Podezřele časté stahování ničeho, zpomalený net
Napsal: 16 kvě 2010 15:52
Máme omezený limit připojení (10GB,vytáčené, T-Mobile,po překročení se sníží rychlost na 1/4) a tento měsíc se mi ho povedlo překročit už 11.tého ačkoliv jsem nic nestahoval. Bylo mi to podezřelé, a tak jsem se občas podíval na počítači který je brána (tedy ne tento) na graf využití a brzy jsem dospěl k názoru že toto (tedy to z kterého píšu) PC často nesmyslně využívá připojení jak jen to jde. Můžu se mýlit ale přesto, nebo spíš právě proto sem dávám svůj log.
Díky
_____________________________________________________________________
Logfile of random's system information tool 1.06 (written by random/random)
Run by ERELL at 2010-05-16 15:43:42
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 3 GB (16%) free of 17 GB
Total RAM: 991 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:44:30, on 16.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Avast4\aswUpdSv.exe
D:\Program Files\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Hamachi\hamachi-2.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
D:\WINDOWS\Explorer.EXE
D:\PROGRA~1\Avast4\ashDisp.exe
D:\Program Files\CanonScanner\OmniPage\OpwareSE2.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Ralink\Common\RaUI.exe
D:\Program Files\Avast4\ashMaiSv.exe
D:\Program Files\Avast4\ashWebSv.exe
D:\Program Files\FIREFOX\firefox.exe
D:\JAKUB\SW\trayit\TrayIt!.exe
D:\JAKUB\hry\RSIT.exe
D:\Program Files\trend micro\ERELL.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://www.gymjosefska.cz:22/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbit\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\CanonScanner\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Program Files\Orbit\GrabPro.dll
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe9\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [OpwareSE2] "D:\Program Files\CanonScanner\OmniPage\OpwareSE2.exe"
O4 - HKLM\..\Run: [OPSE reminder] "D:\Program Files\CanonScanner\OmniPage\EregEng\Ereg.exe" -r "D:\Program Files\CanonScanner\OmniPage\EregEng\ereg.ini"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbit\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbit\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbit\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbit\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\M_OFF\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Program Files\CanonScanner\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Program Files\CanonScanner\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Program Files\CanonScanner\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Program Files\CanonScanner\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{56773113-4E28-4CA1-99A9-C0B37E779AB7}: NameServer = 62.141.0.1,213.162.65.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Avast4\ashWebSv.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - D:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
--
End of file - 7437 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - D:\Program Files\Orbit\orbitcth.dll [2010-03-08 240912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - D:\Program Files\CanonScanner\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - D:\Program Files\Orbit\GrabPro.dll [2010-03-08 666816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=D:\PROGRA~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe9\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"OpwareSE2"=D:\Program Files\CanonScanner\OmniPage\OpwareSE2.exe [2003-05-08 49152]
"OPSE reminder"=D:\Program Files\CanonScanner\OmniPage\EregEng\Ereg.exe [2003-07-07 729088]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"UserFaultCheck"=D:\WINDOWS\system32\dumprep 0 -u []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Ralink Wireless Utility.lnk - D:\Program Files\Ralink\Common\RaUI.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=FFFFFF03
