VIRY.CZ

prosím o kontrolu logu, dnes ráno mi avast nahlásil podezřelý soubor v local/temp...

LOG:


Logfile of random's system information tool 1.08 (written by random/random)
Run by Baguvix at 2011-03-17 07:06:38
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 576 GB (82%) free of 704 GB
Total RAM: 4094 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:06:41, on 17.3.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\System Protect\SysProtect_Tray.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\PROGRA~2\Crawler\CToolbar.exe
C:\Users\Baguvix\Desktop\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Baguvix.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60049
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\ctbr.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\ctbr.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\ctbr.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BitTorrent] "C:\PROGRA~2\BITTOR~1\BITTOR~1.EXE"
O4 - HKLM\..\Run: [SystemProtect] "C:\Program Files (x86)\System Protect\SysProtect_Tray.exe"
O4 - HKCU\..\Run: [HPADVISOR] c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\ctbr.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Easy Backup Button Service (HPBtnSrv) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - MySQL AB - C:\Program Files (x86)\xamp\xampp\mysql\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: System Protect Deletion Prevention Service (SP_Service) - Xacti Corporation - C:\Program Files (x86)\System Protect\SysProtect_srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10199 bytes

======Scheduled tasks folder======

C:\Windows\tasks\PCDRScheduledMaintenance.job
C:\Windows\tasks\User_Feed_Synchronization-{817A4E78-C655-4E25-830D-119D66B46C9B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~2\Crawler\ctbr.dll [2010-10-14 1252200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~2\Crawler\ctbr.dll [2010-10-14 1252200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"KBD"=C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE [2008-07-21 12288]
"OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2008-10-13 281600]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-01-27 61440]
"HP Health Check Scheduler"=c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04 75016]
"TSMAgent"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2009-04-09 1328424]
"CLMLServer for HP TouchSmart"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-04-09 185640]
"DVDAgent"=c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-03-19 1148200]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SpywareTerminator"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-17 2176512]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"BitTorrent"=C:\PROGRA~2\BITTOR~1\BITTOR~1.EXE [2011-02-18 745848]
"SystemProtect"=C:\Program Files (x86)\System Protect\SysProtect_Tray.exe [2011-02-22 1223680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"=c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-04-04 1644088]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2011-03-17 07:06:38 ----D---- C:\rsit
2011-03-13 08:27:45 ----D---- C:\Users\Baguvix\AppData\Roaming\BitTorrent
2011-03-12 19:15:14 ----D---- C:\ijji
2011-03-12 17:56:39 ----D---- C:\Users\Baguvix\AppData\Roaming\ijjigame
2011-03-12 17:55:02 ----A---- C:\Windows\SysWOW64\ijjiSetup.exe
2011-03-12 17:55:02 ----A---- C:\Windows\SysWOW64\ijjiProcessRestarter.exe
2011-03-12 17:54:57 ----D---- C:\Program Files (x86)\REACTOR
2011-03-10 06:15:48 ----A---- C:\Windows\SysWOW64\shsvcs.dll
2011-03-09 14:31:38 ----A---- C:\Windows\SysWOW64\mstscax.dll
2011-03-09 14:31:37 ----A---- C:\Windows\SysWOW64\mstsc.exe
2011-03-09 14:31:34 ----A---- C:\Windows\SysWOW64\EncDec.dll
2011-03-09 14:31:33 ----A---- C:\Windows\SysWOW64\sbeio.dll
2011-03-09 14:31:33 ----A---- C:\Windows\SysWOW64\sbe.dll
2011-03-05 20:46:50 ----D---- C:\Program Files (x86)\Realtime Worlds
2011-02-23 21:20:46 ----D---- C:\Windows\SysWOW64\WindowsPowerShell
2011-02-23 21:18:30 ----A---- C:\Windows\SysWOW64\winrsmgr.dll
2011-02-23 21:18:19 ----A---- C:\Windows\SysWOW64\wsmplpxy.dll
2011-02-23 21:18:19 ----A---- C:\Windows\SysWOW64\winrssrv.dll
2011-02-23 21:18:11 ----A---- C:\Windows\SysWOW64\pwrshplugin.dll
2011-02-23 21:17:59 ----A---- C:\Windows\SysWOW64\WsmRes.dll
2011-02-23 21:17:58 ----A---- C:\Windows\SysWOW64\wsmprovhost.exe
2011-02-23 21:17:58 ----A---- C:\Windows\SysWOW64\winrshost.exe
2011-02-23 21:17:58 ----A---- C:\Windows\SysWOW64\winrs.exe
2011-02-23 21:17:58 ----A---- C:\Windows\SysWOW64\wevtfwd.dll
2011-02-23 21:17:58 ----A---- C:\Windows\SysWOW64\wecutil.exe
2011-02-23 21:17:58 ----A---- C:\Windows\SysWOW64\wecapi.dll
2011-02-23 21:17:43 ----A---- C:\Windows\SysWOW64\winrm.vbs
2011-02-23 21:17:40 ----A---- C:\Windows\SysWOW64\WsmAuto.dll
2011-02-23 21:17:39 ----A---- C:\Windows\SysWOW64\WsmWmiPl.dll
2011-02-23 21:17:39 ----A---- C:\Windows\SysWOW64\WsmSvc.dll
2011-02-23 21:17:39 ----A---- C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2011-02-23 21:17:39 ----A---- C:\Windows\SysWOW64\WSManHTTPConfig.exe
2011-02-23 21:17:39 ----A---- C:\Windows\SysWOW64\winrscmd.dll
2011-02-22 20:41:30 ----A---- C:\Windows\SysWOW64\drivers\sp_prot.sys
2011-02-22 20:41:28 ----D---- C:\Program Files (x86)\System Protect
2011-02-18 19:27:32 ----D---- C:\Program Files (x86)\BitTorrent

