xp security tool
Napsal: 09 dub 2010 15:21
Dobrý den nejde spustit téměř nic.Logfile of random's system information tool 1.06 (written by random/random)
Run by aaa at 2010-04-09 16:16:28
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 6 GB (77%) free of 8 GB
Total RAM: 256 MB (57% free)
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"syncman"=c:\windows\system32\wuaucldt.exe [2010-03-16 51807]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
"syncman"=c:\documents and settings\aaa\wuaucldt.exe []
C:\Documents and Settings\aaa\Nabídka Start\Programy\Po spuštění
monnwb32.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======File associations======
.exe - open - "C:\Documents and Settings\aaa\Local Settings\Data aplikací\av.exe" /START "%1" %*
======List of files/folders created in the last 1 months======
2010-04-09 16:16:30 ----D---- C:\Program Files\trend micro
2010-04-09 16:16:28 ----D---- C:\rsit
2010-04-08 20:03:19 ----SHD---- C:\WINDOWS\CSC
2010-04-08 20:03:07 ----A---- C:\WINDOWS\ntbtlog.txt
2010-04-08 19:59:42 ----SHD---- C:\RECYCLER
2010-03-22 19:37:13 ----D---- C:\WINDOWS\Minidump
2010-03-17 12:43:21 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-03-16 19:49:12 ----A---- C:\WINDOWS\system32\wuaucldt.exe
======List of files/folders modified in the last 1 months======
2010-04-09 16:16:30 ----RD---- C:\Program Files
2010-04-09 16:12:36 ----D---- C:\WINDOWS\Temp
2010-04-09 06:45:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-08 20:59:27 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-08 20:53:55 ----D---- C:\WINDOWS\Prefetch
2010-04-08 20:43:59 ----D---- C:\Program Files\McAfee Security Scan
2010-04-08 20:03:29 ----D---- C:\Documents and Settings
2010-04-08 20:03:19 ----D---- C:\WINDOWS
2010-04-08 19:51:42 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-07 07:31:37 ----D---- C:\WINDOWS\system32
2010-04-07 07:31:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-18 10:57:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-03-17 12:45:26 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-17 12:43:44 ----HD---- C:\WINDOWS\inf
2010-03-17 12:43:43 ----D---- C:\WINDOWS\Help
2010-03-17 12:43:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 G400;G400; C:\WINDOWS\system32\DRIVERS\G400m.sys [2001-09-13 322432]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 NtApm;Ovladač rozhraní služby NT Apm/Legacy; C:\WINDOWS\system32\DRIVERS\NtApm.sys [2001-09-13 9472]
S4 ACPI;ACPI; C:\WINDOWS\system32\drivers\ACPI.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
All services whitelisted
-----------------EOF-----------------
Run by aaa at 2010-04-09 16:16:28
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 6 GB (77%) free of 8 GB
Total RAM: 256 MB (57% free)
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"syncman"=c:\windows\system32\wuaucldt.exe [2010-03-16 51807]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
"syncman"=c:\documents and settings\aaa\wuaucldt.exe []
C:\Documents and Settings\aaa\Nabídka Start\Programy\Po spuštění
monnwb32.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======File associations======
.exe - open - "C:\Documents and Settings\aaa\Local Settings\Data aplikací\av.exe" /START "%1" %*
======List of files/folders created in the last 1 months======
2010-04-09 16:16:30 ----D---- C:\Program Files\trend micro
2010-04-09 16:16:28 ----D---- C:\rsit
2010-04-08 20:03:19 ----SHD---- C:\WINDOWS\CSC
2010-04-08 20:03:07 ----A---- C:\WINDOWS\ntbtlog.txt
2010-04-08 19:59:42 ----SHD---- C:\RECYCLER
2010-03-22 19:37:13 ----D---- C:\WINDOWS\Minidump
2010-03-17 12:43:21 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-03-16 19:49:12 ----A---- C:\WINDOWS\system32\wuaucldt.exe
======List of files/folders modified in the last 1 months======
2010-04-09 16:16:30 ----RD---- C:\Program Files
2010-04-09 16:12:36 ----D---- C:\WINDOWS\Temp
2010-04-09 06:45:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-08 20:59:27 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-08 20:53:55 ----D---- C:\WINDOWS\Prefetch
2010-04-08 20:43:59 ----D---- C:\Program Files\McAfee Security Scan
2010-04-08 20:03:29 ----D---- C:\Documents and Settings
2010-04-08 20:03:19 ----D---- C:\WINDOWS
2010-04-08 19:51:42 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-07 07:31:37 ----D---- C:\WINDOWS\system32
2010-04-07 07:31:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-18 10:57:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-03-17 12:45:26 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-17 12:43:44 ----HD---- C:\WINDOWS\inf
2010-03-17 12:43:43 ----D---- C:\WINDOWS\Help
2010-03-17 12:43:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 G400;G400; C:\WINDOWS\system32\DRIVERS\G400m.sys [2001-09-13 322432]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 NtApm;Ovladač rozhraní služby NT Apm/Legacy; C:\WINDOWS\system32\DRIVERS\NtApm.sys [2001-09-13 9472]
S4 ACPI;ACPI; C:\WINDOWS\system32\drivers\ACPI.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
All services whitelisted
-----------------EOF-----------------