Pomalý internet , atd.

[STAR]

Logfile of random's system information tool 1.09 (written by random/random)
Run by jaaaroy at 2011-08-04 14:09:07
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 58 GB (44%) free of 131 GB
Total RAM: 1023 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:09:15, on 4.8.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.5.3.949\Badoo.Desktop.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\jaaaroy\Dokumenty\RSIT.exe
C:\Program Files\trend micro\jaaaroy.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKCU\..\Run: [Badoo Desktop] "C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.5.3.949\Badoo.Desktop.exe"
O4 - HKUS\S-1-5-21-1004336348-1417001333-839522115-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 5287 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\jaaaroy\Data aplikací\Mozilla\Firefox\Profiles\5tvjx04u.default

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-03 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-25 13895272]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-05 1632360]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Badoo Desktop"=C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.5.3.949\Badoo.Desktop.exe [2011-06-07 1017344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\SG Interactive\Project Blackout\PBlackout.exe"="C:\SG Interactive\Project Blackout\PBlackout.exe:*:Enabled:PBlackout"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\NeutronGames\HC Trainingscamp\HCTrainingscamp.exe"="C:\Program Files\NeutronGames\HC Trainingscamp\HCTrainingscamp.exe:*:Enabled:HC Trainingscamp"
"C:\Program Files\NeutronGames\HC Trainingscamp\updater\Updater.exe"="C:\Program Files\NeutronGames\HC Trainingscamp\updater\Updater.exe:*:Enabled:HC Updater"
"C:\Program Files\Marble Arena\bin\arena.exe"="C:\Program Files\Marble Arena\bin\arena.exe:*:Enabled:arena"
"C:\Program Files\BlastShark\hellgate\BlastShark.exe"="C:\Program Files\BlastShark\hellgate\BlastShark.exe:*:Enabled:hellgate"
"C:\cs\hl.exe"="C:\cs\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe"="C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Petroglyph\Rise of Immortals\RoIClientR.exe"="C:\Program Files\Petroglyph\Rise of Immortals\RoIClientR.exe:*:Enabled:Rise of Immortals"
"C:\Program Files\Steam\steamapps\jarous1337\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\jarous1337\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm"
"C:\Program Files\Steam\steamapps\jarous1337\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\jarous1337\day of defeat source\hl2.exe:*:Enabled:Day of Defeat: Source"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\steamapps\jarous1337\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\jarous1337\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"VIDC.VP40"=vp4vfw.dll
"msacm.voxacm160"=vct3216.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"midi1"=wdmaud.drv
"vidc.VP70"=vp7vfw.dll
"vidc.X264"=x264vfw.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"vidc.DIVX"=DivX.dll
"VIDC.DRAW"=DVIDEO.DLL
"midi2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.MSUD"=msulvc05.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-07-25 10:19:10 ----D---- C:\Documents and Settings\jaaaroy\Data aplikací\Opera