======List of files/folders modified in the last 1 months======

2011-03-17 07:06:40 ----D---- C:\Windows\Temp
2011-03-17 07:06:40 ----D---- C:\Program Files (x86)\trend micro
2011-03-17 07:01:16 ----D---- C:\Program Files (x86)\Crawler
2011-03-17 06:59:35 ----D---- C:\Windows\Prefetch
2011-03-16 22:16:17 ----D---- C:\Program Files (x86)\Metin2
2011-03-16 17:34:43 ----D---- C:\Program Files (x86)\Steam
2011-03-16 17:34:29 ----D---- C:\Users\Baguvix\AppData\Roaming\Skype
2011-03-16 16:00:52 ----D---- C:\Users\Baguvix\AppData\Roaming\skypePM
2011-03-16 14:51:44 ----D---- C:\Program Files (x86)\Common Files\Steam
2011-03-15 21:36:05 ----SHD---- C:\System Volume Information
2011-03-13 16:11:04 ----D---- C:\Windows\SysWOW64\drivers
2011-03-13 12:40:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-03-13 08:27:17 ----RD---- C:\Program Files (x86)
2011-03-13 07:09:39 ----SHD---- C:\Windows\Installer
2011-03-13 07:09:39 ----RD---- C:\Program Files (x86)\Skype
2011-03-13 07:05:32 ----HD---- C:\ProgramData
2011-03-13 07:05:32 ----D---- C:\Windows\SysWOW64
2011-03-12 19:28:01 ----D---- C:\Windows\System32
2011-03-12 19:15:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-03-12 17:55:02 ----SD---- C:\Windows\Downloaded Program Files
2011-03-10 06:27:25 ----D---- C:\Windows\winsxs
2011-03-09 22:47:57 ----D---- C:\Windows\Debug
2011-03-09 22:47:32 ----D---- C:\ProgramData\Microsoft Help
2011-03-09 17:57:31 ----D---- C:\ProgramData\Spyware Terminator
2011-03-09 17:54:37 ----D---- C:\Program Files (x86)\Spyware Terminator
2011-03-09 16:26:32 ----D---- C:\Users\Baguvix\AppData\Roaming\Spyware Terminator
2011-03-06 11:46:02 ----SD---- C:\Users\Baguvix\AppData\Roaming\Microsoft
2011-03-05 21:37:44 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
2011-03-01 07:40:10 ----D---- C:\Windows\inf
2011-02-28 10:00:39 ----D---- C:\Windows
2011-02-24 07:14:06 ----D---- C:\Windows\rescache
2011-02-24 07:10:32 ----D---- C:\Windows\Microsoft.NET
2011-02-24 06:55:19 ----RSD---- C:\Windows\assembly
2011-02-23 21:20:48 ----D---- C:\Windows\SysWOW64\cs-CZ
2011-02-23 21:20:38 ----D---- C:\Windows\PolicyDefinitions
2011-02-20 14:26:49 ----D---- C:\Program Files (x86)\Rockstar Games

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSP;avast! Self Protection; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 AVER_H193;AVerMedia H193 Video Capture; C:\Windows\system32\drivers\AVer888RC_64.sys []
R3 CXCIR;AVerMedia Consumer Infrared Receiver; C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys []
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr28x.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys []
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
R3 X6va005;X6va005; \??\C:\Users\Baguvix\AppData\Local\Temp\0057ACA.tmp []
S1 SRTSP;SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS []
S1 SRTSPX;SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS []
S3 az636nhi;az636nhi; C:\Windows\SysWOW64\drivers\az636nhi.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys []
S3 dump_wmimmc;dump_wmimmc; \??\C:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\EX64.SYS []
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-02 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-02-02 23536]
S3 sp_prot;System Protect Filter Driver; \??\C:\Windows\SysWOW64\drivers\sp_prot.sys [2011-02-22 13312]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys []
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys []
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 X6va001;X6va001; \??\C:\Users\Baguvix\AppData\Local\Temp\0019C0D.tmp []
S3 X6va002;X6va002; \??\C:\Users\Baguvix\AppData\Local\Temp\00250BE.tmp []
S3 X6va003;X6va003; \??\C:\Users\Baguvix\AppData\Local\Temp\00371AB.tmp []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208]
R2 HPBtnSrv;HP Easy Backup Button Service; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-03-17 73728]
R2 MySQL;MySQL; C:\Program Files (x86)\xamp\xampp\mysql\bin\mysqld.exe [2009-12-19 6095504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-07-20 75064]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2010-04-17 488960]
R2 SP_Service;System Protect Deletion Prevention Service; C:\Program Files (x86)\System Protect\SysProtect_srv.exe [2011-02-22 598528]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Norton Internet Security;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 []
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-08-29 3893752]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-12 407336]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------

Zdravim a pekny den preji

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

• Provedte aktualizaci - treti zalozka
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6090

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

17.3.2011 21:27:54
mbam-log-2011-03-17 (21-27-54).txt

Typ kontroly: Úplný test (C:\|)
Testované objekty: 408688
Uplynulý čas: 1 hodin, 18 minut, 50 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Sam vidite, ze PC je ciste

ale to nedává smysl, tak čím to může být? avast mě také upozornil že to může být falešná detekce ale nikdy předtím se mi tato tabulka neoběvila, je možné že za to může autoclicker?

Havet mohla byt v tempu, to nevylucuji, ovsem TFC tempy vycistilo, proto MBAM nic nenasel...

dobře tak já teda děkuji a nashledanou , kdyby nastaly ještě nějaké potíže, ještě se ozvu

Nemate zac, rad jsem pomohl Zase nekdy