ashServ.exe 100%
Napsal: 18 úno 2010 21:11
Mám takový problém. Pc mi dnes začlo velmi nepříjemně zamrzat klidně i na 2 minuty... Např. po stáhnutí souboru z Firefoxu nebo při rozbalování souborů, filmů atd... Zjistil jsem, že za to může ashServ.exe, který maká na 70-100% klidně. Zde přikládám log
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jára at 2010-02-18 21:11:00
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (59%) free of 38 GB
Total RAM: 2047 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:11:01, on 18.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Programy\Avast\aswUpdSv.exe
D:\Programy\Avast\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Programy\Avast\ashDisp.exe
D:\Programy\MSOffice07\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe
D:\Programy\SPYWAR~1\SpywareTerminatorShield.exe
D:\Programy\adobe\Acrobat\Acrobat_sl.exe
D:\Programy\adobe\Acrobat\Acrotray.exe
D:\Programy\AdobeReader\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\nvsvc32.exe
D:\Programy\Kerio\SbPFLnch.exe
D:\Programy\Kerio\SbPFSvc.exe
D:\Programy\Spyware Terminator\sp_rsser.exe
D:\Programy\Mozilla Firefox\firefox.exe
D:\Programy\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Programy\Avast\ashMaiSv.exe
D:\Programy\Kerio\SbPFCl.exe
D:\Programy\Avast\ashWebSv.exe
D:\Downloads\RSIT.exe
C:\Program Files\trend micro\Jára.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\MSOFFI~1\Office12\GRA8E1~1.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] D:\Programy\Avast\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Programy\MSOffice07\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Programy\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Programy\RivaTuner v2.23\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Programy\adobe\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Programy\adobe\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programy\AdobeReader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MSOFFI~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\MSOFFI~1\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Programy\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Programy\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programy\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Programy\Avast\ashWebSv.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - D:\Programy\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - D:\Programy\Kerio\SbPFLnch.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - D:\Programy\Kerio\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Programy\Spyware Terminator\sp_rsser.exe
O23 - Service: TomTomHOMEService - TomTom - D:\Programy\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 7882 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Programy\MSOFFI~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-27 16844800]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-08-03 1826816]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2007-12-04 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-12-04 81920]
"avast!"=D:\Programy\Avast\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"GrooveMonitor"=D:\Programy\MSOffice07\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SolidWorks_CheckForUpdates"=C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe [2009-03-20 7308584]
"SpywareTerminator"=D:\Programy\SPYWAR~1\SpywareTerminatorShield.exe [2009-11-19 2166784]
"RivaTunerStartupDaemon"=D:\Programy\RivaTuner v2.23\RivaTuner.exe [2009-02-15 2777088]
"Adobe Acrobat Speed Launcher"=D:\Programy\adobe\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
""= []
"Acrobat Assistant 8.0"=D:\Programy\adobe\Acrobat\Acrotray.exe [2008-06-11 640376]
"Adobe Reader Speed Launcher"=D:\Programy\AdobeReader\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Programy\MSOFFI~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\Kerio\SbPFCl.exe"="D:\Programy\Kerio\SbPFCl.exe:*:Enabled:Sunbelt Firewall GUI"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programy\MSOffice07\Office12\OUTLOOK.EXE"="D:\Programy\MSOffice07\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Programy\MSOffice07\Office12\GROOVE.EXE"="D:\Programy\MSOffice07\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Programy\MSOffice07\Office12\ONENOTE.EXE"="D:\Programy\MSOffice07\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Hry\Fifa10\FIFA10.exe"="D:\Hry\Fifa10\FIFA10.exe:*:Enabled:FIFA 10"
"D:\Hry\CMRD2\dirt2_game.exe"="D:\Hry\CMRD2\dirt2_game.exe:*:Enabled:DiRT2"
"D:\Programy\Hamachi\hamachi.exe"="D:\Programy\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"D:\Hry\Skype\Phone\Skype.exe"="D:\Hry\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{174f409d-0cdc-11df-8b32-002215750d0c}]
shell\AutoRun\command - H:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2010-02-18 21:10:31 ----D---- C:\rsit
2010-02-13 19:04:03 ----SHD---- C:\Config.Msi
2010-02-13 18:54:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2010-02-13 18:52:47 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-02-13 18:52:26 ----RA---- C:\WINDOWS\system32\AdobePDFUI.dll
2010-02-13 18:52:26 ----RA---- C:\WINDOWS\system32\AdobePDF.dll
2010-02-13 18:27:35 ----D---- C:\Nová složka
2010-02-13 18:27:26 ----A---- C:\Documents and Settings\All Users\Data aplikací\pdfdoc2.dll
2010-02-13 18:08:47 ----A---- C:\WINDOWS\system32\psconv.ini
2010-02-13 18:08:43 ----D---- C:\WINDOWS\system32\psconv
2010-02-13 18:08:43 ----D---- C:\Program Files\psconvert
2010-02-13 18:00:52 ----A---- C:\WINDOWS\system32\pdfmonnt.dll
2010-02-13 15:32:49 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-13 15:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-13 15:31:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-13 15:31:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-13 15:31:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-13 15:31:03 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-13 15:30:56 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-13 15:30:49 ----A---- C:\WINDOWS\imsins.BAK
2010-02-13 15:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-01-29 18:40:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\TomTom
2010-01-29 18:39:59 ----D---- C:\Documents and Settings\Jára\Data aplikací\TomTom
2010-01-29 18:39:03 ----D---- C:\Program Files\TomTom International B.V
2010-01-29 18:38:10 ----D---- C:\Program Files\TomTom DesktopSuite
2010-01-20 18:02:38 ----D---- C:\Documents and Settings\Jára\Data aplikací\Hamachi
======List of files/folders modified in the last 1 months======
2010-02-18 21:11:00 ----D---- C:\Program Files\trend micro
2010-02-18 21:10:48 ----D---- C:\WINDOWS\Prefetch
2010-02-18 21:07:40 ----D---- C:\WINDOWS\Temp
2010-02-18 21:06:29 ----D---- C:\Documents and Settings\Jára\Data aplikací\IM
2010-02-18 21:05:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-18 19:40:13 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-17 20:28:29 ----D---- C:\Documents and Settings\Jára\Data aplikací\SolidWorks
2010-02-13 19:07:20 ----D---- C:\WINDOWS
2010-02-13 19:04:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-13 19:04:35 ----SHD---- C:\WINDOWS\Installer
2010-02-13 19:04:17 ----D---- C:\Program Files\Common Files\Adobe
2010-02-13 19:03:41 ----D---- C:\WINDOWS\system32
2010-02-13 18:59:50 ----HD---- C:\WINDOWS\inf
2010-02-13 18:52:55 ----D---- C:\Documents and Settings\Jára\Data aplikací\Adobe
2010-02-13 18:52:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-13 18:52:47 ----D---- C:\Program Files\Common Files
2010-02-13 18:47:06 ----RSD---- C:\WINDOWS\Fonts
2010-02-13 18:08:43 ----RD---- C:\Program Files
2010-02-13 18:08:11 ----SD---- C:\Documents and Settings\Jára\Data aplikací\Microsoft
2010-02-13 18:08:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-13 15:32:48 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-13 15:32:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-13 15:32:46 ----D---- C:\WINDOWS\system32\drivers
2010-02-13 15:31:25 ----D---- C:\WINDOWS\Debug
2010-02-03 16:54:43 ----D---- C:\Documents and Settings\Jára\Data aplikací\Spyware Terminator
2010-02-01 23:14:41 ----D---- C:\Documents and Settings\Jára\Data aplikací\Skype
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-22 14:19:16 ----D---- C:\Program Files\Internet Explorer
2010-01-22 14:19:08 ----D---- C:\WINDOWS\ie8updates
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 sensorsview32;sensorsview32; \??\C:\WINDOWS\system32\drivers\sensorsview32.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\System32\DRIVERS\l151x86.sys [2007-11-01 36864]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-01-20 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-10-02 4613120]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-12-04 7435392]
R3 RivaTuner32;RivaTuner32; \??\D:\Programy\RivaTuner v2.23\RivaTuner32.sys []
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\System32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 anedsbz7;anedsbz7; C:\WINDOWS\system32\drivers\anedsbz7.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\JRA~1\LOCALS~1\Temp\WLE2.tmp []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-14 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Programy\Avast\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Programy\Avast\ashServ.exe [2009-11-25 138680]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-12-04 155716]
R2 SbPF.Launcher;SbPF.Launcher; D:\Programy\Kerio\SbPFLnch.exe [2008-10-31 95528]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\Programy\Spyware Terminator\sp_rsser.exe [2009-11-19 488960]
R2 SPF4;Sunbelt Personal Firewall 4; D:\Programy\Kerio\SbPFSvc.exe [2008-10-31 1365288]
R2 TomTomHOMEService;TomTomHOMEService; D:\Programy\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Programy\Avast\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Programy\Avast\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; D:\Programy\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-03-19 83240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-13 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Programy\MSOffice07\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2009-11-19 79360]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jára at 2010-02-18 21:11:00
