Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2010-12-26 18:39:37
Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (43%) free of 9 GB
Total RAM: 255 MB (21% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-04 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []

C:\Documents and Settings\All Users\ \\
  Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli
scecli
scecli

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoWelcomeScreen"=1
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 3 months======

2010-12-26 18:08:38 ----D---- C:\rsit
2010-12-26 18:08:38 ----D---- C:\Program Files\trend micro
2010-12-26 12:13:30 ----D---- C:\Documents and Settings\Admin\Application Data\Macromedia
2010-12-26 12:13:29 ----D---- C:\Documents and Settings\Admin\Application Data\Sun
2010-12-25 21:29:20 ----D---- C:\Temp
2010-12-22 17:13:25 ----D---- C:\Documents and Settings\Admin\Application Data\Adobe
2010-12-20 20:54:52 ----D---- C:\Program Files\Citrix
2010-12-20 19:03:30 ----D---- C:\WINDOWS\system32\RemoteStorage
2010-12-20 18:56:38 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-12-15 11:24:49 ----D---- C:\Program Files\Far
2010-12-09 19:05:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-24 19:42:07 ----D---- C:\WINDOWS\system32\appmgmt
2010-11-24 10:04:56 ----D---- C:\Documents and Settings\Admin\Application Data\ICAClient
2010-11-24 09:50:18 ----D---- C:\WINDOWS\SchCache
2010-11-23 13:43:46 ----ASH---- C:\hiberfil.sys
2010-11-23 12:40:58 ----D---- C:\WINDOWS\Prefetch
2010-11-23 12:19:38 ----D---- C:\WINDOWS\TEMP
2010-11-23 12:18:01 ----D---- C:\WINDOWS\system32\ru-ru
2010-11-23 12:17:59 ----D---- C:\WINDOWS\system32\ru
2010-11-23 12:17:59 ----D---- C:\WINDOWS\system32\bits
2010-11-23 12:17:59 ----D---- C:\WINDOWS\l2schemas
2010-11-23 12:13:31 ----D---- C:\WINDOWS\network diagnostic
2010-11-23 12:11:37 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-11-23 11:51:45 ----A---- C:\WINDOWS\system32\MRT.INI
2010-11-23 11:48:28 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-23 11:20:27 ----D---- C:\WINDOWS\ServicePackFiles
2010-11-23 10:39:11 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-11-23 10:39:11 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-11-23 10:39:11 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-11-23 10:39:11 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-11-23 10:39:11 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-11-23 10:39:11 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-11-23 10:39:08 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-11-23 10:39:08 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-11-23 10:39:08 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-11-23 10:39:08 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-11-23 10:39:07 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-11-23 10:39:07 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-11-23 10:39:05 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-11-23 10:39:05 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-11-23 10:39:05 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-11-23 10:39:04 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-11-23 10:39:03 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-11-23 10:39:01 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-11-23 10:39:01 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-11-23 10:39:01 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-11-23 10:37:50 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-11-23 10:37:50 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-11-23 10:37:50 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-11-23 10:37:50 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-11-23 10:37:50 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-11-23 10:37:50 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-11-23 10:37:50 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-11-23 10:37:50 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-11-23 10:37:50 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-11-23 10:37:50 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-11-23 10:37:49 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-11-23 09:29:09 ----D---- C:\Documents and Settings\Admin\Application Data\Identities
2010-11-23 09:28:39 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft
2010-11-23 09:28:39 ----ASH---- C:\Documents and Settings\Admin\Application Data\desktop.ini
2010-11-23 09:26:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-11-23 09:13:02 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-11-23 09:11:50 ----D---- C:\WINDOWS\system32\PreInstall
2010-11-23 09:11:47 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-11-23 09:11:10 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-11-23 09:11:07 ----HD---- C:\WINDOWS\$hf_mig$
2010-11-22 12:05:09 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2010-11-22 10:53:11 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-11-22 09:37:26 ----A---- C:\WINDOWS\Slave.exe

======List of files/folders modified in the last 3 months======

2010-12-26 18:35:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-26 18:33:58 ----D---- C:\WINDOWS\system32\drivers
2010-12-26 18:08:38 ----RD---- C:\Program Files
2010-12-26 17:52:26 ----D---- C:\WINDOWS
2010-12-26 17:51:38 ----D---- C:\WINDOWS\system32
2010-12-26 12:44:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-26 12:44:04 ----A---- C:\WINDOWS\system32\command.com
2010-12-26 12:14:02 ----SHD---- C:\WINDOWS\Installer
2010-12-26 12:13:58 ----A---- C:\WINDOWS\OEWABLog.txt
2010-12-26 11:54:15 ----D---- C:\WINDOWS\security
2010-12-24 17:25:25 ----D---- C:\WINDOWS\SoftwareDistribution
2010-12-20 19:06:16 ----D---- C:\Program Files\WinZip
2010-12-20 19:04:13 ----D---- C:\WINDOWS\Help
2010-12-20 19:03:56 ----D---- C:\WINDOWS\system32\inetsrv
2010-12-20 19:03:38 ----HD---- C:\WINDOWS\inf
2010-12-20 19:02:48 ----D---- C:\Program Files\WinRAR
2010-12-20 18:56:38 ----D---- C:\Program Files\ESET
2010-12-20 16:21:28 ----SHD---- C:\RECYCLER
2010-12-20 14:51:34 ----A---- C:\WINDOWS\ODBC.INI
2010-12-20 11:49:40 ----D---- C:\Documents and Settings
2010-12-20 11:46:59 ----SHD---- C:\WINDOWS\CSC
2010-12-15 13:13:21 ----A---- C:\WINDOWS\imsins.BAK
2010-12-15 13:10:56 ----D---- C:\Program Files\Outlook Express
2010-12-09 19:59:19 ----D---- C:\WINDOWS\system32\CatRoot
2010-12-09 19:56:33 ----D---- C:\Program Files\Movie Maker
2010-12-04 22:34:03 ----A---- C:\WINDOWS\win.ini
2010-12-04 22:33:22 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-12-04 22:33:18 ----RSD---- C:\WINDOWS\Fonts
2010-12-04 22:31:51 ----D---- C:\Program Files\Microsoft Works
2010-12-04 15:05:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-04 14:55:15 ----D---- C:\WINDOWS\WinSxS
2010-11-23 14:47:24 ----D---- C:\WINDOWS\system32\config
2010-11-23 13:41:34 ----A---- C:\WINDOWS\ntbtlog.txt
2010-11-23 13:21:13 ----A---- C:\WINDOWS\setuplog.txt
2010-11-23 12:40:35 ----D---- C:\WINDOWS\system32\wbem
2010-11-23 12:40:35 ----D---- C:\WINDOWS\system32\Setup
2010-11-23 12:40:35 ----D---- C:\WINDOWS\AppPatch
2010-11-23 12:21:42 ----D---- C:\Program Files\Messenger
2010-11-23 12:18:27 ----D---- C:\Program Files\Windows Media Player
2010-11-23 12:18:17 ----D---- C:\WINDOWS\ehome
2010-11-23 12:18:15 ----D---- C:\WINDOWS\ime
2010-11-23 12:18:01 ----D---- C:\WINDOWS\system32\usmt
2010-11-23 12:18:00 ----D---- C:\Program Files\Internet Explorer
2010-11-23 12:17:59 ----D---- C:\WINDOWS\PeerNet
2010-11-23 12:15:27 ----D---- C:\WINDOWS\system32\Restore
2010-11-23 12:15:27 ----D---- C:\WINDOWS\system32\npp
2010-11-23 12:15:26 ----D---- C:\WINDOWS\msagent
2010-11-23 12:15:25 ----D---- C:\WINDOWS\srchasst
2010-11-23 12:15:24 ----D---- C:\Program Files\NetMeeting
2010-11-23 12:15:23 ----D---- C:\WINDOWS\system32\Com
2010-11-23 12:15:21 ----D---- C:\Program Files\Windows NT
2010-11-23 12:15:18 ----D---- C:\Program Files\Common Files\System
2010-11-23 12:14:59 ----D---- C:\WINDOWS\system32\oobe
2010-11-23 12:14:58 ----D---- C:\WINDOWS\system
2010-11-23 11:49:00 ----SD---- C:\WINDOWS\Tasks
2010-11-23 09:57:47 ----D---- C:\WINDOWS\Debug
2010-11-22 09:40:07 ----SHD---- C:\System Volume Information
2010-11-18 21:15:44 ----A---- C:\WINDOWS\system32\isign32.dll
2010-11-05 08:02:56 ----A---- C:\WINDOWS\system32\wininet.dll
2010-11-05 08:02:56 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-11-05 08:02:56 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-11-05 08:02:55 ----A---- C:\WINDOWS\system32\mstime.dll
2010-11-05 08:02:55 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-11-05 08:02:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-11-05 08:02:54 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-11-05 08:02:54 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-11-05 08:02:54 ----A---- C:\WINDOWS\system32\browseui.dll
2010-10-28 16:08:57 ----A---- C:\WINDOWS\system32\atmfd.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel -   AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 intelppm; Intel ; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40704]
R1 WS2IFSL; Windows Socket 2.0   -IFS ; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-08-18 12032]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R3 ms_mpu401; UART Microsoft MPU-401 MIDI; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet ,   NT; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbuhci;  Microsoft USB  -; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 USBSTOR;    USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-04 810144]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Slave;RA Server; C:\WINDOWS\Slave.exe [2004-01-15 89330]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-04 33584]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------
