settings\All Users\Application Data\4f596ec3-77fb-4fc3-82cb-691c42c71d77

======List of files/folders modified in the last 1 month======

2015-12-24 20:56:01 ----RD---- C:\Program Files
2015-12-24 20:55:04 ----D---- C:\WINDOWS\system32\inetsrv
2015-12-24 20:51:40 ----D---- C:\WINDOWS\Temp
2015-12-24 20:51:23 ----D---- C:\WINDOWS\system32\CatRoot2
2015-12-24 20:51:15 ----D---- C:\WINDOWS
2015-12-24 20:49:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-12-24 19:51:32 ----D---- C:\Documents and Settings\user\Application Data\vlc
2015-12-24 18:40:47 ----HD---- C:\WINDOWS\inf
2015-12-24 18:40:47 ----D---- C:\WINDOWS\system32\drivers
2015-12-24 12:35:47 ----SD---- C:\WINDOWS\Tasks
2015-12-24 12:35:44 ----D---- C:\WINDOWS\system32
2015-12-24 12:26:16 ----D---- C:\WINDOWS\Prefetch
2015-12-14 22:27:53 ----A---- C:\WINDOWS\imsins.BAK
2015-12-12 19:09:52 ----SHD---- C:\WINDOWS\Installer
2015-12-12 19:09:52 ----SHD---- C:\Config.Msi
2015-12-12 19:09:31 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 chgbmode;Panasonic Charge Mode Changer Driver; \??\C:\Program Files\Panasonic\CHGBMODE\chgBmode.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SAVOnAccessControl;SAVOnAccessControl; C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys [2014-09-15 174592]
R1 SAVOnAccessFilter;SAVOnAccessFilter; C:\WINDOWS\system32\DRIVERS\savonaccessfilter.sys [2014-09-15 34176]
R1 SKMScan;SKMScan; C:\WINDOWS\system32\DRIVERS\skmscan.sys [2014-09-15 33408]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 FIDTPU;Fujitsu Touch Panel (USB); C:\WINDOWS\system32\DRIVERS\FIDTPU.sys [2006-07-12 27030]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HOTKEY;Panasonic Hotkey Driver; C:\WINDOWS\system32\DRIVERS\hotkey.sys [2006-11-14 19840]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-08 997376]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-08 202240]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-10-06 1181824]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-21 36352]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 mv2;mv2; C:\WINDOWS\system32\DRIVERS\mv2.sys [2011-03-24 10688]
R3 NETw3x32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2007-03-05 1783680]
R3 NewMisc;Panasonic Misc Driver; C:\WINDOWS\system32\DRIVERS\newmisc.sys [2007-03-02 42624]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-12-02 118656]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-12-27 1099336]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-15 185728]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-08 723712]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2015-12-24 19984]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_cdcecm;huawei_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_jucdcecm.sys [2012-04-23 70016]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\WINDOWS\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2011-12-31 199168]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 RsFx0150;RsFx0150 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
S4 SophosBootDriver;SophosBootDriver; C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys [2014-09-15 23680]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 IISADMIN;IIS Admin; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 MbnExt;Mobile Broadband Extension Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SAVAdminService;Sophos Anti-Virus status reporter; C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2014-09-15 288552]
R2 SAVService;Sophos Anti-Virus; C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe [2014-09-15 208168]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service; C:\Program Files\Sophos\AutoUpdate\ALsvc.exe [2015-06-30 340264]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 97632]
R2 swi_service;Sophos Web Intelligence Service; C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2014-09-15 3274536]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2009-11-07 1581512]
R2 W3SVC;World Wide Web Publishing; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 swi_update;Sophos Web Intelligence Update; C:\Documents and Settings\All Users\Application Data\Sophos\Web Intelligence\swi_update.exe [2014-09-15 1487144]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 mrDPMServer3;mrDPMServer3; C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\5.6.0.0\DPMServerService.exe [2009-05-27 32768]
S3 mrPerfMonitoring;mrPerfMonitoring; C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\5.6.0.0\SPSSMR.Management.Monitoring.Service.exe [2009-05-27 24576]
S3 mrUserAdminServer;mrUserAdminServer; C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\mrUserAdminServer.exe [2010-07-09 344064]
S3 MSSQLSERVER;SQL Server (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2010-04-03 42884448]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]
S4 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 24 pro 2015 21:35

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

atka3211 · #3 Příspěvek od **atka3211** » 24 pro 2015 22:17

Nevýslovně vyjadřuji pochvalu Ježiškovi a zejména všem mužům, kteří mi přes tuto pozdní hodinu pomáhají odstranit následky mého nerozvážného jednání.

# AdwCleaner v5.026 - Logfile created 24/12/2015 at 21:59:01
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : user - MBCZ0A183
# Running from : C:\Documents and Settings\user\Desktop\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Documents and Settings\user\Application Data\PriceGong
[-] Folder Deleted : C:\Documents and Settings\user\Application Data\SimpleFiles
[-] Folder Deleted : C:\Documents and Settings\user\Local Settings\Application Data\Conduit
[-] Folder Deleted : C:\Program Files\Conduit

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Documents and Settings\All Users\Start Menu\Programs\SPSS Inc\PASW Data Collection 5.6\Check For Data Collection Updates.lnk
[-] Shortcut Disinfected : C:\Documents and Settings\user\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1066435
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\PriceGong
[-] Key Deleted : HKCU\Software\SimpleFiles
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\SimpleFiles
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2159 bytes] ##########

#4 Příspěvek od **Rudy** » 24 pro 2015 22:28

Děkujeme.

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77
C:\Documents and Settings\All Users\Application Data\4f596ec3-77fb-4fc3-82cb-691c42c71d77

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

atka3211 · #5 Příspěvek od **atka3211** » 24 pro 2015 22:33

ještě jednou díky
jdu na to

atka3211 · #6 Příspěvek od **atka3211** » 24 pro 2015 22:43

Pokud jsem postupovala dobře, tak by tohle měl být výsledek

Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2015-12-24 22:41:43
Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (6%) free of 57 GB
Total RAM: 1526 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:42:16, on 24.12.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Panasonic\Hotkey Appendix\HKEYAPP.EXE
C:\Program Files\Sophos\AutoUpdate\almon.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\FIDTPU\WIN2K\FTMSFLTU.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\WINDOWS\system32\RButton.exe
C:\Program Files\Panasonic\CHGBMODE\ChgBmode.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\34.0.2036.25\opera_crashreporter.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Program Files\Opera\34.0.2036.25\opera.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://houmpage.com/?src=hp&ssid=144994 ... a506a00588
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://unstopp.me/wpad.dat?a2ef535ccc82 ... 90d2526728
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Panasonic Hotkey Manager] C:\Program Files\Panasonic\Hotkey Appendix\HKEYAPP.EXE
O4 - HKLM\..\Run: [Sophos AutoUpdate Monitor] C:\Program Files\Sophos\AutoUpdate\almon.exe
O4 - HKLM\..\Run: [Andy] C:\Program Files\Andy\HandyAndy.exe
O4 - HKLM\..\Run: [FTMSFLT(USB)] C:\Program Files\FIDTPU\WIN2K\FTMSFLTU.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Economy Mode(ECO) Setting Utility.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application data\sophos\web intelligence\swi_ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application data\sophos\web intelligence\swi_ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application data\sophos\web intelligence\swi_ifslsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0809850468
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: mrDPMServer3 - SPSS Limited - C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\5.6.0.0\DPMServerService.exe
O23 - Service: mrPerfMonitoring - SPSS Limited - C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\5.6.0.0\SPSSMR.Management.Monitoring.Service.exe
O23 - Service: mrUserAdminServer - SPSS Limited - C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\mrUserAdminServer.exe
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Limited - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Sophos Web Intelligence Service (swi_service) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
O23 - Service: Sophos Web Intelligence Update (swi_update) - Sophos Limited - C:\Documents and Settings\All Users\Application Data\Sophos\Web Intelligence\swi_update.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

--
End of file - 6715 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1450956353.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-15 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-15 688218]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-10-06 98304]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-10-06 114688]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-10-06 94208]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"Panasonic Hotkey Manager"=C:\Program Files\Panasonic\Hotkey Appendix\HKEYAPP.EXE [2006-11-30 976528]
"Sophos AutoUpdate Monitor"=C:\Program Files\Sophos\AutoUpdate\almon.exe [2015-06-30 1592104]
"Andy"=C:\Program Files\Andy\HandyAndy.exe []
"FTMSFLT(USB)"=C:\Program Files\FIDTPU\WIN2K\FTMSFLTU.EXE [2005-06-23 82063]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2015-08-06 2162152]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Economy Mode(ECO) Setting Utility.lnk - C:\Program Files\Panasonic\CHGBMODE\ChgBmode.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-10-06 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SAVService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\UltraVNC\winvnc.exe"="C:\Program Files\UltraVNC\winvnc.exe:*:Enabled:winvnc.exe"
"C:\Program Files\UltraVNC\vncviewer.exe"="C:\Program Files\UltraVNC\vncviewer.exe:*:Enabled:vncviewer.exe"
"C:\Program Files\BrillKids\Little Math\Little Math.exe"="C:\Program Files\BrillKids\Little Math\Little Math.exe:*:Enabled:BrillKids Little Math"
"C:\Program Files\BrillKids\Little Musician\Little Musician.exe"="C:\Program Files\BrillKids\Little Musician\Little Musician.exe:*:Enabled:BrillKids Little Musician"
"C:\Program Files\BrillKids\Little Reader\Little Reader.exe"="C:\Program Files\BrillKids\Little Reader\Little Reader.exe:*:Enabled:BrillKids Little Reader"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.5"
"C:\Program Files\SimpleFiles\SimpleFiles.exe"="C:\Program Files\SimpleFiles\SimpleFiles.exe:*:Enabled:SimpleFiles"
"C:\Program Files\SimpleFiles\downloader.exe"="C:\Program Files\SimpleFiles\downloader.exe:*:Enabled:SimpleFiles"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-12-24 22:36:05 ----D---- C:\_OTM
2015-12-24 21:45:50 ----D---- C:\AdwCleaner
2015-12-24 20:56:01 ----D---- C:\rsit
2015-12-24 20:56:01 ----D---- C:\Program Files\trend micro
2015-12-24 18:36:18 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2015-12-24 12:35:44 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-24 12:26:12 ----D---- C:\Documents and Settings\user\Application Data\Opera Software
2015-12-24 12:25:53 ----D---- C:\Program Files\Opera

======List of files/folders modified in the last 1 month======

2015-12-24 22:41:03 ----D---- C:\WINDOWS\system32\inetsrv
2015-12-24 22:40:23 ----D---- C:\WINDOWS\system32\CatRoot2
2015-12-24 22:39:15 ----D---- C:\WINDOWS\Temp
2015-12-24 22:37:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-12-24 22:37:11 ----D---- C:\WINDOWS\system32
2015-12-24 22:37:11 ----D---- C:\WINDOWS
2015-12-24 22:36:08 ----D---- C:\Program Files\Common Files
2015-12-24 21:59:04 ----RD---- C:\Program Files
2015-12-24 19:51:32 ----D---- C:\Documents and Settings\user\Application Data\vlc
2015-12-24 18:40:47 ----HD---- C:\WINDOWS\inf
2015-12-24 18:40:47 ----D---- C:\WINDOWS\system32\drivers
2015-12-24 12:35:47 ----SD---- C:\WINDOWS\Tasks
2015-12-24 12:26:16 ----D---- C:\WINDOWS\Prefetch
2015-12-14 22:27:53 ----A---- C:\WINDOWS\imsins.BAK
2015-12-12 19:09:52 ----SHD---- C:\WINDOWS\Installer
2015-12-12 19:09:52 ----SHD---- C:\Config.Msi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 chgbmode;Panasonic Charge Mode Changer Driver; \??\C:\Program Files\Panasonic\CHGBMODE\chgBmode.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SAVOnAccessControl;SAVOnAccessControl; C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys [2014-09-15 174592]
R1 SAVOnAccessFilter;SAVOnAccessFilter; C:\WINDOWS\system32\DRIVERS\savonaccessfilter.sys [2014-09-15 34176]
R1 SKMScan;SKMScan; C:\WINDOWS\system32\DRIVERS\skmscan.sys [2014-09-15 33408]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 FIDTPU;Fujitsu Touch Panel (USB); C:\WINDOWS\system32\DRIVERS\FIDTPU.sys [2006-07-12 27030]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HOTKEY;Panasonic Hotkey Driver; C:\WINDOWS\system32\DRIVERS\hotkey.sys [2006-11-14 19840]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-08 997376]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-08 202240]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-10-06 1181824]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-21 36352]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 mv2;mv2; C:\WINDOWS\system32\DRIVERS\mv2.sys [2011-03-24 10688]
R3 NETw3x32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2007-03-05 1783680]
R3 NewMisc;Panasonic Misc Driver; C:\WINDOWS\system32\DRIVERS\newmisc.sys [2007-03-02 42624]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-12-02 118656]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-12-27 1099336]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-15 185728]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-08 723712]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2015-12-24 19984]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_cdcecm;huawei_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_jucdcecm.sys [2012-04-23 70016]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\WINDOWS\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2011-12-31 199168]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 RsFx0150;RsFx0150 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
S4 SophosBootDriver;SophosBootDriver; C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys [2014-09-15 23680]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 IISADMIN;IIS Admin; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 MbnExt;Mobile Broadband Extension Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SAVAdminService;Sophos Anti-Virus status reporter; C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2014-09-15 288552]
R2 SAVService;Sophos Anti-Virus; C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe [2014-09-15 208168]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service; C:\Program Files\Sophos\AutoUpdate\ALsvc.exe [2015-06-30 340264]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 97632]
R2 swi_service;Sophos Web Intelligence Service; C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2014-09-15 3274536]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2009-11-07 1581512]
R2 W3SVC;World Wide Web Publishing; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 swi_update;Sophos Web Intelligence Update; C:\Documents and Settings\All Users\Application Data\Sophos\Web Intelligence\swi_update.exe [2014-09-15 1487144]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 mrDPMServer3;mrDPMServer3; C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\5.6.0.0\DPMServerService.exe [2009-05-27 32768]
S3 mrPerfMonitoring;mrPerfMonitoring; C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\5.6.0.0\SPSSMR.Management.Monitoring.Service.exe [2009-05-27 24576]
S3 mrUserAdminServer;mrUserAdminServer; C:\Program Files\Common Files\SPSSInc\PASWDataCollection5.6\ProjectMgmt\mrUserAdminServer.exe [2010-07-09 344064]
S3 MSSQLSERVER;SQL Server (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2010-04-03 42884448]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]
S4 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456]

-----------------EOF-----------------

#7 Příspěvek od **Rudy** » 25 pro 2015 11:22

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

atka3211 · #8 Příspěvek od **atka3211** » 25 pro 2015 12:42

Díky.

Vypadá to, že je po problému.

#9 Příspěvek od **Rudy** » 25 pro 2015 13:04

Tak to jsem rád. Nemáte zač!

VIRY.CZ

předvánoční dáreček

předvánoční dáreček

Re: předvánoční dáreček

Re: předvánoční dáreček

Re: předvánoční dáreček

Re: předvánoční dáreček

Re: předvánoční dáreček

Re: předvánoční dáreček

Re: předvánoční dáreček

Re: předvánoční dáreček