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (59%) free of 38 GB
Total RAM: 2047 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:11:01, on 18.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Programy\Avast\aswUpdSv.exe
D:\Programy\Avast\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Programy\Avast\ashDisp.exe
D:\Programy\MSOffice07\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe
D:\Programy\SPYWAR~1\SpywareTerminatorShield.exe
D:\Programy\adobe\Acrobat\Acrobat_sl.exe
D:\Programy\adobe\Acrobat\Acrotray.exe
D:\Programy\AdobeReader\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\nvsvc32.exe
D:\Programy\Kerio\SbPFLnch.exe
D:\Programy\Kerio\SbPFSvc.exe
D:\Programy\Spyware Terminator\sp_rsser.exe
D:\Programy\Mozilla Firefox\firefox.exe
D:\Programy\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Programy\Avast\ashMaiSv.exe
D:\Programy\Kerio\SbPFCl.exe
D:\Programy\Avast\ashWebSv.exe
D:\Downloads\RSIT.exe
C:\Program Files\trend micro\Jára.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\MSOFFI~1\Office12\GRA8E1~1.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] D:\Programy\Avast\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Programy\MSOffice07\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Programy\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Programy\RivaTuner v2.23\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Programy\adobe\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Programy\adobe\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programy\AdobeReader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MSOFFI~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\MSOFFI~1\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Programy\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Programy\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programy\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Programy\Avast\ashWebSv.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - D:\Programy\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - D:\Programy\Kerio\SbPFLnch.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - D:\Programy\Kerio\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Programy\Spyware Terminator\sp_rsser.exe
O23 - Service: TomTomHOMEService - TomTom - D:\Programy\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 7882 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Programy\MSOFFI~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-27 16844800]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-08-03 1826816]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2007-12-04 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-12-04 81920]
"avast!"=D:\Programy\Avast\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"GrooveMonitor"=D:\Programy\MSOffice07\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SolidWorks_CheckForUpdates"=C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe [2009-03-20 7308584]
"SpywareTerminator"=D:\Programy\SPYWAR~1\SpywareTerminatorShield.exe [2009-11-19 2166784]
"RivaTunerStartupDaemon"=D:\Programy\RivaTuner v2.23\RivaTuner.exe [2009-02-15 2777088]
"Adobe Acrobat Speed Launcher"=D:\Programy\adobe\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
""= []
"Acrobat Assistant 8.0"=D:\Programy\adobe\Acrobat\Acrotray.exe [2008-06-11 640376]
"Adobe Reader Speed Launcher"=D:\Programy\AdobeReader\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Programy\MSOFFI~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\Kerio\SbPFCl.exe"="D:\Programy\Kerio\SbPFCl.exe:*:Enabled:Sunbelt Firewall GUI"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programy\MSOffice07\Office12\OUTLOOK.EXE"="D:\Programy\MSOffice07\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Programy\MSOffice07\Office12\GROOVE.EXE"="D:\Programy\MSOffice07\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Programy\MSOffice07\Office12\ONENOTE.EXE"="D:\Programy\MSOffice07\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Hry\Fifa10\FIFA10.exe"="D:\Hry\Fifa10\FIFA10.exe:*:Enabled:FIFA 10"
"D:\Hry\CMRD2\dirt2_game.exe"="D:\Hry\CMRD2\dirt2_game.exe:*:Enabled:DiRT2"
"D:\Programy\Hamachi\hamachi.exe"="D:\Programy\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"D:\Hry\Skype\Phone\Skype.exe"="D:\Hry\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{174f409d-0cdc-11df-8b32-002215750d0c}]
shell\AutoRun\command - H:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2010-02-18 21:10:31 ----D---- C:\rsit
2010-02-13 19:04:03 ----SHD---- C:\Config.Msi
2010-02-13 18:54:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2010-02-13 18:52:47 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-02-13 18:52:26 ----RA---- C:\WINDOWS\system32\AdobePDFUI.dll
2010-02-13 18:52:26 ----RA---- C:\WINDOWS\system32\AdobePDF.dll
2010-02-13 18:27:35 ----D---- C:\Nová složka
2010-02-13 18:27:26 ----A---- C:\Documents and Settings\All Users\Data aplikací\pdfdoc2.dll
2010-02-13 18:08:47 ----A---- C:\WINDOWS\system32\psconv.ini
2010-02-13 18:08:43 ----D---- C:\WINDOWS\system32\psconv
2010-02-13 18:08:43 ----D---- C:\Program Files\psconvert
2010-02-13 18:00:52 ----A---- C:\WINDOWS\system32\pdfmonnt.dll
2010-02-13 15:32:49 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-13 15:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-13 15:31:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-13 15:31:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-13 15:31:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-13 15:31:03 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-13 15:30:56 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-13 15:30:49 ----A---- C:\WINDOWS\imsins.BAK
2010-02-13 15:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-01-29 18:40:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\TomTom
2010-01-29 18:39:59 ----D---- C:\Documents and Settings\Jára\Data aplikací\TomTom
2010-01-29 18:39:03 ----D---- C:\Program Files\TomTom International B.V
2010-01-29 18:38:10 ----D---- C:\Program Files\TomTom DesktopSuite
2010-01-20 18:02:38 ----D---- C:\Documents and Settings\Jára\Data aplikací\Hamachi
======List of files/folders modified in the last 1 months======
2010-02-18 21:11:00 ----D---- C:\Program Files\trend micro
2010-02-18 21:10:48 ----D---- C:\WINDOWS\Prefetch
2010-02-18 21:07:40 ----D---- C:\WINDOWS\Temp
2010-02-18 21:06:29 ----D---- C:\Documents and Settings\Jára\Data aplikací\IM
2010-02-18 21:05:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-18 19:40:13 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-17 20:28:29 ----D---- C:\Documents and Settings\Jára\Data aplikací\SolidWorks
2010-02-13 19:07:20 ----D---- C:\WINDOWS
2010-02-13 19:04:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-13 19:04:35 ----SHD---- C:\WINDOWS\Installer
2010-02-13 19:04:17 ----D---- C:\Program Files\Common Files\Adobe
2010-02-13 19:03:41 ----D---- C:\WINDOWS\system32
2010-02-13 18:59:50 ----HD---- C:\WINDOWS\inf
2010-02-13 18:52:55 ----D---- C:\Documents and Settings\Jára\Data aplikací\Adobe
2010-02-13 18:52:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-13 18:52:47 ----D---- C:\Program Files\Common Files
2010-02-13 18:47:06 ----RSD---- C:\WINDOWS\Fonts
2010-02-13 18:08:43 ----RD---- C:\Program Files
2010-02-13 18:08:11 ----SD---- C:\Documents and Settings\Jára\Data aplikací\Microsoft
2010-02-13 18:08:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-13 15:32:48 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-13 15:32:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-13 15:32:46 ----D---- C:\WINDOWS\system32\drivers
2010-02-13 15:31:25 ----D---- C:\WINDOWS\Debug
2010-02-03 16:54:43 ----D---- C:\Documents and Settings\Jára\Data aplikací\Spyware Terminator
2010-02-01 23:14:41 ----D---- C:\Documents and Settings\Jára\Data aplikací\Skype
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-22 14:19:16 ----D---- C:\Program Files\Internet Explorer
2010-01-22 14:19:08 ----D---- C:\WINDOWS\ie8updates
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 sensorsview32;sensorsview32; \??\C:\WINDOWS\system32\drivers\sensorsview32.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\System32\DRIVERS\l151x86.sys [2007-11-01 36864]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-01-20 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-10-02 4613120]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-12-04 7435392]
R3 RivaTuner32;RivaTuner32; \??\D:\Programy\RivaTuner v2.23\RivaTuner32.sys []
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\System32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 anedsbz7;anedsbz7; C:\WINDOWS\system32\drivers\anedsbz7.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\JRA~1\LOCALS~1\Temp\WLE2.tmp []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-14 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Programy\Avast\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Programy\Avast\ashServ.exe [2009-11-25 138680]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-12-04 155716]
R2 SbPF.Launcher;SbPF.Launcher; D:\Programy\Kerio\SbPFLnch.exe [2008-10-31 95528]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\Programy\Spyware Terminator\sp_rsser.exe [2009-11-19 488960]
R2 SPF4;Sunbelt Personal Firewall 4; D:\Programy\Kerio\SbPFSvc.exe [2008-10-31 1365288]
R2 TomTomHOMEService;TomTomHOMEService; D:\Programy\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Programy\Avast\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Programy\Avast\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; D:\Programy\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-03-19 83240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-13 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Programy\MSOffice07\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2009-11-19 79360]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------