2011-07-25 10:18:53 ----D---- C:\Program Files\Opera
2011-07-25 00:09:22 ----D---- C:\Documents and Settings\jaaaroy\Data aplikací\TeamViewer
2011-07-24 18:45:40 ----D---- C:\Program Files\GameSpy Arcade
2011-07-24 18:39:05 ----D---- C:\Program Files\2015
2011-07-24 15:00:17 ----D---- C:\Documents and Settings\jaaaroy\Data aplikací\BlackBean
2011-07-24 14:41:00 ----A---- C:\WINDOWS\system32\drivers\papyjoy.sys
2011-07-24 14:41:00 ----A---- C:\WINDOWS\system32\drivers\papycpu2.sys
2011-07-24 14:39:43 ----D---- C:\Papyrus
2011-07-24 14:38:46 ----A---- C:\WINDOWS\Sierra.ini
2011-07-24 02:58:20 ----D---- C:\Program Files\PokerStars
2011-07-24 01:25:09 ----D---- C:\Documents and Settings\jaaaroy\Data aplikací\SGTY
2011-07-24 01:22:48 ----D---- C:\Documents and Settings\jaaaroy\Data aplikací\Realm of the Titans
2011-07-24 01:19:07 ----D---- C:\AeriaGames
2011-07-18 13:29:11 ----SHD---- C:\RECYCLER
2011-07-18 13:15:44 ----D---- C:\WINDOWS\system32\appmgmt
2011-07-15 19:09:34 ----D---- C:\Program Files\Petroglyph
2011-07-13 12:39:17 ----A---- C:\ComboFix.txt
2011-07-13 12:33:44 ----D---- C:\WINDOWS\temp
2011-07-13 11:38:12 ----A---- C:\WINDOWS\zip.exe
2011-07-13 11:38:12 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-07-13 11:38:12 ----A---- C:\WINDOWS\SWSC.exe
2011-07-13 11:38:12 ----A---- C:\WINDOWS\SWREG.exe
2011-07-13 11:38:12 ----A---- C:\WINDOWS\sed.exe
2011-07-13 11:38:12 ----A---- C:\WINDOWS\PEV.exe
2011-07-13 11:38:12 ----A---- C:\WINDOWS\NIRCMD.exe
2011-07-13 11:38:12 ----A---- C:\WINDOWS\MBR.exe
2011-07-13 11:38:12 ----A---- C:\WINDOWS\grep.exe
2011-07-13 11:38:07 ----D---- C:\WINDOWS\ERDNT
2011-07-13 11:38:04 ----D---- C:\Qoobox
2011-07-13 11:21:40 ----D---- C:\Program Files\trend micro
2011-07-13 11:21:39 ----D---- C:\rsit
2011-07-12 06:03:56 ----N---- C:\WINDOWS\system32\iyvu9_32.dll
2011-07-12 06:03:56 ----N---- C:\WINDOWS\system32\iacenc.dll
2011-07-12 05:42:43 ----D---- C:\Program Files\Activision Value
2011-07-11 04:54:21 ----D---- C:\Diablo
2011-07-11 04:54:21 ----A---- C:\WINDOWS\bnetunin.exe
2011-07-11 04:01:13 ----D---- C:\Program Files\Team Exyhodu
2011-07-11 03:43:00 ----A---- C:\Documents and Settings\jaaaroy\Data aplikací\temp4876969.txt
2011-07-11 03:42:55 ----RSHD---- C:\Documents and Settings\jaaaroy\Data aplikací\dll
2011-07-10 22:03:57 ----D---- C:\Program Files\Amnesia - The Dark Descent
2011-07-10 20:28:47 ----D---- C:\Program Files\Grand Theft Auto
2011-07-10 19:20:20 ----HD---- C:\WINDOWS\PIF
2011-07-10 19:19:14 ----D---- C:\hry
2011-07-10 19:15:58 ----D---- C:\Program Files\PowerISO
2011-07-09 14:39:06 ----A---- C:\WINDOWS\system32\SHORTCUT.INI
2011-07-09 14:39:00 ----A---- C:\WINDOWS\system32\REMOTEDEVICE.INI
2011-07-09 14:34:20 ----A---- C:\WINDOWS\system32\LOCALSERVICE.INI
2011-07-09 14:34:17 ----A---- C:\WINDOWS\system32\LOCALDEVICE.INI
2011-07-09 14:31:43 ----A---- C:\WINDOWS\system32\BSPRINT.INI
2011-07-09 14:30:38 ----D---- C:\Program Files\IVT Corporation
2011-07-09 01:40:14 ----D---- C:\Program Files\Empire Interactive
2011-07-07 00:27:00 ----D---- C:\Documents and Settings\jaaaroy\Data aplikací\vlc
2011-07-07 00:18:51 ----D---- C:\Program Files\VideoLAN

