VIRY.CZ

Dobry den,
prosim o radu. Po kazdem zapnuti NB se mi rozjede ve spravci uloh proces JQS.EXE tak na dobre 2 minuty. Rozbehne CPU na 100% tzn.ze vse ostatni je dost pibrzdeno. Vim, ze to ma neco spolecneho s Javou, ale nevim, jak se toho zbavit. Prosim o nejakou radu. Dekuji

Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=82743 .

tady je log.. nevim presne, co z toho vypisu vybrat, zkopiroval jsem jej pro jistotu cely..
dekuji

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lukáš Chlachula at 2009-07-19 11:26:34
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 15 GB (16%) free of 95 GB
Total RAM: 1023 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:27:15, on 19.7.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Software\Avast2007\aawservice.exe
C:\Software\Avast\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Software\Avast\ashServ.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Software\ASUSDVD\PDVDServ.exe
C:\Software\Avast\ashDisp.exe
C:\Software\iTunes\iTunesHelper.exe
C:\Software\Postak\Postak.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Software\Eset\nod32kui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Software\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Software\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Software\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Software\Ad-aware 6\Ad-watch.exe
C:\Software\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Software\Avast\ashMaiSv.exe
C:\Software\Avast\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Software\QIP8080\qip.exe
C:\Software\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Lukáš Chlachula.LUKASNOTEBOOK\Plocha\Download\RSIT.exe
C:\Program Files\trend micro\Lukáš Chlachula.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Software\Postak\SRank.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Software\ASUSDVD\PDVDServ.exe
O4 - HKLM\..\Run: [avast!] C:\Software\Avast\ashDisp.exe
O4 - HKLM\..\Run: [Ad-aware] "C:\Software\Ad-aware 6\Ad-aware.exe" +c
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB002" /M "Stylus CX3200"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Software\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SMail] "C:\Software\Postak\Postak.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Software\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Software\SonyEricssonW580i\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Software\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Software\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ad-watch 3.0.lnk = C:\Software\Ad-aware 6\Ad-watch.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Software\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Software\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Software\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Software\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Software\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Software\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Software\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Software\Avast2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Software\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Software\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Software\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Software\Avast\ashWebSv.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Software\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Software\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 9508 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Low Battery Alarm Program.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Software\Postak\SRank.dll [2005-05-17 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-08-29 102400]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-09-23 7286784]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-07-22 81920]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-08-19 737369]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-12 987136]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2005-11-02 180224]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-11-15 196608]
"RemoteControl"=C:\Software\ASUSDVD\PDVDServ.exe [2005-01-12 32768]
"avast!"=C:\Software\Avast\ashDisp.exe [2009-02-05 81000]
"Ad-aware"=C:\Software\Ad-aware 6\Ad-aware.exe [2003-07-12 741888]
"EPSON Stylus CX3200"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-09-23 74752]
"iTunesHelper"=C:\Software\iTunes\iTunesHelper.exe [2007-05-26 257088]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"SMail"=C:\Software\Postak\Postak.exe [2006-05-18 450560]
"WinampAgent"=C:\Software\Winamp\wianmpa.exe []
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2005-06-16 86016]
"Sony Ericsson PC Suite"=C:\Software\SonyEricssonW580i\Application Launcher\Application Launcher.exe [2007-03-28 593920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader\Reader_sl.exe [2009-02-27 35696]
"nod32kui"=C:\Software\Eset\nod32kui.exe [2009-03-31 851968]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"QuickTime Task"=C:\Software\QuickTime\QTTask.exe [2009-01-05 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-12-22 222080]

C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
Microsoft Office.lnk - C:\Microsoft Office\Office\OSA9.EXE

C:\Documents and Settings\Lukáš Chlachula.LUKASNOTEBOOK\Nabídka Start\Programy\Po spuštění
Ad-watch 3.0.lnk - C:\Software\Ad-aware 6\Ad-watch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Software\ICQLite\ICQLite.exe"="C:\Software\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Software\QIP2\qip.exe"="C:\Software\QIP2\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Hry\OpenArena\ioquake3.x86.exe"="C:\Hry\OpenArena\ioquake3.x86.exe:*:Enabled:ioquake3.x86"
"C:\Software\Hamachi\hamachi.exe"="C:\Software\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Hry\Colin\CMR2Network.exe"="C:\Hry\Colin\CMR2Network.exe:*:Enabled:Colin McRae Rally 2"
"C:\Software\QIP8010\QIP\qip.exe"="C:\Software\QIP8010\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Software\Mozilla Firefox\firefox.exe"="C:\Software\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Software\Studio 10\programs\RM.exe"="C:\Software\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Software\Studio 10\programs\Studio.exe"="C:\Software\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Software\Studio 10\programs\PMSRegisterFile.exe"="C:\Software\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Software\Studio 10\programs\umi.exe"="C:\Software\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Software\BitComet\BitComet.exe"="C:\Software\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Software\ICQ6\ICQ.exe"="C:\Software\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Software\QIP8020\QIP\qip.exe"="C:\Software\QIP8020\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Software\Winamp\winamp.exe"="C:\Software\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Octoshape Streaming Services\Lukáš Chlachula\OctoshapeClient.exe"="C:\Program Files\Octoshape Streaming Services\Lukáš Chlachula\OctoshapeClient.exe:*:Enabled:OctoshapeClient"
"C:\Software\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Software\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"C:\Software\iTunes\iTunes.exe"="C:\Software\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{35e524d4-5f6e-11db-9e4d-0018f3321ab4}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{80e5d895-6a94-11db-9e6b-0018f3321ab4}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8626a9a-855b-11dc-a0db-0018f3321ab4}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbde3f88-fcc8-11db-9fbf-0018f3321ab4}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe


======List of files/folders created in the last 1 months======

2009-07-19 11:26:35 ----D---- C:\Program Files\trend micro
2009-07-19 11:26:34 ----D---- C:\rsit
2009-07-18 22:17:41 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Trymedia
2009-07-12 11:31:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-07-12 11:31:19 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-07-12 11:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$

======List of files/folders modified in the last 1 months======

2009-07-19 11:26:42 ----D---- C:\WINDOWS\Temp
2009-07-19 11:26:35 ----RD---- C:\Program Files
2009-07-19 11:26:30 ----D---- C:\WINDOWS\Prefetch
2009-07-19 11:03:45 ----HD---- C:\WINDOWS\inf
2009-07-19 00:52:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-18 22:43:59 ----D---- C:\WINDOWS\system32
2009-07-18 22:43:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-18 22:16:10 ----D---- C:\Hry
2009-07-18 18:32:39 ----D---- C:\Program Files\ICQToolbar
2009-07-18 17:59:51 ----AC---- C:\WINDOWS\WirelessFTP.INI
2009-07-18 10:58:57 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-17 22:40:50 ----D---- C:\Software
2009-07-13 08:58:31 ----D---- C:\WINDOWS
2009-07-12 11:35:26 ----SHD---- C:\WINDOWS\Installer
2009-07-12 11:35:25 ----SHD---- C:\Config.Msi
2009-07-12 11:31:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-12 11:31:31 ----A---- C:\WINDOWS\imsins.BAK
2009-07-12 11:25:27 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-11 00:27:45 ----D---- C:\Documents and Settings\Lukáš Chlachula.LUKASNOTEBOOK\Data aplikací\Skype
2009-07-11 00:06:41 ----D---- C:\Documents and Settings\Lukáš Chlachula.LUKASNOTEBOOK\Data aplikací\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-09-26 286720]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 81920]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225920]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-10-06 15781]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-04 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-07-26 3644032]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 BCM43XX;ASUS 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-06-22 1034752]
R3 HSFHWSIS;HSFHWSIS; C:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys [2005-06-22 216320]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-09-23 3522304]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-10-08 10368]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 SynMini;USB2.0 1.3M Web Cam; C:\WINDOWS\System32\Drivers\SynMini.sys [2005-10-03 720470]
R3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2005-10-03 8278]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-08-19 190912]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-03-30 47230]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 USB_RNDIS;USB Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023k.sys [2002-08-12 11136]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-06-22 716416]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 akvn3wju;akvn3wju; C:\WINDOWS\system32\drivers\akvn3wju.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2007-01-10 15440]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 st3tgbus;st3tgbus; C:\WINDOWS\system32\DRIVERS\st3tgbus.sys [2003-03-12 8640]
S3 st3tiger;st3tiger; C:\WINDOWS\system32\DRIVERS\st3tiger.sys [2003-03-12 99168]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-16 2851]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-07-04 98176]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2005-06-27 53504]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-06 50048]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 aawservice;Ad-Aware 2007 Service; C:\Software\Avast2007\aawservice.exe [2008-01-04 587096]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Software\Avast\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Software\Avast\ashServ.exe [2009-02-05 138680]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [2001-10-25 90112]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 KPF4;Kerio Personal Firewall 4; C:\Software\Kerio\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-04-24 73728]
R2 NOD32krn;NOD32 Kernel Service; C:\Software\Eset\nod32krn.exe [2009-03-31 372736]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-09-23 143428]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Software\Avast\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Software\Avast\ashWebSv.exe [2009-02-05 352920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-05-26 501312]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]

-----------------EOF-----------------

Pár šmejdů tam je. Dejte log z ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe .

Mozna hloupy to dotaz, ale hrozi jeho pouziti nejake poskozeni Win? Ci ztrata dat? Ten problem me zas az tak extremne neomezuje, spise obtezuje.. A navic si ted nemuzu dovolit byt bez jakkoliv funkciho PC.. proto ty obavy..

U zavirovaného PC nikdy nelze zaručit, co se při čištění systému stane. Pokud CF nechcete použít, nenutím vás, můžete použít třeba MBAM: http://www.malwarebytes.org/mbam.php . Neručím ale za to, že se v jeho logu objeví všechny nelegitmní položky.

Dobre, kazdopadne dekuju.. Momnetalne si nemuzu dovolit nic riskovat. Asi tak za mesic (snad) bych to mohl zkusit. To by mel pocitac pro mne "postradatelnejsi". Kazdopadne dekuji za rady, zhruba za mesic se kdyztak znovu ozvu.

Ozvěte. Zatím není zač!

JQS.EXE je Java Quick Starter.

pokud nepouzivas pravidelne javu, tak to vypni v control panels -> Java -> Advanced -> Miscellaneous -> Java Quick Starter

2sheba: Nevím, proč oživujete 3,5 roku mrtvý thread.