Vir
Napsal: 13 lis 2010 21:05
Dobrý den,
prosím o radu, vždy po zapnutí internetu je CPU okamžitě na 100% a zřejmě se něco stahuje do PC. Posílám log z RSIT. Předem moc děkuji
Jakub
Logfile of random's system information tool 1.08 (written by random/random)
Run by Kuba at 2010-11-13 20:58:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 27 GB (74%) free of 36 GB
Total RAM: 510 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:52, on 2010-11-13
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\acer\epm\epm-dm.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\DOCUME~1\Kuba\LOCALS~1\Temp\494.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Kuba\Plocha\RSIT.exe
C:\WINDOWS\system32\foucu.exe
C:\Program Files\trend micro\Kuba.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [nossen] C:\WINDOWS\system32\kidassu.exe
O4 - HKLM\..\RunServices: [nossen] C:\WINDOWS\system32\kidassu.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\Kuba\rqf.exe \u
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: 0zvqq6c.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 1j70qqg.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 1qwmhid.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 3gbrsnd.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 5si971f.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 60hc0je.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 70pfl66.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 871uvqq.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 9k1gcs0.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: cyytkkfwwr.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: e1awwriidu.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: ee6qq6cc6.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: g1cyytkk.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: jpplbbxx.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: kfl66c81.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: lbcxd870.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: m91i3jfabg.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: p0lq81cnojp.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: rx70tjp2vl.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: siojzavl.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: sytukglr5i.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: vb5rniy1.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: vvrhhdttpff.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: vwrhidtu.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: w1soojaavm.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: xc871fplg.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: y1uqqlccxo.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: 0zvqq6c.exe (User 'Default user')
O4 - .DEFAULT Startup: 1j70qqg.exe (User 'Default user')
O4 - .DEFAULT Startup: 1qwmhid.exe (User 'Default user')
O4 - .DEFAULT Startup: 3gbrsnd.exe (User 'Default user')
O4 - .DEFAULT Startup: 5si971f.exe (User 'Default user')
O4 - .DEFAULT Startup: 60hc0je.exe (User 'Default user')
O4 - .DEFAULT Startup: 70pfl66.exe (User 'Default user')
O4 - .DEFAULT Startup: 871uvqq.exe (User 'Default user')
O4 - .DEFAULT Startup: 9k1gcs0.exe (User 'Default user')
O4 - .DEFAULT Startup: cyytkkfwwr.exe (User 'Default user')
O4 - .DEFAULT Startup: e1awwriidu.exe (User 'Default user')
O4 - .DEFAULT Startup: ee6qq6cc6.exe (User 'Default user')
O4 - .DEFAULT Startup: g1cyytkk.exe (User 'Default user')
O4 - .DEFAULT Startup: jpplbbxx.exe (User 'Default user')
O4 - .DEFAULT Startup: kfl66c81.exe (User 'Default user')
O4 - .DEFAULT Startup: lbcxd870.exe (User 'Default user')
O4 - .DEFAULT Startup: m91i3jfabg.exe (User 'Default user')
O4 - .DEFAULT Startup: p0lq81cnojp.exe (User 'Default user')
O4 - .DEFAULT Startup: rx70tjp2vl.exe (User 'Default user')
O4 - .DEFAULT Startup: siojzavl.exe (User 'Default user')
O4 - .DEFAULT Startup: sytukglr5i.exe (User 'Default user')
O4 - .DEFAULT Startup: vb5rniy1.exe (User 'Default user')
O4 - .DEFAULT Startup: vvrhhdttpff.exe (User 'Default user')
O4 - .DEFAULT Startup: vwrhidtu.exe (User 'Default user')
O4 - .DEFAULT Startup: w1soojaavm.exe (User 'Default user')
O4 - .DEFAULT Startup: xc871fplg.exe (User 'Default user')
