VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

CPU 99%, zpomalení počítače při startu

https://forum.viry.cz:443/viewtopic.php?t=96675

Stránka 1 z 1

CPU 99%, zpomalení počítače při startu

Napsal: 24 led 2010 09:19
od tomaspar
po startu počítač zatuhne zhruba na 10 minut, nejde nic spustit, ani zmačknout START, po cca 10 minutách už vše funguje
log:

ComboFix 10-01-23.03 - Toma 24.01.2010 9:08.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3006.2186 [GMT 1:00]
Spuštěný z: c:\documents and settings\Toma\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100123-2] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ICQ6.5\ICQLRun.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-24 do 2010-01-24 )))))))))))))))))))))))))))))))
.

2010-01-23 23:17 . 2010-01-23 23:17 -------- d-----w- c:\windows\LastGood
2010-01-23 21:51 . 2008-04-13 18:40 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-01-23 21:51 . 2008-04-13 18:40 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-01-23 21:51 . 2008-04-13 18:41 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-01-23 21:51 . 2008-04-13 18:41 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-01-23 21:50 . 2008-04-13 18:40 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-01-23 21:50 . 2008-04-13 18:40 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-01-23 21:46 . 2010-01-23 21:46 116 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2010-01-23 21:34 . 2010-01-23 21:34 -------- d-----w- c:\program files\Alternate
2010-01-23 21:20 . 2010-01-23 21:20 -------- d-----w- c:\windows\Logs
2009-12-28 11:22 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-24 08:12 . 2009-03-19 19:14 -------- d-----w- c:\program files\ICQ6.5
2010-01-23 23:25 . 2009-12-07 12:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-23 23:22 . 2009-06-05 09:57 -------- d-----w- c:\program files\trend micro
2010-01-23 08:50 . 2007-05-12 05:33 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-01-22 07:31 . 2008-04-30 06:41 -------- d-----w- c:\program files\StarMoney 6.0 S-Edition
2010-01-14 12:45 . 2009-06-11 11:24 -------- d-----w- c:\program files\OpenOffice.org 3
2010-01-11 11:21 . 2009-08-03 18:32 -------- d-----w- c:\program files\DVBT
2010-01-11 09:16 . 2007-05-12 17:49 -------- d-----w- c:\program files\DreamCom
2010-01-07 15:07 . 2009-12-07 12:57 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-07 12:57 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-07 10:13 . 2007-05-11 23:26 -------- d-----w- c:\program files\totalcmd
2009-12-21 19:08 . 2010-01-23 23:16 916480 ----a-w- c:\windows\system32\SET16.tmp
2009-12-21 19:08 . 2010-01-23 23:16 1208832 ----a-w- c:\windows\system32\SET17.tmp
2009-12-21 19:08 . 2010-01-23 23:16 5942784 ----a-w- c:\windows\system32\SET19.tmp
2009-12-21 19:08 . 2010-01-23 23:16 594432 ----a-w- c:\windows\system32\SET1B.tmp
2009-12-21 19:08 . 2010-01-23 23:16 1985536 ----a-w- c:\windows\system32\SET1E.tmp
2009-12-21 19:08 . 2010-01-23 23:16 55296 ----a-w- c:\windows\system32\SET1A.tmp
2009-12-21 19:08 . 2010-01-23 23:15 11070464 ----a-w- c:\windows\system32\SET20.tmp
2009-12-20 07:57 . 2009-12-11 12:28 -------- d-----w- c:\program files\Spyware Terminator
2009-12-17 17:01 . 2009-07-24 16:58 -------- d-----w- c:\program files\Google
2009-12-12 10:04 . 2007-05-11 17:16 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-11 12:40 . 2007-10-11 08:28 -------- d-----w- c:\program files\Total Video Converter
2009-12-11 12:28 . 2009-12-11 12:28 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-12-07 17:21 . 2007-05-12 00:03 -------- d-----w- c:\program files\Opera
2009-12-07 15:54 . 2001-10-25 14:00 60244 ----a-w- c:\windows\system32\perfc005.dat
2009-12-07 15:54 . 2001-10-25 14:00 334410 ----a-w- c:\windows\system32\perfh005.dat
2009-12-07 12:51 . 2009-12-07 12:51 -------- d-----w- c:\program files\CCleaner
2009-12-07 11:34 . 2007-05-11 17:03 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-07 11:34 . 2007-05-11 17:03 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-07 08:43 . 2009-12-07 08:43 -------- d-----w- c:\program files\Common Files\ATI Technologies
2009-12-07 08:41 . 2009-12-07 08:37 -------- d-----w- c:\program files\ATI Technologies
2009-12-01 21:16 . 2009-12-01 21:16 -------- d-----w- c:\program files\ATI
2009-11-26 15:22 . 2009-12-07 07:44 95360 ----a-w- C:\atapi.sys
2009-11-24 23:54 . 2007-05-11 23:24 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2007-05-11 23:24 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2007-05-11 23:24 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2007-05-11 23:24 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2007-05-11 23:24 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2007-05-11 23:24 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2004-08-17 13:49 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:43 . 2004-08-17 13:49 916480 ------w- c:\windows\system32\wininet.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpeedswitchXP"="c:\program files\SpeedswitchXP\SpeedswitchXP.exe" [2006-07-14 626688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"NWTRAY"="NWTRAY.EXE" [2002-03-12 28672]
"StartupDelayer"="c:\program files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe" [2007-12-14 44032]
"boincmgr"="c:\program files\BOINC\boincmgr.exe" [2008-12-09 4289280]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2008-12-09 58112]
"ComplexWebServer"="c:\complexwebserver\bin\ServiceDirect.exe" [2006-09-17 686080]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-1-17 618557]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"CompatibleRUPSecurity"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwv1_0

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ISUSPM"="c:\documents and settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
"H/PC Connection Agent"="c:\progra~1\MICROS~3\wcescomm.exe"
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\www.cproxy.com\\CPROXY.exe"=
"c:\\Program Files\\WinProxy\\WinProxy.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Mirandapack\\miranda32.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Maxthon2\\Modules\\MxDownloader\\MxDownloadServer.exe"=
"c:\\Program Files\\Serv-U\\ServUDaemon.exe"=
"c:\\Program Files\\quake\\quake3.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\DreamCom\\DreamCom.exe"=
"c:\\Program Files\\CREEO\\IcyTV Trial\\IcyTV.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\ComplexWebServer\\apache\\bin\\Apache.exe"=
"c:\\ComplexWebServer\\Free SMTP Server\\localsrv.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Documents and Settings\\Toma\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5551:TCP"= 5551:TCP:tor
"5551:UDP"= 5551:UDP:tor

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [1.4.2008 22:49 114768]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [14.6.2006 20:44 93824]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [11.12.2009 13:28 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.4.2008 22:49 20560]
R2 CWS_Apache_80;CWS_Apache_80;c:\complexwebserver\apache\bin\Apache.exe [25.11.2009 10:44 20541]
S2 CWS_MySQL_3306;CWS_MySQL_3306;c:\complexwebserver\mysql\bin\mysqld-nt.exe --defaults-file=c:\complexwebserver\mysql\conf\mysqld.conf CWS_MySQL_3306 --> c:\complexwebserver\mysql\bin\mysqld-nt.exe --defaults-file=c:\complexwebserver\mysql\conf\mysqld.conf CWS_MySQL_3306 [?]
S2 PHPGeekUtil;PHPGeekUtil;"c:\apache\APACHE.EXE" --ntservice --> c:\apache\APACHE.EXE [?]
S2 SchnapperPro-TimeSync;SchnapperPro-TimeSync;c:\program files\SchnapperPro\TimeSync.exe [8.6.2007 20:24 45664]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-24 c:\windows\Tasks\User_Feed_Synchronization-{C1F1278D-B225-4179-8644-2D05FDE0C695}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: &Preispiratensuche nach markiertem Text - c:\\Program Files\\Preispiraten6\\preispiraten.html
IE: An SchnapperPro senden - c:\program files\SchnapperPro\SchnapperProMenu.js
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Zobrazit originál - c:\program files\www.cproxy.com\original.htm
IE: Zobrazit vše jako originál - c:\program files\www.cproxy.com\originalAll.htm
FF - ProfilePath - c:\documents and settings\Toma\Data aplikací\Mozilla\Firefox\Profiles\navewi7e.default\
FF - component: c:\documents and settings\Toma\Data aplikací\Mozilla\Firefox\Profiles\navewi7e.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: c:\documents and settings\Toma\Data aplikací\Mozilla\Firefox\Profiles\navewi7e.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayAccessComponent.dll
FF - component: c:\documents and settings\Toma\Data aplikací\Mozilla\Firefox\Profiles\navewi7e.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayShortcutMaker.dll
FF - component: c:\documents and settings\Toma\Data aplikací\Mozilla\Firefox\Profiles\navewi7e.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: capability.policy.policynames - allowclipboard
FF - user.js: capability.policy.allowclipboard.sites - hxxp://www.motocheb.cz http://www.motogaraz.cz
FF - user.js: capability.policy.allowclipboard.Clipboard.cutcopy - allAccess
FF - user.js: capability.policy.allowclipboard.Clipboard.paste - allAccess
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-24 09:13
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1112)
c:\windows\system32\NETWIN32.DLL
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-24 09:15:42
ComboFix-quarantined-files.txt 2010-01-24 08:15
ComboFix2.txt 2010-01-24 07:55
ComboFix3.txt 2009-12-07 08:15

Před spuštěním: 5 200 437 248
Po spuštění: 5 179 138 048

- - End Of File - - CF12060E91DFEB055D4A0DB97D80B62A

Re: CPU 99%, zpomalení počítače při startu

Napsal: 24 led 2010 09:54
od tomaspar
log z RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Toma at 2010-01-24 09:49:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (4%) free of 114 GB
Total RAM: 3006 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:49:29, on 24.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\ComplexWebServer\apache\bin\apache.exe
C:\ComplexWebServer\mysql\bin\mysqld-nt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\ComplexWebServer\apache\bin\apache.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe
C:\Program Files\SpeedswitchXP\SpeedswitchXP.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\www.cproxy.com\cproxy.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\nbstat\nbstat.exe
D:\RSIT.exe
C:\Program Files\trend micro\Toma.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:9000
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe"
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [SpeedswitchXP] C:\Program Files\SpeedswitchXP\SpeedswitchXP.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CCC.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Preispiratensuche nach markiertem Text - C:\\Program Files\\Preispiraten6\\preispiraten.html
O8 - Extra context menu item: An SchnapperPro senden - C:\Program Files\SchnapperPro\SchnapperProMenu.js
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\www.cproxy.com\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\www.cproxy.com\originalAll.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: SchnapperPro - {D6243B39-211B-440E-B4C5-26D2A579CAC8} - C:\Program Files\SchnapperPro\SchnapperPro.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.cz/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9592629328
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: CWS_Apache_80 - Apache Software Foundation - C:\ComplexWebServer\apache\bin\apache.exe
O23 - Service: CWS_MySQL_3306 - Unknown owner - C:\ComplexWebServer\mysql\bin\mysqld-nt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SchnapperPro-TimeSync - Schnapper-Software Robert Beer - C:\Program Files\SchnapperPro\TimeSync.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: wampapache - Unknown owner - c:\wamp\bin\apache\apache2.0.63\bin\Apache.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe (file missing)

--
End of file - 9319 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{C1F1278D-B225-4179-8644-2D05FDE0C695}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-12 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-12 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"NWTRAY"=C:\WINDOWS\system32\NWTRAY.EXE [2002-03-12 28672]
"StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe [2007-12-14 44032]
"ATICCC"=c:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpeedswitchXP"=C:\Program Files\SpeedswitchXP\SpeedswitchXP.exe [2006-07-14 626688]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Documents and Settings\Toma\Nabídka Start\Programy\Po spuštění
CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-02-12 190976]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwv1_0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"CompatibleRUPSecurity"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"_NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\www.cproxy.com\CPROXY.exe"="C:\Program Files\www.cproxy.com\CPROXY.exe:*:Enabled:CPROXY.com"
"C:\Program Files\WinProxy\WinProxy.exe"="C:\Program Files\WinProxy\WinProxy.exe:*:Enabled:WinProxy Internet server"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Mirandapack\miranda32.exe"="C:\Program Files\Mirandapack\miranda32.exe:*:Enabled:Miranda IM"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe"="C:\Program Files\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe:*:Enabled:MxDownloadServer"
"C:\Program Files\Serv-U\ServUDaemon.exe"="C:\Program Files\Serv-U\ServUDaemon.exe:*:Enabled:FTP Serv-U Daemon"
"C:\Program Files\quake\quake3.exe"="C:\Program Files\quake\quake3.exe:*:Enabled:quake3"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\DreamCom\DreamCom.exe"="C:\Program Files\DreamCom\DreamCom.exe:*:Enabled:DreamCom"
"C:\Program Files\CREEO\IcyTV Trial\IcyTV.exe"="C:\Program Files\CREEO\IcyTV Trial\IcyTV.exe:*:Enabled:Watch digital television"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\ComplexWebServer\apache\bin\Apache.exe"="C:\ComplexWebServer\apache\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\ComplexWebServer\Free SMTP Server\localsrv.exe"="C:\ComplexWebServer\Free SMTP Server\localsrv.exe:*:Enabled:localsrv"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Toma\temp\TeamViewer\Version5\TeamViewer.exe"="C:\Documents and Settings\Toma\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-01-24 09:49:18 ----D---- C:\rsit
2010-01-24 09:29:15 ----SHD---- C:\RECYCLER
2010-01-24 09:19:51 ----D---- C:\combofix
2010-01-24 09:15:42 ----A---- C:\ComboFix.txt
2010-01-24 08:39:18 ----D---- C:\Qoobox
2010-01-24 00:46:44 ----D---- C:\WINDOWS\pss
2010-01-23 22:46:34 ----A---- C:\WINDOWS\system32\fjhdyfhsn.bat
2010-01-23 22:34:13 ----D---- C:\Documents and Settings\Toma\Data aplikací\Alternate
2010-01-23 22:34:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alternate
2010-01-23 22:34:09 ----D---- C:\Program Files\Alternate
2010-01-23 22:20:30 ----D---- C:\WINDOWS\Logs
2010-01-14 13:49:09 ----D---- C:\Documents and Settings\Toma\Data aplikací\OpenOffice.org
2010-01-13 16:06:38 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-30 16:22:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\NOS
2009-12-30 12:20:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$

======List of files/folders modified in the last 1 months======

2010-01-24 09:49:20 ----D---- C:\Program Files\trend micro
2010-01-24 09:47:54 ----D---- C:\WINDOWS\Temp
2010-01-24 09:47:41 ----D---- C:\WINDOWS
2010-01-24 09:47:40 ----A---- C:\WINDOWS\wincmd.ini
2010-01-24 09:43:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\BOINC
2010-01-24 09:25:16 ----D---- C:\Documents and Settings\Toma\Data aplikací\Spyware Terminator
2010-01-24 09:23:17 ----D---- C:\Program Files\Mozilla Firefox
2010-01-24 09:21:35 ----D---- C:\WINDOWS\system32
2010-01-24 09:20:20 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-01-24 09:20:17 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-24 09:13:17 ----A---- C:\WINDOWS\system.ini
2010-01-24 09:12:57 ----D---- C:\Program Files\ICQ6.5
2010-01-24 09:11:24 ----D---- C:\WINDOWS\system32\drivers
2010-01-24 09:11:24 ----D---- C:\WINDOWS\AppPatch
2010-01-24 09:11:21 ----D---- C:\Program Files\Common Files
2010-01-24 09:00:22 ----D---- C:\vymaz
2010-01-24 08:49:11 ----D---- C:\Program Files
2010-01-24 08:39:18 ----D---- C:\WINDOWS\Prefetch
2010-01-24 00:45:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-01-24 00:44:31 ----D---- C:\WINDOWS\Debug
2010-01-24 00:25:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-24 00:18:40 ----HD---- C:\WINDOWS\inf
2010-01-24 00:18:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-24 00:18:27 ----D---- C:\Program Files\Internet Explorer
2010-01-24 00:18:19 ----D---- C:\WINDOWS\ie8updates
2010-01-24 00:17:50 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-23 22:59:36 ----SHD---- C:\WINDOWS\Installer
2010-01-23 22:52:41 ----D---- C:\WINDOWS\system32\NetWare
2010-01-23 22:25:20 ----D---- C:\WINDOWS\Help
2010-01-23 16:27:53 ----A---- C:\WINDOWS\ModemLog_Siemens Mobile Phone USB Modem.txt
2010-01-23 09:50:13 ----D---- C:\Program Files\Mozilla Thunderbird
2010-01-23 09:40:28 ----D---- C:\Documents and Settings\Toma\Data aplikací\Skype
2010-01-23 09:40:06 ----D---- C:\Documents and Settings\Toma\Data aplikací\skypePM
2010-01-22 08:31:27 ----D---- C:\Program Files\StarMoney 6.0 S-Edition
2010-01-21 19:29:23 ----D---- C:\Documents and Settings
2010-01-21 19:24:55 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-01-18 16:33:54 ----A---- C:\WINDOWS\WDICT32.INI
2010-01-17 23:23:47 ----D---- C:\Documents and Settings\Toma\Data aplikací\ICQ
2010-01-17 23:23:45 ----D---- C:\Documents and Settings\Toma\Data aplikací\uTorrent
2010-01-17 14:06:53 ----D---- C:\!new
2010-01-16 19:57:56 ----D---- C:\dvd
2010-01-15 11:31:11 ----D---- C:\foto
2010-01-14 13:47:22 ----D---- C:\Config.Msi
2010-01-14 13:46:09 ----RSD---- C:\WINDOWS\Fonts
2010-01-14 13:45:49 ----D---- C:\Program Files\OpenOffice.org 3
2010-01-13 19:31:32 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-12 09:19:43 ----D---- C:\rezi
2010-01-11 20:56:38 ----D---- C:\Documents and Settings\Toma\Data aplikací\gtk-2.0
2010-01-11 12:55:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-01-11 12:21:28 ----D---- C:\Program Files\DVBT
2010-01-11 10:16:32 ----D---- C:\Program Files\DreamCom
2010-01-07 12:34:09 ----D---- C:\eshop
2010-01-07 11:13:44 ----D---- C:\Program Files\totalcmd
2010-01-06 15:11:28 ----D---- C:\www.paroubek.net
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-03 22:24:39 ----D---- C:\down
2009-12-30 12:19:39 ----AC---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-12-30 11:24:34 ----D---- C:\mp3a
2009-12-28 16:26:09 ----D---- C:\a

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2007-05-03 188672]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 NetwareWorkstation;Novell Client for Windows; C:\WINDOWS\system32\NetWare\nwfs.sys [2007-06-21 513664]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 NWSIPX32;Novell NetWare IPX/SPX Transport Interface; C:\WINDOWS\system32\NetWare\nwsipx32.sys [2005-10-27 39731]
R2 RESMGR;Novell NetWare Resource Manager; C:\WINDOWS\system32\NetWare\resmgr.sys [2004-06-01 27249]
R2 SRVLOC;Novell Service Location; C:\WINDOWS\system32\NetWare\srvloc.sys [2006-09-25 160209]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-11-15 528096]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-01-17 328061]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-01-17 850474]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-05-25 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-05-25 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-05-25 74752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-03-01 988032]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-03-01 210688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NWDHCP;Novell DHCP Inform Client; C:\WINDOWS\system32\NetWare\nwdhcp.sys [2005-11-22 18353]
R3 NWDNS;Novell DNS Name Space Service Provider; C:\WINDOWS\system32\NetWare\nwdns.sys [2006-10-27 43568]
R3 NWHOST;Novell Host File Name Space Service Provider; C:\WINDOWS\system32\NetWare\NWHOST.sys [2005-10-12 9297]
R3 NWSAP;Novell SAP Name Space Provider; C:\WINDOWS\system32\NetWare\NWSAP.sys [2003-02-26 23232]
R3 NWSLP;Novell SLP Name Space Service Provider; C:\WINDOWS\system32\NetWare\nwslp.sys [2005-01-03 20332]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2005-09-12 15264]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-03-01 731136]
S3 actser;actser; C:\WINDOWS\system32\drivers\actser.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Toma\LOCALS~1\Temp\catchme.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-01-17 266295]
R2 CWS_Apache_80;CWS_Apache_80; C:\ComplexWebServer\apache\bin\apache.exe [2005-10-09 20541]
R2 CWS_MySQL_3306;CWS_MySQL_3306; C:\ComplexWebServer\mysql\bin\mysqld-nt.exe [2006-11-06 3604480]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-12 152984]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-06-08 446464]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-12-11 488960]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 PHPGeekUtil;PHPGeekUtil; c:\apache\APACHE.EXE --ntservice []
S2 SchnapperPro-TimeSync;SchnapperPro-TimeSync; C:\Program Files\SchnapperPro\TimeSync.exe [2007-06-08 45664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 cusrvc;Client Update Service for Novell; C:\WINDOWS\system32\cusrvc.exe [2006-08-11 28672]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.0.63\bin\Apache.exe -k runservice []
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe wampmysqld []

-----------------EOF-----------------

Re: CPU 99%, zpomalení počítače při startu

Napsal: 24 led 2010 23:03
od motji
Dobrý večer :)
:arrow: combofix Vám poradil kdo?

:arrow: tuto složku znáte?
C:\a

:arrow: tento port máte otevřený schválně?
"5551:UDP"= 5551:UDP:tor

:arrow: Vy jste dělal něco s atapi? že ho máte na C:\atapi.sys
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz