Samovolně se měnící čas v biosu

[tompo]

Zdravím, nevěděl by někdo co by mohlo být příčinou.....
Počítač jsem přeinstaloval, vyměnil baterku pro BIOS a stále stejný problém.....
díky za jakoukoliv radu

[tompo]

LOG:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomáš at 2029-08-11 00:07:20
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 49 GB (82%) free of 60 GB
Total RAM: 2047 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:07:27, on 11.8.2029
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Tomáš\Plocha\RSIT.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5238 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\ukrjd7q8.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npnul32.dll
nppdf32.dll
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-04-17 110592]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-10-02 7585792]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-10-02 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-12-20 16860672]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"GhostStartTrayApp"=C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe [2002-08-14 94208]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2012-06-28 74752]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2041-09-09 19:09:57 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2029-08-11 00:14:43 ----D---- C:\WINDOWS\temp
2029-08-11 00:14:41 ----A---- C:\ComboFix.txt
2029-08-11 00:08:51 ----A---- C:\Boot.bak
2029-08-11 00:08:47 ----RASHD---- C:\cmdcons
2029-08-11 00:07:53 ----A---- C:\WINDOWS\zip.exe
2029-08-11 00:07:53 ----A---- C:\WINDOWS\SWXCACLS.exe
2029-08-11 00:07:53 ----A---- C:\WINDOWS\SWSC.exe
2029-08-11 00:07:53 ----A---- C:\WINDOWS\SWREG.exe
2029-08-11 00:07:53 ----A---- C:\WINDOWS\sed.exe
2029-08-11 00:07:53 ----A---- C:\WINDOWS\PEV.exe
2029-08-11 00:07:53 ----A---- C:\WINDOWS\NIRCMD.exe
2029-08-11 00:07:53 ----A---- C:\WINDOWS\MBR.exe
2029-08-11 00:07:53 ----A---- C:\WINDOWS\grep.exe
2029-08-11 00:07:21 ----D---- C:\Program Files\trend micro
2029-08-11 00:07:20 ----D---- C:\rsit
2029-08-11 00:04:10 ----D---- C:\Qoobox
2029-08-11 00:03:59 ----D---- C:\WINDOWS\erdnt
2029-08-11 00:01:02 ----D---- C:\WINDOWS\system32\LogFiles

======List of files/folders modified in the last 1 month======

2041-09-09 19:09:31 ----D---- C:\WINDOWS\Help
2041-09-09 19:09:30 ----D---- C:\WINDOWS\nview
2029-08-11 00:18:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2029-08-11 00:18:02 ----D---- C:\WINDOWS\system32\CatRoot2
2029-08-11 00:14:43 ----D---- C:\WINDOWS
2029-08-11 00:13:28 ----A---- C:\WINDOWS\system.ini
2029-08-11 00:11:47 ----D---- C:\WINDOWS\system32\drivers
2029-08-11 00:11:47 ----D---- C:\WINDOWS\AppPatch
2029-08-11 00:11:40 ----D---- C:\Program Files\Common Files
2029-08-11 00:08:51 ----RASH---- C:\boot.ini
2029-08-11 00:07:48 ----D---- C:\WINDOWS\Prefetch
2029-08-11 00:07:21 ----RD---- C:\Program Files
2029-08-11 00:01:29 ----D---- C:\Documents and Settings\Tomáš\Data aplikací\Skype
2029-08-11 00:01:02 ----D---- C:\WINDOWS\system32
2029-08-11 00:00:32 ----A---- C:\RTHDCPL_Dump.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-08-21 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-08-21 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 GhPciScan;GhostPciScanner; \??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-08-14 17005]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-08-21 97608]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-12-20 4637696]
R3 M3AD;Motorola Messenger Modem Audio Device; C:\WINDOWS\system32\drivers\m3aux.sys [2006-03-29 133632]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-10-02 3694208]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-09-17 28672]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-09-14 50560]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2004-08-03 67584]
R3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-03 11136]
R3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-03 10240]
R3 SynMini;ASUS WebCam, 1.3M, USB2.0, FF; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-01-20 841110]
R3 SynScan;ASUS WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-01-02 8278]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-03 1429632]
S3 catchme;catchme; \??\C:\DOCUME~1\TOM~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver; C:\WINDOWS\System32\Drivers\FTD2XX.sys [2005-12-15 34639]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 GhostStartService;GhostStartService; C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe [2002-08-14 200704]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2012-10-02 143426]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

-----------------EOF-----------------

[Rudy]

Také zdravím!
1. Proč spouštíte Combofix (utilitu určenou pouze odborníkům) bez předchozí kontroly logu RSIT a konzultace s rádcem? Chcete si zbořit systém?
2. V systému chybí SP3. Takovýto systém je zcela nechráněn.
3. Dejte log ComboFix (když už jste ho prováděl). Najdete ho v C:\comobfix.txt.

[tompo]

ComboFix 12-10-12.01 - Tomáš 11.08.2029 0:10.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1412 [GMT 2:00]
Spuštěný z: c:\documents and settings\TomßÜ\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2029-07-10 do 2029-08-10 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-04-17 110592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-10-02 7585792]
"nwiz"="nwiz.exe" [2012-10-02 1617920]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-10-02 86016]
"RTHDCPL"="RTHDCPL.EXE" [2007-12-20 16860672]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"GhostStartTrayApp"="c:\program files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2002-08-14 94208]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2012-06-28 74752]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [22.9.2012 11:33 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.9.2012 11:33 355632]
R1 GhPciScan;GhostPciScanner;c:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [14.8.2002 15:11 5632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.9.2012 11:33 21256]
R3 SynMini;ASUS WebCam, 1.3M, USB2.0, FF;c:\windows\system32\drivers\SynMini.sys [12.10.2011 17:25 841110]
R3 SynScan;ASUS WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [12.10.2011 17:25 8278]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [16.11.2011 17:28 34639]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2029-08-10 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-09-22 09:12]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.10.10.10 192.168.0.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\ukrjd7q8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2029-08-11 00:13
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Registration\DONT_A*]
"Winols_Regged"="??????d\00*\00\01\00\0d"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3376)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSCS.DLL
c:\windows\system32\nvwddi.dll
.
Celkový čas: 2029-08-11 00:14:40
ComboFix-quarantined-files.txt 2029-08-10 22:14
.
Před spuštěním: Volných bajtů: 51 466 387 456
Po spuštění: Volných bajtů: 51 758 678 016
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 351285474D1CCA1330F8CB8C17B4BE04

[Rudy]

Přesuňte ComboFix na kořenový adresář C:\. Otevřte poznámkový blok a zkopírujte do něj:

Regnull::
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\software\Registration\DONT_A*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

Reboot::

Uložte na kořenový adresář c:\ jako CFScript.txt. Pak jej myší v průzkumníku windows (nwbo jiném souborovém manažéru) přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příakzy ze skriptu.

[tompo]

přikládám log:

ComboFix 12-10-12.01 - Tomáš 13.10.2012 21:13:24.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1440 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 1828-05-14 do 1828-06-14 )))))))))))))))))))))))))))))))
.
.
2029-08-10 22:07 . 2029-08-10 22:07 -------- d-----w- C:\rsit
2012-10-13 19:09 . 2012-10-13 19:10 -------- d-----w- C:\totalcmd
2012-10-13 17:33 . 2012-10-13 17:33 -------- d-----w- C:\_OTM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-04 19:44 . 2012-09-22 10:02 59888 ------w- c:\windows\system32\pxwma.dll
2011-03-04 19:44 . 2012-09-22 10:02 133616 ------w- c:\windows\system32\pxafs.dll
2011-03-04 19:44 . 2012-09-22 10:02 126448 ------w- c:\windows\system32\pxinsi64.exe
2011-03-04 19:44 . 2012-09-22 10:02 123888 ------w- c:\windows\system32\pxcpyi64.exe
2007-06-17 10:46 . 2008-01-25 22:31 114688 ----a-w- c:\windows\system32\wdapi900.dll
2007-03-27 22:59 . 2008-01-25 22:31 166912 ----a-w- c:\windows\system32\windrvr6.sys
2006-08-18 05:58 . 2011-10-12 15:27 282624 ----a-w- c:\windows\system32\RTSndMgr.cpl
2006-04-06 13:58 . 2011-10-12 15:25 2633728 ----a-r- c:\windows\system32\w39MLRes.dll
2006-04-06 13:58 . 2011-10-12 15:25 491520 ----a-r- c:\windows\system32\w39NCPA.dll
2005-11-21 06:57 . 2011-10-12 15:25 57344 ----a-r- c:\windows\system32\SynVFW.dll
2005-11-18 11:42 . 2011-10-12 15:25 69632 ----a-r- c:\windows\system32\SynProp.ax
2005-10-17 15:09 . 2011-10-12 15:43 987136 ----a-w- c:\windows\system32\wcourier.exe
2005-07-04 06:27 . 2011-10-12 15:25 24576 ----a-r- c:\windows\system32\SynSvc_.exe
2005-06-08 02:13 . 2011-10-12 15:25 28672 ----a-r- c:\windows\system32\SynUSD.dll
2004-11-18 08:42 . 2011-10-12 12:25 22752 ----a-w- c:\windows\system32\spupdsvc.exe
2004-11-17 11:15 . 2008-01-25 22:31 94208 ----a-w- c:\windows\system32\wd_utils.dll
2004-09-03 04:00 . 2011-10-12 15:28 90112 ----a-r- c:\windows\system32\snymsico.dll
2004-08-17 13:49 . 2011-10-12 12:13 87176 ----a-w- c:\windows\system32\rdpwsx.dll
2004-08-17 13:49 . 2002-09-20 18:06 92168 ----a-w- c:\windows\system32\rdpdd.dll
2004-08-17 13:49 . 2001-10-25 14:00 12168 ----a-w- c:\windows\system32\tsddd.dll
2004-08-17 13:49 . 2011-10-12 12:27 53248 ------w- c:\windows\system32\vbicodec.ax
2004-08-17 13:49 . 2011-10-12 12:27 239616 ------w- c:\windows\system32\wstrenderer.ax
2004-08-17 13:49 . 2011-10-12 12:27 164352 ------w- c:\windows\system32\wstpager.ax
2004-08-17 13:49 . 2011-10-12 12:27 28672 ----a-w- c:\windows\system32\vidcap.ax
2004-08-17 13:49 . 2011-10-12 12:27 166912 ------w- c:\windows\system32\wuauclt1.exe
2004-08-17 13:49 . 2011-10-12 12:27 162304 ------w- c:\windows\system32\wuaucpl.cpl
2004-08-17 13:49 . 2011-10-12 12:27 148480 ------w- c:\windows\system32\wscui.cpl
2004-08-17 13:49 . 2011-10-12 12:27 13824 ------w- c:\windows\system32\wscntfy.exe
2004-08-17 13:49 . 2011-10-12 12:13 111104 ----a-w- c:\windows\system32\wuauclt.exe
2004-08-17 13:49 . 2002-09-20 18:06 146944 ----a-w- c:\windows\system32\winspool.drv
2004-08-17 13:49 . 2002-09-20 18:06 679936 ----a-w- c:\windows\system32\sstext3d.scr
2004-08-17 13:49 . 2002-09-20 18:06 610304 ----a-w- c:\windows\system32\sspipes.scr
2004-08-17 13:49 . 2002-09-20 18:06 393216 ----a-w- c:\windows\system32\ssflwbox.scr
2004-08-17 13:49 . 2002-09-20 18:06 20992 ----a-w- c:\windows\system32\ssmarque.scr
2004-08-17 13:49 . 2002-09-20 18:06 18944 ----a-w- c:\windows\system32\ssmyst.scr
2004-08-17 13:49 . 2002-09-20 18:06 14336 ----a-w- c:\windows\system32\ssstars.scr
2004-08-17 13:49 . 2002-09-20 18:05 9216 ----a-w- c:\windows\system32\scrnsave.scr
2004-08-17 13:49 . 2002-09-20 18:05 708608 ----a-w- c:\windows\system32\ss3dfo.scr
2004-08-17 13:49 . 2002-09-20 18:05 278559 ----a-w- c:\windows\system32\wmv8ds32.ax
2004-08-17 13:49 . 2002-09-20 18:05 258048 ----a-w- c:\windows\system32\wmvds32.ax
2004-08-17 13:49 . 2002-09-20 18:05 19968 ----a-w- c:\windows\system32\ssbezier.scr
2004-08-17 13:49 . 2002-09-20 18:05 30720 ----a-w- c:\windows\system32\vbisurf.ax
2004-08-17 13:49 . 2002-09-20 18:05 299008 ----a-w- c:\windows\system32\sysdm.cpl
2004-08-17 13:49 . 2001-10-25 14:00 93696 ----a-w- c:\windows\system32\timedate.cpl
2004-08-17 13:49 . 2001-10-25 14:00 76800 ----a-w- c:\windows\system32\remotesp.tsp
2004-08-17 13:49 . 2001-10-25 14:00 47104 ----a-w- c:\windows\system32\ssmypics.scr
2004-08-17 13:49 . 2001-10-25 14:00 32768 ----a-w- c:\windows\system32\wpnpinst.exe
2004-08-17 13:49 . 2001-10-25 14:00 32256 ----a-w- c:\windows\system32\wpabaln.exe
2004-08-17 13:49 . 2001-10-25 14:00 30720 ----a-w- c:\windows\system32\xcopy.exe
2004-08-17 13:49 . 2001-10-25 14:00 207360 ----a-w- c:\windows\system32\unimdm.tsp
2004-08-17 13:49 . 2001-10-25 14:00 114688 ----a-w- c:\windows\system32\wscript.exe
2004-08-17 13:49 . 2001-10-24 12:25 23552 ----a-w- c:\windows\system32\wdmaud.drv
2004-08-17 13:49 . 2011-10-12 12:27 8192 ------w- c:\windows\system32\smbinst.exe
2004-08-17 13:49 . 2011-10-12 12:27 73796 ------w- c:\windows\system32\slserv.exe
2004-08-17 13:49 . 2011-10-12 12:27 32866 ------w- c:\windows\system32\slrundll.exe
2004-08-17 13:49 . 2011-10-12 12:15 150528 ----a-w- c:\windows\pchealth\UploadLB\Binaries\uploadm.exe
2004-08-17 13:49 . 2011-10-12 12:14 131584 ----a-w- c:\windows\system32\sndrec32.exe
2004-08-17 13:49 . 2011-10-12 12:14 67072 ----a-w- c:\windows\system32\rdshost.exe
2004-08-17 13:49 . 2011-10-12 12:14 20480 ----a-w- c:\windows\system32\qprocess.exe
2004-08-17 13:49 . 2011-10-12 12:13 538624 ----a-w- c:\windows\system32\spider.exe
2004-08-17 13:49 . 2011-10-12 12:13 141312 ----a-w- c:\windows\system32\sessmgr.exe
2004-08-17 13:49 . 2011-10-12 12:13 13824 ----a-w- c:\windows\system32\rdsaddin.exe
2004-08-17 13:49 . 2011-10-12 12:13 62464 ----a-w- c:\windows\system32\rdpclip.exe
2004-08-17 13:49 . 2004-08-17 13:49 8192 ----a-w- c:\windows\system32\spdwnwxp.exe
2004-08-17 13:49 . 2004-08-17 13:49 21504 ------w- c:\windows\system32\spupdwxp.exe
2004-08-17 13:49 . 2004-08-17 13:49 11776 ------w- c:\windows\system32\spnpinst.exe
2004-08-17 13:49 . 2002-09-20 18:05 502272 ----a-w- c:\windows\system32\winlogon.exe
2004-08-17 13:49 . 2002-09-20 18:05 65024 ----a-w- c:\windows\system32\wextract.exe
2004-08-17 13:49 . 2002-09-20 18:05 50176 ----a-w- c:\windows\system32\utilman.exe
2004-08-17 13:49 . 2002-09-20 18:05 24576 ----a-w- c:\windows\system32\userinit.exe
2004-08-17 13:49 . 2002-09-20 18:05 18432 ----a-w- c:\windows\system32\ups.exe
2004-08-17 13:49 . 2002-09-20 18:05 78848 ----a-w- c:\windows\system32\tlntsess.exe
2004-08-17 13:49 . 2002-09-20 18:05 77312 ----a-w- c:\windows\system32\telnet.exe
2004-08-17 13:49 . 2002-09-20 18:05 73728 ----a-w- c:\windows\system32\tlntsvr.exe
2004-08-17 13:49 . 2002-09-20 18:05 62976 ----a-w- c:\windows\system32\tlntadmn.exe
2004-08-17 13:49 . 2002-09-20 18:05 260096 ----a-w- c:\windows\system32\tracerpt.exe
2004-08-17 13:49 . 2002-09-20 18:05 137216 ----a-w- c:\windows\system32\taskmgr.exe
2004-08-17 13:49 . 2002-09-20 18:05 12800 ----a-w- c:\windows\system32\tracert.exe
2004-08-17 13:49 . 2002-09-20 18:05 50688 ----a-w- c:\windows\system32\smss.exe
2004-08-17 13:49 . 2002-09-20 18:05 90112 ----a-w- c:\windows\system32\smlogsvc.exe
2004-08-17 13:49 . 2002-09-20 18:05 77824 ----a-w- c:\windows\system32\sdbinst.exe
2004-08-17 13:49 . 2002-09-20 18:05 70656 ----a-w- c:\windows\system32\sigverif.exe
2004-08-17 13:49 . 2002-09-20 18:05 42496 ----a-w- c:\windows\system32\shmgrate.exe
2004-08-17 13:49 . 2002-09-20 18:05 26112 ----a-w- c:\windows\system32\skeys.exe
2004-08-17 13:49 . 2002-09-20 18:05 23040 ----a-w- c:\windows\system32\setup.exe
2004-08-17 13:49 . 2002-09-20 18:05 77312 ----a-w- c:\windows\system32\rtcshare.exe
2004-08-17 13:49 . 2002-09-20 18:05 55296 ----a-w- c:\windows\system32\reg.exe
2004-08-17 13:49 . 2002-09-20 18:05 35840 ----a-w- c:\windows\system32\rcimlby.exe
2004-08-17 13:49 . 2002-09-20 18:05 14336 ----a-w- c:\windows\system32\runonce.exe
2004-08-17 13:49 . 2002-09-20 18:05 13312 ----a-w- c:\windows\system32\savedump.exe
2004-08-17 13:49 . 2002-09-20 18:05 125440 ----a-w- c:\windows\system32\schtasks.exe
2004-08-17 13:49 . 2002-09-20 18:05 107520 ----a-w- c:\windows\system32\rsnotify.exe
2004-08-17 13:49 . 2001-10-25 14:00 97792 ----a-w- c:\windows\system32\scardsvr.exe
2004-08-17 13:49 . 2001-10-25 14:00 77824 ----a-w- c:\windows\system32\shrpubw.exe
2004-08-17 13:49 . 2001-10-25 14:00 57856 ----a-w- c:\windows\system32\spoolsv.exe
2004-08-17 13:49 . 2001-10-25 14:00 56832 ----a-w- c:\windows\system32\rasphone.exe
2004-08-17 13:49 . 2001-10-25 14:00 5632 ----a-w- c:\windows\system32\winver.exe
2004-08-17 13:49 . 2001-10-25 14:00 433664 ----a-w- c:\windows\system32\wiaacmgr.exe
2004-08-17 13:49 . 2001-10-25 14:00 347136 ----a-w- c:\windows\system32\tourstart.exe
2004-08-17 13:49 . 2001-10-25 14:00 33280 ----a-w- c:\windows\system32\rundll32.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-04-17 110592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-10-02 7585792]
"nwiz"="nwiz.exe" [2012-10-02 1617920]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-10-02 86016]
"RTHDCPL"="RTHDCPL.EXE" [2007-12-20 16860672]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"GhostStartTrayApp"="c:\program files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2002-08-14 94208]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2012-06-28 74752]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
.
R1 GhPciScan;GhostPciScanner;c:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [14.8.2002 15:11 5632]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [22.9.2012 11:33 729752]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.9.2012 11:33 355632]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.9.2012 11:33 21256]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [16.11.2011 17:28 34639]
S3 SynMini;ASUS WebCam, 1.3M, USB2.0, FF;c:\windows\system32\drivers\SynMini.sys [12.10.2011 17:25 841110]
S3 SynScan;ASUS WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [12.10.2011 17:25 8278]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2029-08-10 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-09-22 09:12]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.10.10.10 192.168.0.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\ukrjd7q8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 1828-06-14 05:06
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Celkový čas: 1828-06-14 05:12:01 - počítač byl restartován
ComboFix-quarantined-files.txt 1828-06-14 03:11
ComboFix2.txt 2029-08-10 22:14
.
Před spuštěním: Volných bajtů: 51 735 896 064
Po spuštění: Volných bajtů: 51 732 541 440
.
- - End Of File - - 9165D8CFA70F1890069B61D374F9FCD3

[Rudy]

Skript byl chybně uložen (CFScript.txt.txt). Musí být uložen jako CFScript.txt. Zkuste spustit ještě jednou.

[tompo]

tak jeste jednou..o:)

ComboFix 12-10-14.01 - Tomáš 13.10.2012 23:02:48.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1417 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2647-07-19 do 2647-08-19 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-04-17 110592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-10-02 7585792]
"nwiz"="nwiz.exe" [2012-10-02 1617920]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-10-02 86016]
"RTHDCPL"="RTHDCPL.EXE" [2007-12-20 16860672]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"GhostStartTrayApp"="c:\program files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2002-08-14 94208]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2012-06-28 74752]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [22.9.2012 11:33 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.9.2012 11:33 355632]
R1 GhPciScan;GhostPciScanner;c:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [14.8.2002 15:11 5632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.9.2012 11:33 21256]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
R3 SynMini;ASUS WebCam, 1.3M, USB2.0, FF;c:\windows\system32\drivers\SynMini.sys [12.10.2011 17:25 841110]
R3 SynScan;ASUS WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [12.10.2011 17:25 8278]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [16.11.2011 17:28 34639]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2647-08-19 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-09-22 09:12]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.10.10.10 192.168.0.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\ukrjd7q8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2647-08-19 18:51
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3652)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSCS.DLL
c:\windows\system32\nvwddi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\program files\Symantec\Norton Ghost 2003\GhostStartService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\ATK0100\ATKOSD.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2647-08-19 18:53:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2647-08-19 16:53
ComboFix2.txt 2029-08-10 22:14
.
Před spuštěním: Volných bajtů: 51 716 632 576
Po spuštění: Volných bajtů: 51 713 470 464
.
- - End Of File - - B1427C312EE2077D1B7374A84FA80095

[Rudy]

Teď je to OK. Nastala nějaká změna?

[tompo]

Bohužel, problém stále přetrvává....

[Rudy]

Baterii jste měnil za novu, nebo už byla použitá?

[tompo]

baterie byla uplne nova.......

[Rudy]

OK. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[tompo]

tak jsem pocitac jeste preinstaloval a posilam log.....

ComboFix 12-10-14.03 - Tomáš 14.10.2012 19:17:45.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1633 [GMT 2:00]
Spuštěný z: c:\documents and settings\TomßÜ\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\dllcache\wmpvis.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NVSVC
-------\Service_NVSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 1600-12-01 do 1601-01-01 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-04-17 110592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-17 7561216]
"nwiz"="nwiz.exe" [2006-03-17 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-03-17 86016]
"RTHDCPL"="RTHDCPL.EXE" [2007-12-20 16860672]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"GhostStartTrayApp"="c:\program files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2002-08-14 94208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 GhPciScan;GhostPciScanner;c:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [14.8.2002 14:11 5632]
R3 SynMini;ASUS WebCam, 1.3M, USB2.0, FF;c:\windows\system32\drivers\SynMini.sys [12.10.2011 16:25 841110]
R3 SynScan;ASUS WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [12.10.2011 16:25 8278]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.10.10.10 192.168.0.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\ukrjd7q8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 1601-01-01 01:27
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\program files\Symantec\Norton Ghost 2003\GhostStartService.exe
c:\windows\ATK0100\ATKOSD.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 1601-01-01 01:29:23 - počítač byl restartován
ComboFix-quarantined-files.txt 1601-01-01 00:29
.
Před spuštěním: Volných bajtů: 57 591 136 256
Po spuštění: Volných bajtů: 57 526 108 160
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - A77CFB031B0B1378292A868A6421F18C

[Rudy]

Log z CF po přeinstalaci je k ničemu. Pokud byl problém v systému je pryč, neboť byl systém přeinstalován. Nezapomeňte nainstalovat SP3 a bezpečnostní software. Pokud by se čas nadále měnil, bude to problém biosu.