"NoStrCmpLogical"=01000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"\\Winsvr\POHODASQL\Pohoda.exe"="\\Winsvr\POHODASQL\Pohoda.exe:LocalSubNet:Enabled:Ekonomický systém POHODA SQL 2009 (síťový klient)"
"D:\WINDOWS\system32\sessmgr.exe"="D:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\Program Files\RelevantKnowledge\rlvknlg.exe"="D:\Program Files\RelevantKnowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\JAKUB\SW\WCOMAND\WINCMD32.EXE"="D:\JAKUB\SW\WCOMAND\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit internationale Version, Dateimanager-Ersatz fuer Windows"
"D:\JAKUB\hry\Alien vs Predator 2\lithtech.exe"="D:\JAKUB\hry\Alien vs Predator 2\lithtech.exe:*:Enabled:Client"
"D:\JAKUB\hry\Alien vs Predator 2\AVP2Serv.exe"="D:\JAKUB\hry\Alien vs Predator 2\AVP2Serv.exe:*:Enabled:AVP2 Stand-Alone Server"
"D:\JAKUB\hry\Alien vs Predator 2\RommieAvP2Serv.exe"="D:\JAKUB\hry\Alien vs Predator 2\RommieAvP2Serv.exe:*:Enabled:RommieAvP2Serv.exe"
"\\Lenka_note\LENKA_D\Jakub\Hry\Alien vs Predator 2\AVP2Serv.exe"="\\Lenka_note\LENKA_D\Jakub\Hry\Alien vs Predator 2\AVP2Serv.exe:*:Enabled:AVP2Serv.exe"
"D:\JAKUB\hry\Alien\lithtech.exe"="D:\JAKUB\hry\Alien\lithtech.exe:*:Enabled:Client"
"D:\Program Files\Orbit\orbitdm.exe"="D:\Program Files\Orbit\orbitdm.exe:*:Enabled:Orbit"
"D:\Program Files\Orbit\orbitnet.exe"="D:\Program Files\Orbit\orbitnet.exe:*:Enabled:Orbit"
"D:\Program Files\FIREFOX\firefox.exe"="D:\Program Files\FIREFOX\firefox.exe:*:Enabled:Firefox"
"D:\JAKUB\hry\Alien\AVP2Serv.exe"="D:\JAKUB\hry\Alien\AVP2Serv.exe:*:Enabled:AVP2 Stand-Alone Server"
"D:\Documents and Settings\ERELL\temp\TeamViewer\Version4\TeamViewer.exe"="D:\Documents and Settings\ERELL\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"D:\Program Files\TeamViewer\Version4\TeamViewer.exe"="D:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"D:\Documents and Settings\ERELL\Data aplikací\Facebook\facebook.exe"="D:\Documents and Settings\ERELL\Data aplikací\Facebook\facebook.exe:127.0.0.1/255.255.255.255:Enabled:Facebook"
"D:\Program Files\Internet Explorer\iexplore.exe"="D:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\USB Server 2\USB Server.exe"="D:\Program Files\USB Server 2\USB Server.exe:*:Enabled:USB Server"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c4f07aa-3131-11df-868f-0010dca5fabb}]
shell\AutoRun\command - 0
shell\TeamWiever\command - E:\TeamViewer.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d49a1504-1cb0-11df-866e-0010dca5fabb}]
shell\AutoRun\command - 0
shell\TeamWiever\command - E:\TeamViewer.exe
======File associations======
.txt - open - D:\WINDOWS\NOTEPAD.EXE %1
======List of files/folders created in the last 1 months======
2010-05-16 15:43:42 ----D---- D:\rsit
2010-05-12 18:40:11 ----D---- D:\Documents and Settings\All Users\Data aplikací\Google
2010-05-12 18:01:09 ----HDC---- D:\WINDOWS\$NtUninstallKB978542$
2010-05-10 21:25:01 ----D---- D:\Program Files\USB Server 2
2010-05-10 20:39:21 ----D---- D:\Documents and Settings\ERELL\Data aplikací\SendSpace Wizard
2010-05-10 20:38:11 ----D---- D:\Program Files\SendSpace
2010-04-30 21:32:30 ----D---- D:\Program Files\Common Files\Skype
2010-04-28 18:20:46 ----D---- D:\Program Files\VideoConverter
2010-04-26 14:36:05 ----D---- D:\Program Files\TeamViewer
2010-04-26 14:23:12 ----D---- D:\Documents and Settings\ERELL\Data aplikací\TeamViewer
2010-04-23 23:25:32 ----D---- D:\Documents and Settings\All Users\Data aplikací\ScanSoft
2010-04-23 21:37:22 ----D---- D:\Program Files\trend micro
2010-04-23 21:35:53 ----D---- D:\Program Files\Ralink
2010-04-23 21:35:08 ----DC---- D:\WINDOWS\system32\DRVSTORE
