Zamrzá mi a restartuje se mi počítač

[Dwerw]

NOD mi našel Win32/TrojanDownloader.Agent, ale nebyl schopný s ním něco udělat, protože to při tom vždycky zamrzlo. Stejně tak to zamrzlo a restartovalo se to třeba při zapnutí Opery nebo i Prohlížeče obrázků. Díky za pomoc.

Tady je log. Díky.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Z1 at 2010-08-08 20:33:35
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 9 GB (22%) free of 40 GB
Total RAM: 2046 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:33:39, on 8.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Sygate\SPF\smc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Creative\Shared Files\CTAudSvc.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\CTHELPER.EXE
D:\Program Files\Razer\Copperhead\razerhid.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Google\Update\GoogleUpdate.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Blaze Media Pro\NMSAccess32.exe
D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Razer\Copperhead\razertra.exe
D:\Program Files\Razer\Copperhead\razerofa.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\totalcmd\TOTALCMD.EXE
C:\užitečné\RSIT.exe
D:\Program Files\trend micro\Z1.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [razer] D:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - D:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - D:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Japanese Input Cache Service (GoogleIMEJaCacheService) - Google Inc. - D:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccess - Unknown owner - D:\Program Files\Blaze Media Pro\NMSAccess32.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - D:\Program Files\Sygate\SPF\smc.exe

--
End of file - 6934 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\Google Software Updater.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-08-31 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-29 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmcService"=D:\PROGRA~1\Sygate\SPF\smc.exe [2004-10-15 2577632]
"IMJPMIG8.1"=D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-03-02 208952]
"MSPY2002"=D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2006-03-02 59392]
"PHIME2002ASync"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
"PHIME2002A"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
"CTHelper"=D:\WINDOWS\CTHELPER.EXE [2006-05-24 17920]
"UpdReg"=D:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"razer"=D:\Program Files\Razer\Copperhead\razerhid.exe [2005-10-08 155648]
"egui"=D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-11 2054360]
"nwiz"=D:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"KernelFaultCheck"=D:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
D:\WINDOWS\system32\CTXFIHLP.EXE [2009-06-04 25600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
E:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
D:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
E:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Java\jre6\bin\jusched.exe [2009-08-29 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-31 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
D:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2006-07-13 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
D:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Z1^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.1.lnk]
D:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-05-15 384512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=2
"gupdate1ca2a1d270654e8"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoActiveDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"D:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="D:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"E:\Program Files\Miranda IM\miranda32.exe"="E:\Program Files\Miranda IM\miranda32.exe:*:Disabled:Miranda IM"
"D:\Program Files\Azureus\Azureus.exe"="D:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\DOCUME~1\Z1\LOCALS~1\Temp\pdfupd.exe"="D:\DOCUME~1\Z1\LOCALS~1\Temp\pdfupd.exe:*:Enabled:ldrsoft"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\iTunes\iTunes.exe"="E:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"D:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="D:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2010-08-03 14:54:46 ----HDC---- D:\WINDOWS\$NtUninstallKB2286198$
2010-07-29 00:50:09 ----D---- D:\Program Files\Haali
2010-07-28 14:06:51 ----D---- D:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2010-07-28 13:33:58 ----A---- D:\WINDOWS\system32\nvhdap32.dll
2010-07-28 13:33:58 ----A---- D:\WINDOWS\system32\nvcohda.dll
2010-07-28 13:33:58 ----A---- D:\WINDOWS\system32\drivers\nvhda32.sys
2010-07-28 13:32:08 ----D---- D:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2010-07-28 13:31:53 ----D---- D:\Program Files\NVIDIA Corporation
2010-07-28 13:31:23 ----A---- D:\WINDOWS\system32\OpenCL.dll
2010-07-28 13:31:23 ----A---- D:\WINDOWS\system32\nvoglnt.dll
2010-07-28 13:31:23 ----A---- D:\WINDOWS\system32\nvcuvid.dll
2010-07-28 13:31:23 ----A---- D:\WINDOWS\system32\nvcuvenc.dll
2010-07-28 13:31:21 ----A---- D:\WINDOWS\system32\nvcuda.dll
2010-07-28 13:31:21 ----A---- D:\WINDOWS\system32\nvcompiler.dll
2010-07-28 13:31:21 ----A---- D:\WINDOWS\system32\nvcodins.dll
2010-07-28 13:31:21 ----A---- D:\WINDOWS\system32\nvcod.dll
2010-07-28 13:31:21 ----A---- D:\WINDOWS\system32\nvapi.dll
2010-07-28 13:31:15 ----D---- D:\NVIDIA
2010-07-26 16:46:19 ----D---- D:\Program Files\Yamaha
2010-07-24 12:51:40 ----D---- D:\Program Files\7-Zip
2010-07-23 23:47:21 ----D---- D:\Documents and Settings\Z1\Data aplikací\BadApple!!
2010-07-23 23:37:47 ----D---- D:\Program Files\Microsoft.NET
2010-07-23 21:02:17 ----D---- D:\Program Files\VstPlugins
2010-07-23 21:02:13 ----D---- D:\Program Files\Outsim
2010-07-23 21:02:13 ----D---- D:\Program Files\Image-Line
2010-07-18 20:08:56 ----D---- D:\Documents and Settings\Z1\Data aplikací\Synthesia
2010-07-18 20:08:39 ----A---- D:\WINDOWS\system32\D3DX9_42.dll
2010-07-15 03:04:39 ----D---- D:\Documents and Settings\Z1\Data aplikací\ONScripter-En
2010-07-15 03:04:39 ----D---- D:\Documents and Settings\All Users\Data aplikací\Umineko6
2010-07-13 23:05:30 ----HDC---- D:\WINDOWS\$NtUninstallKB2229593$
2010-07-09 16:24:42 ----A---- D:\WINDOWS\system32\nvwddi.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrszht.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrszhc.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrstr.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsth.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrssv.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrssl.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrssk.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsru.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsptb.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrspt.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrspl.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsno.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsnl.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsko.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrshu.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrshe.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsfr.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsfi.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsesm.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrses.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrseng.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsel.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsde.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsda.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrscs.dll
2010-07-09 16:24:36 ----A---- D:\WINDOWS\system32\nvrsar.dll
2010-07-09 16:24:34 ----A---- D:\WINDOWS\system32\nvsvc32.exe
2010-07-09 16:24:34 ----A---- D:\WINDOWS\system32\nvrsja.dll
2010-07-09 16:24:34 ----A---- D:\WINDOWS\system32\nvrsit.dll
2010-07-09 16:24:34 ----A---- D:\WINDOWS\system32\nvmctray.dll
2010-07-09 16:24:34 ----A---- D:\WINDOWS\system32\nvmccs.dll
2010-07-09 16:24:34 ----A---- D:\WINDOWS\system32\nvcpl.dll
2010-07-09 16:24:34 ----A---- D:\WINDOWS\system32\nvcolor.exe

======List of files/folders modified in the last 1 months======

2010-08-08 20:33:37 ----D---- D:\Program Files\trend micro
2010-08-08 20:32:43 ----A---- D:\WINDOWS\wincmd.ini
2010-08-08 20:32:30 ----D---- D:\WINDOWS\temp
2010-08-08 20:25:05 ----SD---- D:\WINDOWS\Tasks
2010-08-08 20:10:15 ----D---- D:\WINDOWS
2010-08-07 17:30:15 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-08-04 01:45:18 ----D---- D:\Documents and Settings\Z1\Data aplikací\uTorrent
2010-08-03 23:44:08 ----D---- D:\WINDOWS\Prefetch
2010-08-03 22:46:45 ----D---- D:\WINDOWS\system32
2010-08-03 14:55:04 ----D---- D:\WINDOWS\AppPatch
2010-08-03 14:54:53 ----HD---- D:\WINDOWS\inf
2010-08-03 14:54:49 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-08-03 14:51:53 ----D---- D:\Documents and Settings\Z1\Data aplikací\Winamp
2010-08-03 14:42:25 ----SHD---- D:\WINDOWS\Installer
2010-08-03 14:42:25 ----D---- D:\Config.Msi
2010-08-03 14:41:32 ----D---- D:\WINDOWS\system32\drivers
2010-08-03 09:13:59 ----HD---- D:\WINDOWS\$hf_mig$
2010-08-03 09:13:57 ----D---- D:\WINDOWS\system32\CatRoot2
2010-08-02 16:57:37 ----D---- D:\Documents and Settings\Z1\Data aplikací\Adobe
2010-08-01 14:34:22 ----A---- D:\WINDOWS\NeroDigital.ini
2010-07-29 00:50:09 ----RD---- D:\Program Files
2010-07-28 14:06:24 ----D---- D:\Program Files\RivaTuner v2.06
2010-07-28 13:33:17 ----D---- D:\WINDOWS\Help
2010-07-28 13:31:52 ----D---- D:\WINDOWS\system32\CatRoot
2010-07-28 00:46:11 ----D---- D:\Documents and Settings\Z1\Data aplikací\vlc
2010-07-27 08:30:31 ----A---- D:\WINDOWS\system32\shell32.dll
2010-07-24 00:19:09 ----D---- D:\WINDOWS\Microsoft.NET
2010-07-24 00:19:07 ----RSD---- D:\WINDOWS\assembly
2010-07-23 23:41:43 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-07-23 23:41:31 ----D---- D:\WINDOWS\WinSxS
2010-07-23 23:29:08 ----HD---- D:\Program Files\InstallShield Installation Information
2010-07-19 18:22:53 ----D---- D:\Documents and Settings\All Users\Data aplikací\Adobe
2010-07-19 14:09:04 ----D---- D:\Program Files\Common Files\Adobe
2010-07-19 14:09:04 ----D---- D:\Program Files\Adobe
2010-07-19 14:07:33 ----RSD---- D:\WINDOWS\Fonts
2010-07-18 20:08:42 ----D---- D:\WINDOWS\system32\DirectX
2010-07-13 23:05:37 ----A---- D:\WINDOWS\imsins.BAK
2010-07-10 00:38:00 ----A---- D:\WINDOWS\system32\nvudisp.exe
2010-07-10 00:38:00 ----A---- D:\WINDOWS\system32\nv4_disp.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; D:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 mv614x;mv614x; D:\WINDOWS\system32\DRIVERS\mv614x.sys [2006-02-16 35200]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; D:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; D:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; D:\WINDOWS\System32\Drivers\sptd.sys [2009-08-28 717296]
R0 Teefer;Teefer for NT; D:\WINDOWS\SYSTEM32\Drivers\Teefer.sys [2004-10-15 60496]
R1 AmdK8;Ovladač procesoru AMD; D:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 ehdrv;ehdrv; D:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 ElbyCDIO;ElbyCDIO Driver; D:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 epfwtdir;epfwtdir; D:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-11 96408]
R1 FsVga;FsVga; D:\WINDOWS\system32\DRIVERS\fsvga.sys [2006-03-02 12160]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 wpsdrvnt;wpsdrvnt; \??\D:\WINDOWS\system32\drivers\wpsdrvnt.sys []
R2 eamon;eamon; D:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 wg3n;SyGate for NT, wg3n; D:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [2004-10-15 14568]
R2 wg4n;SyGate for NT, wg4n; D:\WINDOWS\SYSTEM32\Drivers\wg4n.sys [2004-10-15 14568]
R2 wg5n;SyGate for NT, wg5n; D:\WINDOWS\SYSTEM32\Drivers\wg5n.sys [2004-10-15 14568]
R2 wg6n;SyGate for NT, wg6n; D:\WINDOWS\SYSTEM32\Drivers\wg6n.sys [2004-10-15 14568]
R3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CT20XUT.SYS;CT20XUT.SYS; D:\WINDOWS\System32\drivers\CT20XUT.SYS [2009-06-04 171032]
R3 ctac32k;Creative AC3 Software Decoder; D:\WINDOWS\system32\drivers\ctac32k.sys [2009-06-04 511000]
R3 ctaud2k;Creative Audio Driver (WDM); D:\WINDOWS\system32\drivers\ctaud2k.sys [2009-06-04 526232]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; D:\WINDOWS\System32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
R3 CTHWIUT.SYS;CTHWIUT.SYS; D:\WINDOWS\System32\drivers\CTHWIUT.SYS [2009-06-04 72728]
R3 ctprxy2k;Creative Proxy Driver; D:\WINDOWS\system32\drivers\ctprxy2k.sys [2009-06-04 14360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; D:\WINDOWS\system32\drivers\ctsfm2k.sys [2009-06-04 158744]
R3 ElbyCDFL;ElbyCDFL; D:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 emupia;E-mu Plug-in Architecture Driver; D:\WINDOWS\system32\drivers\emupia2k.sys [2009-06-04 95768]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ha20x2k;Creative 20X HAL Driver; D:\WINDOWS\system32\drivers\ha20x2k.sys [2009-06-04 1177624]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; D:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; D:\WINDOWS\system32\drivers\nvhda32.sys [2010-06-22 91496]
R3 nvnetbus;NVIDIA Network Bus Enumerator; D:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM; D:\WINDOWS\system32\DRIVERS\nvoclock.sys [2009-09-15 38248]
R3 ossrv;Creative OS Services Driver; D:\WINDOWS\system32\drivers\ctoss2k.sys [2009-06-04 130072]
R3 Razerlow;Razer Copperhead Driver; D:\WINDOWS\System32\Drivers\Razerlow.sys [2005-08-12 19020]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; D:\WINDOWS\system32\drivers\ADIHdAud.sys []
S3 AEAudio;AE Audio Service; D:\WINDOWS\system32\drivers\AEAudio.sys []
S3 agtibhdd;agtibhdd; D:\WINDOWS\system32\drivers\agtibhdd.sys []
S3 catchme;catchme; \??\D:\DOCUME~1\Z1\LOCALS~1\Temp\catchme.sys []
S3 CT20XUT;CT20XUT; D:\WINDOWS\system32\drivers\CT20XUT.SYS [2009-06-04 171032]
S3 ctdvda2k;Creative DVD-Audio Device Driver; D:\WINDOWS\system32\drivers\ctdvda2k.sys [2009-06-04 347080]
S3 CTEXFIFX;CTEXFIFX; D:\WINDOWS\system32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
S3 CTHWIUT;CTHWIUT; D:\WINDOWS\system32\drivers\CTHWIUT.SYS [2009-06-04 72728]
S3 esihdrv;esihdrv; \??\D:\DOCUME~1\Z1\LOCALS~1\Temp\esihdrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; D:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-25 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; D:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-25 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; D:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-25 21568]
S3 RivaTuner32;RivaTuner32; \??\D:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys []
S3 SenFiltService;SenFilt Service; D:\WINDOWS\system32\drivers\Senfilt.sys []
S3 uisp;Freescale USB JW32 driver; D:\WINDOWS\System32\Drivers\usbicp.sys [2001-01-04 162900]
S3 USBAAPL;Apple Mobile USB Driver; D:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbaudio;Ovladač zvukové karty USB (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 YMIDUSB;Yamaha Corporation USB MIDI Driver; D:\WINDOWS\System32\Drivers\ymidusb.sys [2009-08-04 18560]
S4 vsdatant;vsdatant; D:\WINDOWS\system32\drivers\vsdatant.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CTAudSvcService;Creative Audio Service; D:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 ekrn;ESET Service; D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]
R2 GoogleIMEJaCacheService;Google Japanese Input Cache Service; D:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [2010-06-17 558720]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NMSAccess;NMSAccess; D:\Program Files\Blaze Media Pro\NMSAccess32.exe [2009-01-12 71096]
R2 nTuneService;Performance Service; D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2010-03-22 191080]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SmcService;Sygate Personal Firewall; D:\Program Files\Sygate\SPF\smc.exe [2004-10-15 2577632]
R3 hpqcxs08;hpqcxs08; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-31 194032]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; D:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-08-30 79360]
S3 EhttpSrv;ESET HTTP Server; D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-11 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-19 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; D:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 gupdate1ca2a1d270654e8;Služba Google Update (gupdate1ca2a1d270654e8); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-31 133104]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[earl]

Zdravim,

CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!

Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.

Budte prihlasen na pc s administratorskymi pravy.

stahnete a ulozte nejlepe na plochu ComboFix

v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.

hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:



pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120



odklepnout OK

Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.

po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem

[Dwerw]

Píše to v logu, že rezidentní štít je zapnutý, ale to asi bude chyba, protože jsem ho opravdu vypnul.

Ten log je nějaký moc dlouhý, takže ho nemůžu hodit přímo sem a jako příloha mi taky nešel přidat. Jestli to nevadí, tak tady je na něj odkaz -> http://www.mediafire.com/?ma7r5ipci2sxcc2

EDIT: Anebo tady -> http://www.fileden.com/files/2009/5/29/ ... mboFix.txt

[earl]

Nevadi.

pokud jste tak jeste neucinil(a), presunte Combofix na plochu

otevrete si Poznamkovy blok

do nej zkopirujte skript z nasledujiciho okna:

Kód: Vybrat vše

Collect::
d:\windows\S0E2F22BB.tmp
Reboot::

ulozte vami vytvoreny textovy soubor jako CFScript.txt na plochu

po ulozeni uchopte vami vytvoreny skript levym tlacitkem mysi a presunte jej nad ikonu Combofixu, nad niz skript upustte:



po aplikaci by na vas mel vyskocit dalsi log, vlozte jej sem

Upozorneni: je mozne, ze po aplikaci skriptu a restartu nenabehnou Windows,

v takovem pripade znovu restartujte, po restartu mackejte F8 a zvolte Posledni znamou funkcni konfiguraci

[Dwerw]

Tady to je.

ComboFix 10-08-08.02 - Z1 10.08.2010 0:56.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1371 [GMT 2:00]
Spuštěný z: d:\documents and settings\Z1\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Z1\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Sygate Personal Firewall *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
* Vytvořen nový Bod Obnovení

file zipped: d:\windows\S0E2F22BB.tmp
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\windows\S0E2F22BB.tmp . . . . nemohl být smazán

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-09 do 2010-08-09 )))))))))))))))))))))))))))))))
.

2010-08-02 20:28 . 2010-08-02 20:30 11 ----a-w- d:\windows\system32\nvModes.dat
2010-07-28 22:50 . 2010-07-28 22:50 -------- d-----w- d:\program files\Haali
2010-07-28 12:06 . 2010-07-28 12:07 -------- d-----w- d:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2010-07-28 11:33 . 2010-06-21 22:07 26216 ----a-w- d:\windows\system32\nvhdap32.dll
2010-07-28 11:33 . 2010-06-21 22:07 232040 ----a-w- d:\windows\system32\nvcohda.dll
2010-07-28 11:33 . 2010-06-21 22:07 91496 ----a-w- d:\windows\system32\drivers\nvhda32.sys
2010-07-28 11:32 . 2010-08-02 20:30 232968 ----a-w- d:\windows\system32\nvdrsdb0.bin
2010-07-28 11:32 . 2010-08-02 20:31 232968 ----a-w- d:\windows\system32\nvdrsdb1.bin
2010-07-28 11:32 . 2010-08-02 20:31 1 ----a-w- d:\windows\system32\nvdrssel.bin
2010-07-28 11:31 . 2010-08-03 12:42 -------- d-----w- d:\program files\NVIDIA Corporation
2010-07-28 11:31 . 2010-07-09 22:38 61440 ----a-w- d:\windows\system32\OpenCL.dll
2010-07-28 11:31 . 2010-07-09 22:38 2914408 ----a-w- d:\windows\system32\nvcuvid.dll
2010-07-28 11:31 . 2010-07-09 22:38 2506344 ----a-w- d:\windows\system32\nvcuvenc.dll
2010-07-28 11:31 . 2010-07-09 22:38 13549568 ----a-w- d:\windows\system32\nvoglnt.dll
2010-07-28 11:31 . 2010-07-09 22:38 4595712 ----a-w- d:\windows\system32\nvcuda.dll
2010-07-28 11:31 . 2010-07-09 22:38 236136 ----a-w- d:\windows\system32\nvcodins.dll
2010-07-28 11:31 . 2010-07-09 22:38 236136 ----a-w- d:\windows\system32\nvcod.dll
2010-07-28 11:31 . 2010-07-09 22:38 1388544 ----a-w- d:\windows\system32\nvapi.dll
2010-07-28 11:31 . 2010-07-09 22:38 10260480 ----a-w- d:\windows\system32\nvcompiler.dll
2010-07-28 11:31 . 2010-08-03 12:29 -------- d-----w- D:\NVIDIA
2010-07-26 14:46 . 2010-07-26 14:46 -------- d-----w- d:\program files\Yamaha
2010-07-24 10:51 . 2010-07-24 10:51 -------- d-----w- d:\program files\7-Zip
2010-07-23 21:37 . 2010-07-23 21:37 -------- d-----w- d:\program files\Microsoft.NET
2010-07-23 21:29 . 2010-07-23 21:29 -------- d-----w- d:\documents and settings\All Users\Nabidka Start
2010-07-23 19:02 . 2010-07-23 19:02 -------- d-----w- d:\program files\VstPlugins
2010-07-23 19:02 . 2010-07-23 19:03 -------- d-----w- d:\program files\Image-Line
2010-07-23 19:02 . 2010-07-23 19:02 -------- d-----w- d:\program files\Outsim
2010-07-18 18:08 . 2009-09-04 15:29 1892184 ----a-w- d:\windows\system32\D3DX9_42.dll
2010-07-13 18:43 . 2010-06-14 14:31 744448 -c----w- d:\windows\system32\dllcache\helpsvc.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-09 23:00 . 2009-12-11 20:36 0 ----a-w- d:\windows\S0E2F22BB.tmp
2010-08-08 18:33 . 2010-05-06 11:35 -------- d-----w- d:\program files\trend micro
2010-07-28 12:06 . 2009-08-28 18:27 -------- d-----w- d:\program files\RivaTuner v2.06
2010-07-23 21:41 . 2006-03-02 12:00 97578 ----a-w- d:\windows\system32\perfc005.dat
2010-07-23 21:41 . 2006-03-02 12:00 488084 ----a-w- d:\windows\system32\perfh005.dat
2010-07-23 21:29 . 2009-08-28 19:00 -------- d--h--w- d:\program files\InstallShield Installation Information
2010-07-19 12:09 . 2009-08-28 18:06 -------- d-----w- d:\program files\Common Files\Adobe
2010-07-09 22:38 . 2009-08-28 20:31 604776 ----a-w- d:\windows\system32\nvudisp.exe
2010-07-09 22:38 . 2009-08-28 20:30 2195030 ----a-w- d:\windows\system32\nvdata.bin
2010-07-09 22:38 . 2009-08-28 20:30 6343040 ----a-w- d:\windows\system32\nv4_disp.dll
2010-07-09 22:38 . 2009-08-28 20:30 10604128 ----a-w- d:\windows\system32\drivers\nv4_mini.sys
2010-07-07 11:46 . 2009-08-28 18:54 604776 ----a-w- d:\windows\system32\NVUNINST.EXE
2010-06-22 21:38 . 2010-06-22 21:38 -------- d-----w- d:\program files\Python26
2010-06-18 14:32 . 2010-06-18 14:32 -------- d-----w- d:\program files\iPod
2010-06-18 14:32 . 2009-08-30 16:38 -------- d-----w- d:\program files\Common Files\Apple
2010-06-18 14:29 . 2009-08-28 18:20 -------- d-----w- d:\program files\QuickTime
2010-06-18 14:26 . 2009-08-30 16:40 -------- d-----w- d:\program files\Bonjour
2010-06-14 14:31 . 2009-08-27 21:10 744448 ----a-w- d:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- d:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 197920 ----a-w- d:\windows\system32\dnssdX.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- d:\windows\system32\dns-sd.exe
2004-10-01 13:00 . 2009-08-28 20:59 40960 ----a-w- d:\program files\Uninstall_CDS.exe
2009-09-05 23:39 . 2009-09-05 22:06 1433632 --sha-w- d:\windows\system32\drivers\fidbox.dat
.

((((((((((((((((((((((((((((( SnapShot_2010-08-09_11.29.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-09 23:00 . 2010-08-09 23:00 16384 d:\windows\temp\Perflib_Perfdata_bc.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmcService"="d:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632]
"IMJPMIG8.1"="d:\windows\IME\imjp8_1\IMJPMIG.EXE" [2006-03-02 208952]
"MSPY2002"="d:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2006-03-02 59392]
"PHIME2002ASync"="d:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
"PHIME2002A"="d:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
"CTHelper"="CTHELPER.EXE" [2006-05-24 17920]
"UpdReg"="d:\windows\UpdReg.EXE" [2000-05-10 90112]
"razer"="d:\program files\Razer\Copperhead\razerhid.exe" [2005-10-08 155648]
"egui"="d:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2054360]
"nwiz"="d:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="d:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2010-07-09 13923432]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi4"=xgusb.cpl

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=d:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=d:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^Z1^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.1.lnk]
path=d:\documents and settings\Z1\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.1.lnk
backup=d:\windows\pss\OpenOffice.org 3.1.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- d:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- d:\program files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
2009-06-03 22:55 25600 ----a-w- d:\windows\system32\Ctxfihlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 19:27 49152 ----a-w- d:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 14:33 141624 ----a-w- e:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- d:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- d:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 20:16 421888 ----a-w- d:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 18:24 32768 ----a-w- e:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-08-29 06:46 149280 ----a-w- d:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-08-31 09:25 39408 ----a-w- d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
2006-07-13 12:11 122880 ------w- d:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=2 (0x2)
"gupdate1ca2a1d270654e8"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"e:\\Program Files\\Miranda IM\\miranda32.exe"=
"d:\\Program Files\\Azureus\\Azureus.exe"=
"e:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\Program Files\\iTunes\\iTunes.exe"=

R0 mv614x;mv614x;d:\windows\system32\drivers\mv614x.sys [28.8.2009 21:05 35200]
R0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [28.8.2009 20:09 717296]
R1 ehdrv;ehdrv;d:\windows\system32\drivers\ehdrv.sys [11.9.2009 7:23 108792]
R1 epfwtdir;epfwtdir;d:\windows\system32\drivers\epfwtdir.sys [18.10.2007 21:41 96408]
R2 ekrn;ESET Service;d:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [11.9.2009 7:24 735960]
R2 GoogleIMEJaCacheService;Google Japanese Input Cache Service;d:\program files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [17.6.2010 6:35 558720]
R3 CT20XUT.SYS;CT20XUT.SYS;d:\windows\system32\drivers\CT20XUT.sys [4.6.2009 2:46 171032]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;d:\windows\system32\drivers\CTEXFIFX.sys [4.6.2009 2:46 1324056]
R3 CTHWIUT.SYS;CTHWIUT.SYS;d:\windows\system32\drivers\CTHWIUT.sys [4.6.2009 2:46 72728]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;d:\windows\system32\drivers\nvhda32.sys [28.7.2010 13:33 91496]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;d:\windows\system32\drivers\nvoclock.sys [15.9.2009 14:59 38248]
R3 Razerlow;Razer Copperhead Driver;d:\windows\system32\drivers\Razerlow.sys [30.8.2009 17:29 19020]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;d:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [30.8.2009 18:09 79360]
S3 CT20XUT;CT20XUT;d:\windows\system32\drivers\CT20XUT.sys [4.6.2009 2:46 171032]
S3 CTEXFIFX;CTEXFIFX;d:\windows\system32\drivers\CTEXFIFX.sys [4.6.2009 2:46 1324056]
S3 CTHWIUT;CTHWIUT;d:\windows\system32\drivers\CTHWIUT.sys [4.6.2009 2:46 72728]
S3 esihdrv;esihdrv;\??\d:\docume~1\Z1\LOCALS~1\Temp\esihdrv.sys --> d:\docume~1\Z1\LOCALS~1\Temp\esihdrv.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S4 gupdate1ca2a1d270654e8;Služba Google Update (gupdate1ca2a1d270654e8);d:\program files\Google\Update\GoogleUpdate.exe [31.8.2009 11:26 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2010-07-29 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-08-09 d:\windows\Tasks\Google Software Updater.job
- d:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-31 09:25]

2010-08-09 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-08-31 09:26]

2010-08-09 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-08-31 09:26]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Z1\Data aplikací\Mozilla\Firefox\Profiles\02geqf7m.default\
FF - component: d:\documents and settings\Z1\Data aplikací\Mozilla\Firefox\Profiles\02geqf7m.default\extensions\nicofox@littlebtc\platform\WINNT_x86-msvc\components\winprocess.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll
FF - plugin: d:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: e:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: e:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: e:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: e:\program files\Opera\program\plugins\npdsplay.dll
FF - plugin: e:\program files\Opera\program\plugins\NPOFF12.DLL
FF - plugin: e:\program files\Opera\program\plugins\npqtplugin.dll
FF - plugin: e:\program files\Opera\program\plugins\npqtplugin2.dll
FF - plugin: e:\program files\Opera\program\plugins\npqtplugin3.dll
FF - plugin: e:\program files\Opera\program\plugins\npqtplugin4.dll
FF - plugin: e:\program files\Opera\program\plugins\npqtplugin5.dll
FF - plugin: e:\program files\Opera\program\plugins\npqtplugin6.dll
FF - plugin: e:\program files\Opera\program\plugins\npqtplugin7.dll
FF - plugin: e:\program files\Opera\program\plugins\npqtplugin8.dll
FF - plugin: e:\program files\Opera\program\plugins\npwmsdrm.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
e:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-10 01:02
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spxr.sys >>UNKNOWN [0x8A802938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb811cf28
\Driver\ACPI -> ACPI.sys @ 0xb7e67cb8
\Driver\atapi -> atapi.sys @ 0xb7e22b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]
"ImagePath"=""
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3004)
d:\windows\system32\SSSensor.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\program files\WinSCP\DragExt.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows\system32\nvsvc32.exe
d:\program files\Sygate\SPF\smc.exe
d:\program files\Creative\Shared Files\CTAudSvc.exe
d:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
d:\program files\Bonjour\mDNSResponder.exe
d:\program files\Blaze Media Pro\NMSAccess32.exe
d:\program files\NVIDIA Corporation\nTune\nTuneService.exe
d:\windows\system32\RUNDLL32.EXE
d:\program files\Razer\Copperhead\razertra.exe
d:\program files\Razer\Copperhead\razerofa.exe
d:\windows\system32\wbem\wmiapsrv.exe
d:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe
.
**************************************************************************
.
Celkový čas: 2010-08-10 01:05:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-09 23:05
ComboFix2.txt 2010-08-09 11:31
ComboFix3.txt 2009-12-11 20:40
ComboFix4.txt 2009-12-11 19:17

Před spuštěním: 9 901 027 328
Po spuštění: 9 888 591 872

- - End Of File - - 43E56A4264D295E7048313B789E4236A

[earl]

d:\windows\S0E2F22BB.tmp - tento soubor je zazipovan - uploadnete mi ho na ulozto nebo leteckou postu.

Jak se chova pc nyni?

[Dwerw]

Sice ComboFix napsal, že nemohl být soubor smazán, ale ve skutečnosti tam ten soubor už není. Prohledal jsem celý disk a ani žádná jeho kopie nikde není.

PC stále zamrzá. Například při pokusu o přehrání videa nebo při otevření Opery, nebo když otevřu nTune. Začínám podezřívat ovladače grafické karty.

[earl]

Stahnete OTC

spustte a klepnete na CleanUp.



Vycistete pc Ccleanerem.

Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.

Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich

(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo )

Aplikace-u prohlizecu internetu odskrtnout Historii internetu.

Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy

(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).

Taktez 2x-3x po sobe.

Ovladace grafiky samozrejme muzete nainstalovat v nejnovejsi verzi.

Zkontrolujte teploty procesoru,harddisku a grafiky nastrojem Speedfan - napiste mi je sem.

[Dwerw]

Při hledání problémů v registrech dojde k zámrzu. Vždy na stejném místě, respektive na 52%.

[earl]

Stahnete a pouzijte TweakNow RegCleaner

Ty teploty z toho Speedfanu jsou jake?

[Dwerw]

Teploty jsou v normálu. Vše už je v normálu. Díky za pomoc. Nakonec všechno vyřešila kompletní reinstalace všeho, co mělo něco společného s grafickou kartou.

[earl]

Nemate zac,hlavne,ze se problem vyresil.