O4 - .DEFAULT Startup: y1uqqlccxo.exe (User 'Default user')
O4 - Startup: 0zvqq6c.exe
O4 - Startup: 1j70qqg.exe
O4 - Startup: 1qwmhid.exe
O4 - Startup: 3gbrsnd.exe
O4 - Startup: 5si971f.exe
O4 - Startup: 60hc0je.exe
O4 - Startup: 70pfl66.exe
O4 - Startup: 871uvqq.exe
O4 - Startup: 9k1gcs0.exe
O4 - Startup: cyytkkfwwr.exe
O4 - Startup: e1awwriidu.exe
O4 - Startup: ee6qq6cc6.exe
O4 - Startup: g1cyytkk.exe
O4 - Startup: jpplbbxx.exe
O4 - Startup: kfl66c81.exe
O4 - Startup: lbcxd870.exe
O4 - Startup: m91i3jfabg.exe
O4 - Startup: p0lq81cnojp.exe
O4 - Startup: rx70tjp2vl.exe
O4 - Startup: siojzavl.exe
O4 - Startup: sytukglr5i.exe
O4 - Startup: vb5rniy1.exe
O4 - Startup: vvrhhdttpff.exe
O4 - Startup: vwrhidtu.exe
O4 - Startup: w1soojaavm.exe
O4 - Startup: xc871fplg.exe
O4 - Startup: y1uqqlccxo.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... 0.31.0.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Blue Coat K9 Web Protection (ei9owe4en5e847ai) - Unknown owner - C:\WINDOWS\system32\rajequupe.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 10883 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EPM-DM"=c:\acer\epm\epm-dm.exe [2005-03-28 188416]
"ePowerManagement"=C:\Acer\ePM\ePM.exe [2005-03-24 2880512]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-13 2176512]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-15 385024]
"EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2004-10-15 356352]
"nossen"=C:\WINDOWS\system32\kidassu.exe [2010-11-13 201216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"MSConfig"=C:\Documents and Settings\Kuba\rqf.exe [2010-11-13 19456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acerWireless]
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe [2004-06-09 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACU]
C:\Program Files\Atheros\ACU.exe [2005-01-31 253952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-04-28 344064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EOUApp]
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2004-10-15 356352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2010-01-27 256280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.1\ICQ.exe [2010-10-27 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-15 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-09-05 319488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-03-29 437584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfFactory Pro Dispatcher v3]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe [2009-03-24 606208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-04-13 3037696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~2.EXE [2007-04-17 614400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]
C:\Documents and Settings\Kuba\Nabídka Start\Programy\Po spuštění
0zvqq6c.exe
1j70qqg.exe
1qwmhid.exe
3gbrsnd.exe
5si971f.exe
60hc0je.exe
70pfl66.exe
871uvqq.exe
9k1gcs0.exe
cyytkkfwwr.exe
e1awwriidu.exe
ee6qq6cc6.exe
g1cyytkk.exe
jpplbbxx.exe
kfl66c81.exe
lbcxd870.exe
m91i3jfabg.exe
p0lq81cnojp.exe
rx70tjp2vl.exe
siojzavl.exe
sytukglr5i.exe
vb5rniy1.exe
vvrhhdttpff.exe
vwrhidtu.exe
w1soojaavm.exe
xc871fplg.exe
y1uqqlccxo.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-04-28 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-10-15 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Documents and Settings\Kuba\Plocha\P17535732.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-11-13 20:52:19 ----A---- C:\WINDOWS\system32\rajequupe.exe
2010-11-13 20:51:25 ----A---- C:\WINDOWS\system32\kidassu.exe
2010-11-13 20:29:28 ----HD---- C:\WINDOWS\PIF
2010-11-13 20:18:03 ----D---- C:\Program Files\trend micro
2010-11-13 20:18:00 ----D---- C:\rsit
2010-11-13 18:40:39 ----A---- C:\Boot.bak
2010-11-13 18:40:34 ----RASHD---- C:\cmdcons
2010-11-13 18:39:13 ----D---- C:\ComboFix
2010-11-13 18:26:09 ----D---- C:\WINDOWS\ERDNT
2010-11-13 18:22:51 ----D---- C:\Qoobox
2010-11-13 16:23:12 ----RSH---- C:\Documents and Settings\Kuba\Data aplikací\juzjf.exe
2010-11-13 16:22:26 ----A---- C:\t6.exe
2010-10-19 21:20:38 ----D---- C:\Program Files\Free MP3 Cutter