2010-04-23 21:35:08 ----A---- D:\WINDOWS\system32\RaCoInst.dll
2010-04-23 21:34:21 ----D---- D:\Documents and Settings\All Users\Data aplikací\Ralink Driver
2010-04-23 21:33:09 ----D---- D:\Documents and Settings\ERELL\Data aplikací\InstallShield
2010-04-21 16:45:49 ----A---- D:\WINDOWS\system32\NCTWMAFile2.dll
2010-04-21 16:45:49 ----A---- D:\WINDOWS\system32\NCTAudioPlayer2.dll
2010-04-21 16:45:49 ----A---- D:\WINDOWS\system32\NCTAudioFile2.dll
2010-04-21 16:44:53 ----D---- D:\Program Files\MP3Converter
2010-04-20 18:04:22 ----D---- D:\WINDOWS\Sun
======List of files/folders modified in the last 1 months======
2010-05-16 15:43:47 ----D---- D:\WINDOWS\Prefetch
2010-05-16 15:16:35 ----D---- D:\WINDOWS\system32\CatRoot2
2010-05-16 15:05:21 ----D---- D:\WINDOWS\Temp
2010-05-16 14:58:34 ----D---- D:\WINDOWS
2010-05-12 18:40:11 ----D---- D:\Program Files\Google
2010-05-12 18:40:08 ----SHD---- D:\WINDOWS\Installer
2010-05-12 18:40:08 ----SD---- D:\WINDOWS\Tasks
2010-05-12 18:06:44 ----D---- D:\Documents and Settings\ERELL\Data aplikací\Orbit
2010-05-12 18:01:38 ----HD---- D:\WINDOWS\inf
2010-05-12 18:01:21 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-05-12 18:01:20 ----D---- D:\WINDOWS\system32
2010-05-12 18:01:20 ----D---- D:\Program Files\Outlook Express
2010-05-12 17:56:11 ----RD---- D:\Program Files
2010-05-12 17:19:41 ----D---- D:\JAKUB
2010-05-12 17:08:50 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-05-12 14:11:58 ----HD---- D:\WINDOWS\$hf_mig$
2010-05-12 14:09:49 ----SD---- D:\Documents and Settings\ERELL\Data aplikací\Microsoft
2010-05-10 21:30:45 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-05-10 21:29:37 ----D---- D:\WINDOWS\system32\drivers
2010-05-10 21:25:07 ----HD---- D:\Program Files\InstallShield Installation Information
2010-05-10 19:08:34 ----D---- D:\Documents and Settings\ERELL\Data aplikací\Skype
2010-05-10 16:03:28 ----D---- D:\Documents and Settings\ERELL\Data aplikací\skypePM
2010-05-07 23:31:03 ----A---- D:\WINDOWS\WINCMD.INI
2010-04-30 21:32:30 ----D---- D:\Program Files\Common Files
2010-04-30 19:51:06 ----A---- D:\WINDOWS\system32\MRT.exe
2010-04-23 21:36:02 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-23 21:33:22 ----A---- D:\WINDOWS\win.ini
2010-04-22 15:04:05 ----A---- D:\WINDOWS\spidla.INI
2010-04-19 17:29:09 ----D---- D:\Program Files\WMA Workshop
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; D:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-04-23 21361]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 MLPTDR_Q;MLPTDR_Q; \??\D:\WINDOWS\system32\MLPTDR_Q.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; D:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; D:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; D:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 EST_BusEnum;Network USB Device Bus; D:\WINDOWS\system32\DRIVERS\GenBus.sys [2009-07-28 27136]
R3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 NUS_Bus;Network USB Server Bus for E2868; D:\WINDOWS\system32\DRIVERS\NUS_Bus.sys [2009-11-09 27392]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 S3SavageNB;S3SavageNB; D:\WINDOWS\system32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
R3 usbhub;Ovladač standardního rozbočovače USB; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 ASPI32;ASPI32; D:\WINDOWS\system32\drivers\ASPI32.sys []
S3 EST_Server;Network USB Device; D:\WINDOWS\system32\DRIVERS\GenHC.sys [2009-10-06 173056]
S3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; D:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; D:\WINDOWS\system32\DRIVERS\rt2870.sys [2008-07-30 619136]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Avast4\ashServ.exe [2009-11-25 138680]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Program Files\Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 RalinkRegistryWriter;Ralink Registry Writer; D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [2008-05-12 69632]
R2 TeamViewer4;TeamViewer 4; D:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-08-24 185640]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Díky
_____________________________________________________________________
Logfile of random's system information tool 1.06 (written by random/random)
Run by ERELL at 2010-05-16 15:43:42
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 3 GB (16%) free of 17 GB
Total RAM: 991 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:44:30, on 16.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Avast4\aswUpdSv.exe
D:\Program Files\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Hamachi\hamachi-2.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
D:\WINDOWS\Explorer.EXE
D:\PROGRA~1\Avast4\ashDisp.exe
D:\Program Files\CanonScanner\OmniPage\OpwareSE2.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Ralink\Common\RaUI.exe
D:\Program Files\Avast4\ashMaiSv.exe
D:\Program Files\Avast4\ashWebSv.exe
D:\Program Files\FIREFOX\firefox.exe
D:\JAKUB\SW\trayit\TrayIt!.exe
D:\JAKUB\hry\RSIT.exe
D:\Program Files\trend micro\ERELL.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://www.gymjosefska.cz:22/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbit\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\CanonScanner\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Program Files\Orbit\GrabPro.dll
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe9\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [OpwareSE2] "D:\Program Files\CanonScanner\OmniPage\OpwareSE2.exe"
O4 - HKLM\..\Run: [OPSE reminder] "D:\Program Files\CanonScanner\OmniPage\EregEng\Ereg.exe" -r "D:\Program Files\CanonScanner\OmniPage\EregEng\ereg.ini"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbit\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbit\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbit\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbit\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\M_OFF\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Program Files\CanonScanner\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Program Files\CanonScanner\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Program Files\CanonScanner\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Program Files\CanonScanner\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{56773113-4E28-4CA1-99A9-C0B37E779AB7}: NameServer = 62.141.0.1,213.162.65.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Avast4\ashWebSv.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - D:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
--
End of file - 7437 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - D:\Program Files\Orbit\orbitcth.dll [2010-03-08 240912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - D:\Program Files\CanonScanner\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - D:\Program Files\Orbit\GrabPro.dll [2010-03-08 666816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=D:\PROGRA~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe9\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"OpwareSE2"=D:\Program Files\CanonScanner\OmniPage\OpwareSE2.exe [2003-05-08 49152]
"OPSE reminder"=D:\Program Files\CanonScanner\OmniPage\EregEng\Ereg.exe [2003-07-07 729088]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"UserFaultCheck"=D:\WINDOWS\system32\dumprep 0 -u []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Ralink Wireless Utility.lnk - D:\Program Files\Ralink\Common\RaUI.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=FFFFFF03
"NoStrCmpLogical"=01000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"\\Winsvr\POHODASQL\Pohoda.exe"="\\Winsvr\POHODASQL\Pohoda.exe:LocalSubNet:Enabled:Ekonomický systém POHODA SQL 2009 (síťový klient)"
"D:\WINDOWS\system32\sessmgr.exe"="D:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\Program Files\RelevantKnowledge\rlvknlg.exe"="D:\Program Files\RelevantKnowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\JAKUB\SW\WCOMAND\WINCMD32.EXE"="D:\JAKUB\SW\WCOMAND\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit internationale Version, Dateimanager-Ersatz fuer Windows"
"D:\JAKUB\hry\Alien vs Predator 2\lithtech.exe"="D:\JAKUB\hry\Alien vs Predator 2\lithtech.exe:*:Enabled:Client"
"D:\JAKUB\hry\Alien vs Predator 2\AVP2Serv.exe"="D:\JAKUB\hry\Alien vs Predator 2\AVP2Serv.exe:*:Enabled:AVP2 Stand-Alone Server"
"D:\JAKUB\hry\Alien vs Predator 2\RommieAvP2Serv.exe"="D:\JAKUB\hry\Alien vs Predator 2\RommieAvP2Serv.exe:*:Enabled:RommieAvP2Serv.exe"
"\\Lenka_note\LENKA_D\Jakub\Hry\Alien vs Predator 2\AVP2Serv.exe"="\\Lenka_note\LENKA_D\Jakub\Hry\Alien vs Predator 2\AVP2Serv.exe:*:Enabled:AVP2Serv.exe"
"D:\JAKUB\hry\Alien\lithtech.exe"="D:\JAKUB\hry\Alien\lithtech.exe:*:Enabled:Client"
"D:\Program Files\Orbit\orbitdm.exe"="D:\Program Files\Orbit\orbitdm.exe:*:Enabled:Orbit"
"D:\Program Files\Orbit\orbitnet.exe"="D:\Program Files\Orbit\orbitnet.exe:*:Enabled:Orbit"
"D:\Program Files\FIREFOX\firefox.exe"="D:\Program Files\FIREFOX\firefox.exe:*:Enabled:Firefox"
"D:\JAKUB\hry\Alien\AVP2Serv.exe"="D:\JAKUB\hry\Alien\AVP2Serv.exe:*:Enabled:AVP2 Stand-Alone Server"
"D:\Documents and Settings\ERELL\temp\TeamViewer\Version4\TeamViewer.exe"="D:\Documents and Settings\ERELL\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"D:\Program Files\TeamViewer\Version4\TeamViewer.exe"="D:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"D:\Documents and Settings\ERELL\Data aplikací\Facebook\facebook.exe"="D:\Documents and Settings\ERELL\Data aplikací\Facebook\facebook.exe:127.0.0.1/255.255.255.255:Enabled:Facebook"
"D:\Program Files\Internet Explorer\iexplore.exe"="D:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\USB Server 2\USB Server.exe"="D:\Program Files\USB Server 2\USB Server.exe:*:Enabled:USB Server"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c4f07aa-3131-11df-868f-0010dca5fabb}]
shell\AutoRun\command - 0
shell\TeamWiever\command - E:\TeamViewer.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d49a1504-1cb0-11df-866e-0010dca5fabb}]
shell\AutoRun\command - 0
shell\TeamWiever\command - E:\TeamViewer.exe
======File associations======
.txt - open - D:\WINDOWS\NOTEPAD.EXE %1
======List of files/folders created in the last 1 months======
2010-05-16 15:43:42 ----D---- D:\rsit
2010-05-12 18:40:11 ----D---- D:\Documents and Settings\All Users\Data aplikací\Google
2010-05-12 18:01:09 ----HDC---- D:\WINDOWS\$NtUninstallKB978542$
2010-05-10 21:25:01 ----D---- D:\Program Files\USB Server 2
2010-05-10 20:39:21 ----D---- D:\Documents and Settings\ERELL\Data aplikací\SendSpace Wizard
2010-05-10 20:38:11 ----D---- D:\Program Files\SendSpace
2010-04-30 21:32:30 ----D---- D:\Program Files\Common Files\Skype
2010-04-28 18:20:46 ----D---- D:\Program Files\VideoConverter
2010-04-26 14:36:05 ----D---- D:\Program Files\TeamViewer
2010-04-26 14:23:12 ----D---- D:\Documents and Settings\ERELL\Data aplikací\TeamViewer
2010-04-23 23:25:32 ----D---- D:\Documents and Settings\All Users\Data aplikací\ScanSoft
2010-04-23 21:37:22 ----D---- D:\Program Files\trend micro
2010-04-23 21:35:53 ----D---- D:\Program Files\Ralink
2010-04-23 21:35:08 ----DC---- D:\WINDOWS\system32\DRVSTORE
2010-04-23 21:35:08 ----A---- D:\WINDOWS\system32\RaCoInst.dll
2010-04-23 21:34:21 ----D---- D:\Documents and Settings\All Users\Data aplikací\Ralink Driver
2010-04-23 21:33:09 ----D---- D:\Documents and Settings\ERELL\Data aplikací\InstallShield
2010-04-21 16:45:49 ----A---- D:\WINDOWS\system32\NCTWMAFile2.dll
2010-04-21 16:45:49 ----A---- D:\WINDOWS\system32\NCTAudioPlayer2.dll
2010-04-21 16:45:49 ----A---- D:\WINDOWS\system32\NCTAudioFile2.dll
2010-04-21 16:44:53 ----D---- D:\Program Files\MP3Converter
2010-04-20 18:04:22 ----D---- D:\WINDOWS\Sun
======List of files/folders modified in the last 1 months======
2010-05-16 15:43:47 ----D---- D:\WINDOWS\Prefetch
2010-05-16 15:16:35 ----D---- D:\WINDOWS\system32\CatRoot2
2010-05-16 15:05:21 ----D---- D:\WINDOWS\Temp
2010-05-16 14:58:34 ----D---- D:\WINDOWS
2010-05-12 18:40:11 ----D---- D:\Program Files\Google
2010-05-12 18:40:08 ----SHD---- D:\WINDOWS\Installer
2010-05-12 18:40:08 ----SD---- D:\WINDOWS\Tasks
2010-05-12 18:06:44 ----D---- D:\Documents and Settings\ERELL\Data aplikací\Orbit
2010-05-12 18:01:38 ----HD---- D:\WINDOWS\inf
2010-05-12 18:01:21 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-05-12 18:01:20 ----D---- D:\WINDOWS\system32
2010-05-12 18:01:20 ----D---- D:\Program Files\Outlook Express
2010-05-12 17:56:11 ----RD---- D:\Program Files
2010-05-12 17:19:41 ----D---- D:\JAKUB
2010-05-12 17:08:50 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-05-12 14:11:58 ----HD---- D:\WINDOWS\$hf_mig$
2010-05-12 14:09:49 ----SD---- D:\Documents and Settings\ERELL\Data aplikací\Microsoft
2010-05-10 21:30:45 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-05-10 21:29:37 ----D---- D:\WINDOWS\system32\drivers
2010-05-10 21:25:07 ----HD---- D:\Program Files\InstallShield Installation Information
2010-05-10 19:08:34 ----D---- D:\Documents and Settings\ERELL\Data aplikací\Skype
2010-05-10 16:03:28 ----D---- D:\Documents and Settings\ERELL\Data aplikací\skypePM
2010-05-07 23:31:03 ----A---- D:\WINDOWS\WINCMD.INI
2010-04-30 21:32:30 ----D---- D:\Program Files\Common Files
2010-04-30 19:51:06 ----A---- D:\WINDOWS\system32\MRT.exe
2010-04-23 21:36:02 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-23 21:33:22 ----A---- D:\WINDOWS\win.ini
2010-04-22 15:04:05 ----A---- D:\WINDOWS\spidla.INI
2010-04-19 17:29:09 ----D---- D:\Program Files\WMA Workshop
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; D:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-04-23 21361]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 MLPTDR_Q;MLPTDR_Q; \??\D:\WINDOWS\system32\MLPTDR_Q.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; D:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; D:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; D:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 EST_BusEnum;Network USB Device Bus; D:\WINDOWS\system32\DRIVERS\GenBus.sys [2009-07-28 27136]
R3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 NUS_Bus;Network USB Server Bus for E2868; D:\WINDOWS\system32\DRIVERS\NUS_Bus.sys [2009-11-09 27392]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 S3SavageNB;S3SavageNB; D:\WINDOWS\system32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
R3 usbhub;Ovladač standardního rozbočovače USB; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 ASPI32;ASPI32; D:\WINDOWS\system32\drivers\ASPI32.sys []
S3 EST_Server;Network USB Device; D:\WINDOWS\system32\DRIVERS\GenHC.sys [2009-10-06 173056]
S3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; D:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; D:\WINDOWS\system32\DRIVERS\rt2870.sys [2008-07-30 619136]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Avast4\ashServ.exe [2009-11-25 138680]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Program Files\Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 RalinkRegistryWriter;Ralink Registry Writer; D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [2008-05-12 69632]
R2 TeamViewer4;TeamViewer 4; D:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-08-24 185640]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