======List of files/folders modified in the last 1 month======

2011-08-04 14:09:10 ----D---- C:\WINDOWS\Prefetch
2011-08-04 11:39:18 ----D---- C:\Program Files\World of Warcraft
2011-08-04 11:31:00 ----D---- C:\Program Files\Common Files\Akamai
2011-08-04 11:30:54 ----A---- C:\WINDOWS\system32\bscs.ini
2011-08-04 01:46:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-03 13:16:57 ----D---- C:\WINDOWS
2011-08-02 18:52:32 ----D---- C:\Program Files\Steam
2011-08-02 18:50:20 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-27 22:13:18 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-27 22:12:35 ----D---- C:\Documents and Settings\jaaaroy\Data aplikací\uTorrent
2011-07-27 22:12:35 ----D---- C:\Documents and Settings\jaaaroy\Data aplikací\TS3Client
2011-07-27 22:12:15 ----D---- C:\WINDOWS\Logs
2011-07-27 22:12:14 ----D---- C:\WINDOWS\Minidump
2011-07-25 10:18:53 ----RD---- C:\Program Files
2011-07-24 20:30:45 ----D---- C:\WINDOWS\system32
2011-07-24 15:10:27 ----SHD---- C:\WINDOWS\Installer
2011-07-24 14:41:00 ----D---- C:\WINDOWS\system32\drivers
2011-07-24 06:14:29 ----D---- C:\Program Files\Trillian
2011-07-24 01:22:29 ----HD---- C:\WINDOWS\msdownld.tmp
2011-07-24 01:22:19 ----HD---- C:\WINDOWS\inf
2011-07-24 01:22:19 ----D---- C:\WINDOWS\system32\DirectX
2011-07-24 01:22:15 ----D---- C:\WINDOWS\WinSxS
2011-07-19 00:56:21 ----D---- C:\Program Files\Common Files\Steam
2011-07-18 23:58:10 ----D---- C:\Program Files\OpenAL
2011-07-18 23:58:10 ----D---- C:\Program Files\Comodo
2011-07-18 13:25:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-18 13:24:31 ----D---- C:\SG Interactive
2011-07-18 13:24:19 ----SD---- C:\WINDOWS\Tasks
2011-07-18 13:23:12 ----D---- C:\Program Files\Marble Arena
2011-07-18 13:14:54 ----D---- C:\cs
2011-07-13 23:01:21 ----RSD---- C:\WINDOWS\Fonts
2011-07-13 12:37:18 ----A---- C:\WINDOWS\system.ini
2011-07-13 12:37:10 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-13 12:33:55 ----D---- C:\WINDOWS\system32\config
2011-07-13 12:32:21 ----D---- C:\WINDOWS\AppPatch
2011-07-13 12:32:18 ----D---- C:\Program Files\Common Files
2011-07-13 01:24:53 ----D---- C:\Games
2011-07-11 02:25:46 ----D---- C:\Temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-01-07 20744]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0x01000000 papycpu2;papycpu2; C:\WINDOWS\System32\DRIVERS\papycpu2.sys [2003-01-17 1984]
R0x01000000 papyjoy;papyjoy; C:\WINDOWS\System32\DRIVERS\papyjoy.sys [2003-01-17 1856]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2009-01-03 39304]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2004-11-29 1337850]
R3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-05-25 12753664]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2007-02-06 90880]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2011-01-15 30208]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2009-01-08 31880]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2008-11-25 33800]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2008-11-25 27528]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2008-12-07 14088]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-17 274304]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-11-29 55320]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-10-14 32000]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2008-01-21 14856]
S3 XDva380;XDva380; \??\C:\WINDOWS\system32\XDva380.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2009-02-27 850432]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2009-02-27 143467]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2004-11-29 254007]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-07-03 153376]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-25 154728]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-06-13 75136]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-06-13 189248]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2009-02-27 98407]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-07-13 411432]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Roli]

Zdravím, v první řadě nevidím žádný antivir tak že by to chtělo napravit.

Dále doinstalovat Service Pack 3

Tohle fixni v HJT :

O4 - HKCU\..\Run: [Badoo Desktop] "C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.5.3.949\Badoo.Desktop.exe"
O4 - HKUS\S-1-5-21-1004336348-1417001333-839522115-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

HJT najdeš zde :

C:\Program Files\trend micro\jaaaroy.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj Badoo Desktop


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[STAR]

ttp://www.sendspace.com/file/mm2ngl

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
c:\windows\system32\SETB62.tmp
c:\windows\system32\SETB49.tmp
c:\windows\system32\SETB43.tmp
c:\windows\system32\SET97A.tmp
c:\windows\system32\SET7FB.tmp
c:\windows\system32\SET68B.tmp
c:\windows\system32\SET68D.tmp
c:\windows\system32\SET68A.tmp
c:\windows\005353_.tmp

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci