Dobré před obědem.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Gamp at 2012-03-10 11:21:55
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 25 GB (33%) free of 76 GB
Total RAM: 2047 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:22:01, on 10. 3. 2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\taskmgr.exe
D:\WIN\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Gamp\Dokumenty\Stahování Firefox\RSIT.exe
D:\Program Files\trend micro\Gamp.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = D:\WIN\system32\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=D:\WIN\system32\userinit.exe,
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: taskmgr.exe.lnk = C:\WINDOWS\system32\taskmgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -
http://download.eset.com/special/eos/OnlineScanner.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
--
End of file - 3279 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Toddler Keys.job
======Registry dump======
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2011-10-21 2663232]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-02-23 740216]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-06-02 1957888]
"DriverMax"= []
"DriverMax_RESTART"= []
"PowerBar"=C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe [2004-04-21 86016]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-07-02 220544]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-06-16 1500160]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
C:\Documents and Settings\Gamp\Nabídka Start\Programy\Po spuštění
taskmgr.exe.lnk - C:\WINDOWS\system32\taskmgr.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WIN\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WIN\system32\l3codeca.acm
======List of files/folders created in the last 1 month======
2012-03-10 11:21:55 ----D---- C:\rsit
2012-03-10 11:08:54 ----A---- C:\WINDOWS\setuplog.txt
2012-03-10 06:00:34 ----D---- C:\zaloha system32 config
2012-03-09 01:33:57 ----A---- C:\OTLP runfix-00.txt
2012-03-08 23:03:28 ----A---- C:\zalohambr.dat
2012-03-08 03:23:21 ----ASH---- C:\pepagefile.sys
2012-03-07 22:20:48 ----D---- C:\_OTL
2012-03-05 02:08:35 ----A---- C:\OTL-1.txt
2012-03-04 22:33:05 ----A---- C:\OTL.Txt
2012-03-04 22:33:01 ----A---- C:\PRIKAZ.TXT
2012-03-04 18:29:32 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2012-03-03 22:12:58 ----D---- D:\Program Files\WinRAR
2012-03-03 21:25:31 ----D---- C:\Na viry
2012-03-02 22:35:21 ----D---- D:\Program Files\trend micro
2012-03-02 17:52:36 ----D---- C:\JPG_eset scan
2012-03-01 21:22:41 ----D---- C:\Linux
2012-03-01 21:18:46 ----D---- D:\Program Files\Common Files\ODBC
2012-03-01 21:18:43 ----D---- D:\Program Files\Common Files\SpeechEngines
2012-03-01 21:18:42 ----D---- D:\Program Files\Common Files\Microsoft Shared
2012-03-01 21:18:42 ----D---- D:\Program Files\Common Files
2012-03-01 21:17:13 ----ASH---- C:\pagefile.sys
2012-03-01 21:04:38 ----D---- C:\Avira
2012-03-01 20:56:28 ----HD---- D:\Program Files\Uninstall Information
2012-03-01 20:45:48 ----D---- D:\Program Files\xerox
2012-03-01 20:45:48 ----D---- D:\Program Files\microsoft frontpage
2012-03-01 20:43:31 ----HD---- D:\Program Files\WindowsUpdate
2012-03-01 20:43:21 ----D---- D:\Program Files\Online Services
2012-03-01 20:42:30 ----D---- D:\Program Files\Common Files\Services
2012-03-01 20:42:27 ----D---- D:\Program Files\Common Files\MSSoap
2012-03-01 20:42:16 ----D---- D:\Program Files\Movie Maker
2012-03-01 20:42:06 ----D---- D:\Program Files\NetMeeting
2012-03-01 20:42:04 ----D---- D:\Program Files\Outlook Express
2012-03-01 20:41:58 ----D---- D:\Program Files\Common Files\System
2012-03-01 20:41:57 ----D---- D:\Program Files\Internet Explorer
2012-03-01 20:41:25 ----D---- D:\Program Files\ComPlus Applications
2012-03-01 20:40:12 ----D---- D:\Program Files\Windows Media Player
2012-03-01 20:40:02 ----D---- D:\Program Files\Messenger
2012-03-01 20:39:59 ----D---- D:\Program Files\MSN Gaming Zone
2012-03-01 20:39:32 ----D---- D:\Program Files\Windows NT
2012-03-01 19:45:59 ----ASH---- C:\hiberfil.sys
2012-02-29 14:26:59 ----ASH---- C:\WINDOWS\system32\dds_log_trash.cmd
2012-02-29 10:09:55 ----A---- C:\PA7311.DAT
2012-02-25 12:55:37 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-02-23 21:42:17 ----A---- C:\WINDOWS\system32\ptpusb.dll
2012-02-23 21:42:16 ----A---- C:\WINDOWS\system32\ptpusd.dll
2012-02-16 21:36:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-02-16 21:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-02-16 17:03:16 ----N---- C:\WINDOWS\system32\iacenc.dll
======List of files/folders modified in the last 1 month======
2012-03-10 11:21:54 ----D---- C:\Documents and Settings\Gamp\Data aplikací\uTorrent
2012-03-10 11:21:45 ----D---- C:\Documents and Settings\Gamp\Data aplikací\Skype
2012-03-10 11:08:56 ----D---- C:\WINDOWS\Prefetch
2012-03-10 11:08:54 ----D---- C:\WINDOWS\Temp
2012-03-10 11:08:54 ----D---- C:\WINDOWS
2012-03-10 11:07:17 ----D---- C:\WINDOWS\SoftwareDistribution
2012-03-10 11:06:19 ----SHD---- C:\System Volume Information
2012-03-10 11:06:19 ----D---- C:\WINDOWS\system32\Restore
2012-03-10 06:02:47 ----D---- C:\WINDOWS\system32\config
2012-03-10 00:14:47 ----D---- C:\WINDOWS\system32
2012-03-10 00:14:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-03-10 00:09:44 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-03-10 00:06:46 ----SHD---- C:\WINDOWS\Installer
2012-03-10 00:06:40 ----A---- C:\WINDOWS\win.ini
2012-03-04 18:41:59 ----D---- C:\WINDOWS\system32\embedded
2012-03-04 18:38:24 ----D---- C:\WINDOWS\system32\drivers
2012-03-01 21:28:43 ----SHD---- C:\RECYCLER
2012-03-01 20:34:22 ----SH---- C:\boot.ini
2012-03-01 20:02:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-03-01 20:02:49 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-29 21:32:57 ----RD---- C:\Program Files
2012-02-29 21:14:49 ----SD---- C:\WINDOWS\Tasks
2012-02-29 14:27:00 ----D---- C:\WINDOWS\assembly
2012-02-23 21:42:14 ----HD---- C:\WINDOWS\inf
2012-02-23 17:23:21 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-02-23 13:53:42 ----D---- C:\WINDOWS\Minidump
2012-02-23 12:32:43 ----A---- C:\WINDOWS\DVDIdlePro.INI
2012-02-17 08:29:10 ----D---- C:\WINDOWS\Microsoft.NET
2012-02-17 07:19:01 ----D---- C:\WINDOWS\Debug
2012-02-16 21:36:28 ----A---- C:\WINDOWS\system32\MRT.exe
2012-02-16 21:35:32 ----D---- C:\WINDOWS\ie8updates
2012-02-16 21:35:23 ----HD---- C:\WINDOWS\$hf_mig$
2012-02-16 21:30:15 ----D---- C:\WINDOWS\WinSxS
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 03294038;03294038; C:\WINDOWS\system32\DRIVERS\03294038.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
All services whitelisted
-----------------EOF-----------------