2010-10-15 18:39:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-15 18:38:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-15 18:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-15 18:38:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-15 18:37:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-15 18:37:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-15 18:36:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-15 18:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-15 18:30:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
======List of files/folders modified in the last 1 months======
2010-11-13 20:52:19 ----D---- C:\WINDOWS\system32
2010-11-13 20:51:50 ----RSHD---- C:\RECYCLER
2010-11-13 20:51:15 ----D---- C:\Program Files\Crawler
2010-11-13 20:50:15 ----D---- C:\WINDOWS\Prefetch
2010-11-13 20:49:05 ----AD---- C:\WINDOWS\Temp
2010-11-13 20:46:30 ----D---- C:\WINDOWS\system32\drivers
2010-11-13 20:45:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-13 20:45:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-13 20:35:40 ----D---- C:\Program Files\Spyware Terminator
2010-11-13 20:32:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-11-13 20:29:28 ----D---- C:\WINDOWS
2010-11-13 20:18:03 ----RD---- C:\Program Files
2010-11-13 19:21:13 ----D---- C:\temp
2010-11-13 18:57:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2010-11-13 18:40:40 ----RASH---- C:\boot.ini
2010-11-13 16:37:34 ----D---- C:\Documents and Settings\Kuba\Data aplikací\Spyware Terminator
2010-11-10 22:15:40 ----D---- C:\Documents and Settings\Kuba\Data aplikací\ICQ
2010-11-08 20:00:57 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-11-06 20:26:56 ----D---- C:\Program Files\ICQ7.1
2010-10-31 15:50:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-30 12:33:45 ----D---- C:\Program Files\Mozilla Firefox
2010-10-28 16:07:27 ----A---- C:\WINDOWS\system32\pbsvc_heroes.exe
2010-10-28 15:21:08 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-10-25 20:34:46 ----SD---- C:\Documents and Settings\Kuba\Data aplikací\Microsoft
2010-10-24 12:04:16 ----D---- C:\WINDOWS\Debug
2010-10-23 21:18:21 ----SHD---- C:\WINDOWS\Installer
2010-10-16 14:53:21 ----HD---- C:\WINDOWS\inf
2010-10-15 18:39:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-15 18:39:18 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-15 18:38:06 ----D---- C:\WINDOWS\WinSxS
2010-10-15 18:36:04 ----D---- C:\Program Files\Internet Explorer
2010-10-15 18:35:11 ----D---- C:\WINDOWS\ie8updates
2010-10-15 18:31:19 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-04-13 17801]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-10-15 11354]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-04-28 1132544]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-06-25 34048]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-06-25 276480]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2005-09-05 16896]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-01-25 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-01-25 207616]
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-25 703616]
S3 akshasp;Aladdin HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2006-11-22 327168]
S3 aksusb;Aladdin USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2006-11-22 100096]
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM); C:\WINDOWS\system32\drivers\averhbtv.sys [2007-04-30 302848]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 guogwjlu;guogwjlu; \??\C:\WINDOWS\System32\Drivers\guogwjlu.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2004-12-27 36864]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-04-28 364544]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-10-15 86016]
R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2004-10-15 98304]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-04-13 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-11-08 215016]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-10-15 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-10-15 360521]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-13 488960]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ei9owe4en5e847ai;Blue Coat K9 Web Protection; C:\WINDOWS\system32\rajequupe.exe [2010-11-13 201216]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-13 136176]
-----------------EOF-----------------
prosím o radu, vždy po zapnutí internetu je CPU okamžitě na 100% a zřejmě se něco stahuje do PC. Posílám log z RSIT. Předem moc děkuji
Jakub
Logfile of random's system information tool 1.08 (written by random/random)
Run by Kuba at 2010-11-13 20:58:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 27 GB (74%) free of 36 GB
Total RAM: 510 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:52, on 2010-11-13
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\acer\epm\epm-dm.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\DOCUME~1\Kuba\LOCALS~1\Temp\494.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Kuba\Plocha\RSIT.exe
C:\WINDOWS\system32\foucu.exe
C:\Program Files\trend micro\Kuba.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [nossen] C:\WINDOWS\system32\kidassu.exe
O4 - HKLM\..\RunServices: [nossen] C:\WINDOWS\system32\kidassu.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\Kuba\rqf.exe \u
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: 0zvqq6c.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 1j70qqg.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 1qwmhid.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 3gbrsnd.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 5si971f.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 60hc0je.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 70pfl66.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 871uvqq.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: 9k1gcs0.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: cyytkkfwwr.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: e1awwriidu.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: ee6qq6cc6.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: g1cyytkk.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: jpplbbxx.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: kfl66c81.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: lbcxd870.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: m91i3jfabg.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: p0lq81cnojp.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: rx70tjp2vl.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: siojzavl.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: sytukglr5i.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: vb5rniy1.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: vvrhhdttpff.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: vwrhidtu.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: w1soojaavm.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: xc871fplg.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: y1uqqlccxo.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: 0zvqq6c.exe (User 'Default user')
O4 - .DEFAULT Startup: 1j70qqg.exe (User 'Default user')
O4 - .DEFAULT Startup: 1qwmhid.exe (User 'Default user')
O4 - .DEFAULT Startup: 3gbrsnd.exe (User 'Default user')
O4 - .DEFAULT Startup: 5si971f.exe (User 'Default user')
O4 - .DEFAULT Startup: 60hc0je.exe (User 'Default user')
O4 - .DEFAULT Startup: 70pfl66.exe (User 'Default user')
O4 - .DEFAULT Startup: 871uvqq.exe (User 'Default user')
O4 - .DEFAULT Startup: 9k1gcs0.exe (User 'Default user')
O4 - .DEFAULT Startup: cyytkkfwwr.exe (User 'Default user')
O4 - .DEFAULT Startup: e1awwriidu.exe (User 'Default user')
O4 - .DEFAULT Startup: ee6qq6cc6.exe (User 'Default user')
O4 - .DEFAULT Startup: g1cyytkk.exe (User 'Default user')
O4 - .DEFAULT Startup: jpplbbxx.exe (User 'Default user')
O4 - .DEFAULT Startup: kfl66c81.exe (User 'Default user')
O4 - .DEFAULT Startup: lbcxd870.exe (User 'Default user')
O4 - .DEFAULT Startup: m91i3jfabg.exe (User 'Default user')
O4 - .DEFAULT Startup: p0lq81cnojp.exe (User 'Default user')
O4 - .DEFAULT Startup: rx70tjp2vl.exe (User 'Default user')
O4 - .DEFAULT Startup: siojzavl.exe (User 'Default user')
O4 - .DEFAULT Startup: sytukglr5i.exe (User 'Default user')
O4 - .DEFAULT Startup: vb5rniy1.exe (User 'Default user')
O4 - .DEFAULT Startup: vvrhhdttpff.exe (User 'Default user')
O4 - .DEFAULT Startup: vwrhidtu.exe (User 'Default user')
O4 - .DEFAULT Startup: w1soojaavm.exe (User 'Default user')
O4 - .DEFAULT Startup: xc871fplg.exe (User 'Default user')
O4 - .DEFAULT Startup: y1uqqlccxo.exe (User 'Default user')
O4 - Startup: 0zvqq6c.exe
O4 - Startup: 1j70qqg.exe
O4 - Startup: 1qwmhid.exe
O4 - Startup: 3gbrsnd.exe
O4 - Startup: 5si971f.exe
O4 - Startup: 60hc0je.exe
O4 - Startup: 70pfl66.exe
O4 - Startup: 871uvqq.exe
O4 - Startup: 9k1gcs0.exe
O4 - Startup: cyytkkfwwr.exe
O4 - Startup: e1awwriidu.exe
O4 - Startup: ee6qq6cc6.exe
O4 - Startup: g1cyytkk.exe
O4 - Startup: jpplbbxx.exe
O4 - Startup: kfl66c81.exe
O4 - Startup: lbcxd870.exe
O4 - Startup: m91i3jfabg.exe
O4 - Startup: p0lq81cnojp.exe
O4 - Startup: rx70tjp2vl.exe
O4 - Startup: siojzavl.exe
O4 - Startup: sytukglr5i.exe
O4 - Startup: vb5rniy1.exe
O4 - Startup: vvrhhdttpff.exe
O4 - Startup: vwrhidtu.exe
O4 - Startup: w1soojaavm.exe
O4 - Startup: xc871fplg.exe
O4 - Startup: y1uqqlccxo.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... 0.31.0.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Blue Coat K9 Web Protection (ei9owe4en5e847ai) - Unknown owner - C:\WINDOWS\system32\rajequupe.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 10883 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EPM-DM"=c:\acer\epm\epm-dm.exe [2005-03-28 188416]
"ePowerManagement"=C:\Acer\ePM\ePM.exe [2005-03-24 2880512]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-13 2176512]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-15 385024]
"EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2004-10-15 356352]
"nossen"=C:\WINDOWS\system32\kidassu.exe [2010-11-13 201216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"MSConfig"=C:\Documents and Settings\Kuba\rqf.exe [2010-11-13 19456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acerWireless]
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe [2004-06-09 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACU]
C:\Program Files\Atheros\ACU.exe [2005-01-31 253952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-04-28 344064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EOUApp]
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2004-10-15 356352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2010-01-27 256280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.1\ICQ.exe [2010-10-27 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-15 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-09-05 319488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-03-29 437584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfFactory Pro Dispatcher v3]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe [2009-03-24 606208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-04-13 3037696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~2.EXE [2007-04-17 614400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]
C:\Documents and Settings\Kuba\Nabídka Start\Programy\Po spuštění
0zvqq6c.exe
1j70qqg.exe
1qwmhid.exe
3gbrsnd.exe
5si971f.exe
60hc0je.exe
70pfl66.exe
871uvqq.exe
9k1gcs0.exe
cyytkkfwwr.exe
e1awwriidu.exe
ee6qq6cc6.exe
g1cyytkk.exe
jpplbbxx.exe
kfl66c81.exe
lbcxd870.exe
m91i3jfabg.exe
p0lq81cnojp.exe
rx70tjp2vl.exe
siojzavl.exe
sytukglr5i.exe
vb5rniy1.exe
vvrhhdttpff.exe
vwrhidtu.exe
w1soojaavm.exe
xc871fplg.exe
y1uqqlccxo.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-04-28 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-10-15 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Documents and Settings\Kuba\Plocha\P17535732.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-11-13 20:52:19 ----A---- C:\WINDOWS\system32\rajequupe.exe
2010-11-13 20:51:25 ----A---- C:\WINDOWS\system32\kidassu.exe
2010-11-13 20:29:28 ----HD---- C:\WINDOWS\PIF
2010-11-13 20:18:03 ----D---- C:\Program Files\trend micro
2010-11-13 20:18:00 ----D---- C:\rsit
2010-11-13 18:40:39 ----A---- C:\Boot.bak
2010-11-13 18:40:34 ----RASHD---- C:\cmdcons
2010-11-13 18:39:13 ----D---- C:\ComboFix
2010-11-13 18:26:09 ----D---- C:\WINDOWS\ERDNT
2010-11-13 18:22:51 ----D---- C:\Qoobox
2010-11-13 16:23:12 ----RSH---- C:\Documents and Settings\Kuba\Data aplikací\juzjf.exe
2010-11-13 16:22:26 ----A---- C:\t6.exe
2010-10-19 21:20:38 ----D---- C:\Program Files\Free MP3 Cutter
2010-10-15 18:39:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-15 18:38:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-15 18:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-15 18:38:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-15 18:37:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-15 18:37:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-15 18:36:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-15 18:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-15 18:30:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
======List of files/folders modified in the last 1 months======
2010-11-13 20:52:19 ----D---- C:\WINDOWS\system32
2010-11-13 20:51:50 ----RSHD---- C:\RECYCLER
2010-11-13 20:51:15 ----D---- C:\Program Files\Crawler
2010-11-13 20:50:15 ----D---- C:\WINDOWS\Prefetch
2010-11-13 20:49:05 ----AD---- C:\WINDOWS\Temp
2010-11-13 20:46:30 ----D---- C:\WINDOWS\system32\drivers
2010-11-13 20:45:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-13 20:45:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-13 20:35:40 ----D---- C:\Program Files\Spyware Terminator
2010-11-13 20:32:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-11-13 20:29:28 ----D---- C:\WINDOWS
2010-11-13 20:18:03 ----RD---- C:\Program Files
2010-11-13 19:21:13 ----D---- C:\temp
2010-11-13 18:57:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2010-11-13 18:40:40 ----RASH---- C:\boot.ini
2010-11-13 16:37:34 ----D---- C:\Documents and Settings\Kuba\Data aplikací\Spyware Terminator
2010-11-10 22:15:40 ----D---- C:\Documents and Settings\Kuba\Data aplikací\ICQ
2010-11-08 20:00:57 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-11-06 20:26:56 ----D---- C:\Program Files\ICQ7.1
2010-10-31 15:50:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-30 12:33:45 ----D---- C:\Program Files\Mozilla Firefox
2010-10-28 16:07:27 ----A---- C:\WINDOWS\system32\pbsvc_heroes.exe
2010-10-28 15:21:08 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-10-25 20:34:46 ----SD---- C:\Documents and Settings\Kuba\Data aplikací\Microsoft
2010-10-24 12:04:16 ----D---- C:\WINDOWS\Debug
2010-10-23 21:18:21 ----SHD---- C:\WINDOWS\Installer
2010-10-16 14:53:21 ----HD---- C:\WINDOWS\inf
2010-10-15 18:39:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-15 18:39:18 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-15 18:38:06 ----D---- C:\WINDOWS\WinSxS
2010-10-15 18:36:04 ----D---- C:\Program Files\Internet Explorer
2010-10-15 18:35:11 ----D---- C:\WINDOWS\ie8updates
2010-10-15 18:31:19 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-04-13 17801]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-10-15 11354]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-04-28 1132544]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-06-25 34048]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-06-25 276480]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2005-09-05 16896]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-01-25 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-01-25 207616]
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-25 703616]
S3 akshasp;Aladdin HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2006-11-22 327168]
S3 aksusb;Aladdin USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2006-11-22 100096]
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM); C:\WINDOWS\system32\drivers\averhbtv.sys [2007-04-30 302848]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 guogwjlu;guogwjlu; \??\C:\WINDOWS\System32\Drivers\guogwjlu.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2004-12-27 36864]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-04-28 364544]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-10-15 86016]
R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2004-10-15 98304]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-04-13 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-11-08 215016]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-10-15 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-10-15 360521]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-13 488960]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ei9owe4en5e847ai;Blue Coat K9 Web Protection; C:\WINDOWS\system32\rajequupe.exe [2010-11-13 201216]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-13 136176]
-----------------EOF-----------------
. Mockrát děkuji za pomoc