POMOC!, pc se zasekava, blbne internet, problikava obrazovka

[jdKstrejcek]

Dobry den, prosim o zkontrolovani logu z PC me pritelkyne...
-pocitac se ji zasekava, blbne, dela si co chce, problikava obrazovka.
-osobne tvrdi ze musi byt zavirovany, leze po vsemoznych strankach a nejednou to vypadalo ze v PC nekoho ma.

LOG:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Zuzina at 2010-07-27 13:27:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 28 GB (71%) free of 40 GB
Total RAM: 3070 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:27:19, on 27.7.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
F:\Programy\Skype\Phone\Skype.exe
F:\Programy\Skype\Plugin Manager\skypePM.exe
F:\Hry\Burnout Paradise\BurnoutParadise.exe
C:\Documents and Settings\Zuzina\Plocha\RSIT.exe
C:\Program Files\trend micro\Zuzina.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://F:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 7407 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-03-16 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-03-16 13671016]
"NVHotkey"=nvHotkey.dll,Start []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-11-06 16855552]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-06 1434920]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-04-07 2145000]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Hry\Burnout Paradise\BurnoutLauncher.exe"="F:\Hry\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"F:\Hry\Burnout Paradise\BurnoutConfigTool.exe"="F:\Hry\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"F:\Hry\Burnout Paradise\BurnoutParadise.exe"="F:\Hry\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"F:\Programy\Skype\Plugin Manager\skypePM.exe"="F:\Programy\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"F:\Programy\Skype\Phone\Skype.exe"="F:\Programy\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-07-27 13:27:02 ----D---- C:\Program Files\trend micro
2010-07-27 13:27:01 ----D---- C:\rsit
2010-07-26 16:18:17 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-14 18:05:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-06 21:51:54 ----D---- C:\Program Files\Realtek AC97
2010-07-06 21:41:22 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2010-07-06 21:41:22 ----A---- C:\WINDOWS\system32\ChCfg.exe
2010-07-06 21:41:22 ----A---- C:\WINDOWS\system32\drivers\alcxwdm.sys
2010-07-06 21:41:22 ----A---- C:\WINDOWS\soundman.exe
2010-07-06 21:41:21 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2010-07-06 21:39:40 ----A---- C:\WINDOWS\alcupd.exe
2010-07-06 21:39:40 ----A---- C:\WINDOWS\alcrmv.exe
2010-07-02 17:41:28 ----D---- C:\Program Files\MSXML 4.0
2010-07-01 19:22:10 ----D---- C:\WINDOWS\RegisteredPackages
2010-07-01 19:21:39 ----A---- C:\WINDOWS\system32\psisdecd.dll
2010-07-01 19:21:39 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2010-07-01 19:21:39 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2010-07-01 19:21:38 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2010-07-01 19:21:36 ----A---- C:\WINDOWS\system32\dxdllreg.exe

======List of files/folders modified in the last 1 months======

2010-07-27 13:27:04 ----D---- C:\WINDOWS\Temp
2010-07-27 13:27:02 ----RD---- C:\Program Files
2010-07-27 13:27:02 ----D---- C:\WINDOWS\Prefetch
2010-07-27 13:24:54 ----D---- C:\Documents and Settings\Zuzina\Data aplikací\Skype
2010-07-27 13:05:02 ----D---- C:\Documents and Settings\Zuzina\Data aplikací\skypePM
2010-07-27 12:34:41 ----D---- C:\Program Files\Mozilla Firefox
2010-07-27 12:11:57 ----D---- C:\WINDOWS
2010-07-27 11:58:53 ----HD---- C:\WINDOWS\inf
2010-07-26 22:56:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-26 16:44:40 ----D---- C:\WINDOWS\system32
2010-07-26 16:44:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-26 16:24:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-07-26 16:18:44 ----D---- C:\Documents and Settings
2010-07-25 15:08:45 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-18 20:11:26 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-18 20:09:33 ----D---- C:\WINDOWS\Debug
2010-07-18 20:03:47 ----D---- C:\Program Files\Windows Media Connect 2
2010-07-14 18:05:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-14 18:05:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-08 13:09:04 ----SHD---- C:\WINDOWS\Installer
2010-07-08 12:10:12 ----A---- C:\WINDOWS\ODBC.INI
2010-07-06 21:45:34 ----D---- C:\Program Files\CCleaner
2010-07-06 21:41:52 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-06 21:41:23 ----D---- C:\WINDOWS\system32\drivers
2010-07-06 21:39:40 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-02 21:03:43 ----D---- C:\WINDOWS\WinSxS
2010-07-01 23:45:31 ----D---- C:\WINDOWS\system32\inetsrv
2010-07-01 19:22:33 ----RSD---- C:\WINDOWS\assembly
2010-07-01 19:21:28 ----D---- C:\WINDOWS\system32\DirectX
2010-06-30 16:26:58 ----RSD---- C:\WINDOWS\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2007-07-23 14576]
R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2007-07-23 99808]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-07-26 43872]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-25 691696]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-07-23 30064]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-04-07 55232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\Drivers\DLABMFSM.SYS [2007-07-23 37360]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\Drivers\DLABOIOM.SYS [2007-07-23 32848]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\Drivers\DLADResM.SYS [2007-07-23 9104]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\Drivers\DLAIFS_M.SYS [2007-07-23 108752]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\Drivers\DLAOPIOM.SYS [2007-07-23 27216]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\Drivers\DLAPoolM.SYS [2007-07-23 16304]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\Drivers\DLAUDF_M.SYS [2007-07-23 98448]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\Drivers\DLAUDFAM.SYS [2007-07-23 93552]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-07-23 52000]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-04-07 139192]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-04-07 134488]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-10-09 1123328]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-04-07 32584]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-14 4625408]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-10-29 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-03-17 10259488]
R3 O2MDRDR;O2MDRDR; C:\WINDOWS\system32\DRIVERS\o2media.sys [2008-02-14 48472]
R3 O2SDRDR;O2SDRDR; C:\WINDOWS\system32\DRIVERS\o2sd.sys [2008-02-14 43480]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-03-06 208304]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S1 OMCI;OMCI; \??\C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS []
S3 axal036d;axal036d; C:\WINDOWS\system32\drivers\axal036d.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CSRBC;CSRBC.Sys CSR test driver; C:\WINDOWS\System32\Drivers\csrbcxp.sys [2007-01-16 31744]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-23 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-10-05 73600]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-04-10 41856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-03-16 154216]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2008-02-14 65536]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-07 33560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-02 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2005-10-14 87768]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2005-10-14 239320]

-----------------EOF-----------------

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[jdKstrejcek]

ComboFix 10-07-24.06 - Zuzina 27.07.2010 15:40:23.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.2648 [GMT 2:00]
Spuštěný z: c:\documents and settings\Zuzina\Plocha\ComboFix.exe
AV: ESET Smart Security 4.2 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\jestertb.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-27 do 2010-07-27 )))))))))))))))))))))))))))))))
.

2010-07-27 11:27 . 2010-07-27 13:08 -------- d-----w- c:\program files\trend micro
2010-07-27 11:27 . 2010-07-27 11:27 -------- d-----w- C:\rsit
2010-07-14 15:59 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-06 19:51 . 2010-07-06 21:16 -------- d-----w- c:\program files\Realtek AC97
2010-07-06 19:41 . 2007-04-25 14:20 4030144 ----a-w- c:\windows\system32\drivers\alcxwdm.sys
2010-07-06 19:41 . 2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe
2010-07-06 19:41 . 2006-10-18 00:53 147456 ----a-w- c:\windows\system32\RtlCPAPI.dll
2010-07-06 19:41 . 2006-08-01 13:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2010-07-06 19:41 . 2006-12-08 13:20 10528768 ----a-w- c:\windows\system32\RTLCPL.exe
2010-07-06 19:39 . 2006-07-31 09:27 217088 ----a-w- c:\windows\alcrmv.exe
2010-07-06 19:39 . 2006-07-31 09:19 315392 ----a-w- c:\windows\alcupd.exe
2010-07-02 15:41 . 2010-07-02 15:41 -------- d-----w- c:\program files\MSXML 4.0

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-27 09:58 . 2010-05-25 14:20 52757 ----a-w- c:\windows\system32\nvModes.dat
2010-07-26 14:44 . 2007-10-29 12:00 95892 ----a-w- c:\windows\system32\perfc005.dat
2010-07-26 14:44 . 2007-10-29 12:00 475970 ----a-w- c:\windows\system32\perfh005.dat
2010-07-18 18:03 . 2010-05-29 17:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-07-15 16:45 . 2010-05-25 13:50 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-06 19:45 . 2010-05-27 17:43 -------- d-----w- c:\program files\CCleaner
2010-07-06 19:39 . 2010-05-25 13:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-14 14:31 . 2010-05-25 13:16 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-07 19:05 . 2010-06-07 19:05 -------- d-----w- c:\program files\SharpDevelop
2010-06-02 06:37 . 2010-06-02 06:37 -------- d-----w- c:\program files\Bonjour
2010-06-02 06:36 . 2010-05-26 13:59 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-02 06:28 . 2010-06-02 06:28 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-05-31 19:12 . 2010-05-31 19:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-05-31 06:39 . 2010-05-31 06:39 -------- d-----w- c:\program files\MSBuild
2010-05-31 06:39 . 2010-05-31 06:39 -------- d-----w- c:\program files\Reference Assemblies
2010-05-30 13:00 . 2010-05-30 12:38 -------- d-----w- c:\program files\Microsoft SQL Server
2010-05-29 16:59 . 2010-05-29 16:59 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2010-05-27 08:55 . 2010-05-27 08:55 74 --sh--r- c:\windows\CT4CET.bin
2010-05-26 15:49 . 2010-05-26 15:49 1196 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-05-25 16:32 . 2010-05-25 16:32 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-25 16:16 . 2010-05-25 16:16 0 ----a-w- c:\windows\nsreg.dat
2010-05-25 14:28 . 2010-05-25 14:28 315392 ----a-w- c:\windows\HideWin.exe
2010-05-25 14:03 . 2010-05-25 13:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-25 14:03 . 2010-05-25 13:17 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-05-25 14:01 . 2010-05-25 13:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-05-25 13:50 . 2010-05-25 13:50 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-05-25 13:15 . 2010-05-25 13:15 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-05-06 10:35 . 2007-10-29 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:09 . 2007-10-29 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2006-06-15 18:33 . 2010-05-27 08:55 233472 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2006-05-25 16:43 . 2010-05-27 08:55 204895 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2005-09-29 12:41 . 2010-05-27 08:55 77824 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2006-06-19 11:10 . 2010-05-27 08:55 426081 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2005-02-02 10:19 . 2010-05-27 08:54 458752 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2006-04-10 16:35 . 2010-05-27 08:55 139264 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2005-11-09 09:10 . 2010-05-27 08:54 204800 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2005-11-09 09:42 . 2010-05-27 08:54 106496 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2006-01-04 09:22 . 2010-05-27 08:54 212992 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2006-01-04 09:21 . 2010-05-27 08:54 167936 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-03-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-16 13671016]
"NVHotkey"="nvHotkey.dll" [2010-03-16 88168]
"RTHDCPL"="RTHDCPL.EXE" [2007-11-06 16855552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-07 2145000]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-1-11 2150400]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"f:\\Hry\\Burnout Paradise\\BurnoutLauncher.exe"=
"f:\\Hry\\Burnout Paradise\\BurnoutConfigTool.exe"=
"f:\\Hry\\Burnout Paradise\\BurnoutParadise.exe"=
"f:\\Programy\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Programy\\Skype\\Phone\\Skype.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [7.4.2010 21:07 114984]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [7.4.2010 21:07 810120]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [25.5.2010 15:33 48472]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [25.5.2010 15:33 43480]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25.5.2010 18:32 691696]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - f:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Zuzina\Data aplikací\Mozilla\Firefox\Profiles\x0m4smem.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npRLCT4Player.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-nwiz - nwiz.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-27 15:42
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-07-27 15:43:58
ComboFix-quarantined-files.txt 2010-07-27 13:43

Před spuštěním: Volných bajtů: 30 059 757 568
Po spuštění: Volných bajtů: 30 130 962 432

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 77316487F52B3179599C5EB29F2A2609

[jdKstrejcek]

behem scenu to po nas chtelo nejaky nastroj zotaveni systemu ze to nainstaluje nebo tak. Stimto jsem se este nesetkal...

[jdKstrejcek]

jinak nastava dalsi problem ze treba pri prehravani filmu skoci treba ERROR s hlaskou ze neni dostatek mista v oddilu a podobne veci...

[Rudy]

1 položka smazána, zbytek logu vapydá čistý. Konzolu pro zotavení není v tomto případě třeba instalovat. S tím místem: nemáte přeplněný disk?

[jdKstrejcek]

jak je jiz videt z prvniho logu, misto je. PC stale problikava (neni chyba hardwaru)...proste v pohode bezi a najednou zacne problikavat, kousat se, zamrzne. A musi nasledovat casty resstart. Vcera jsme to projizdeli v nouzovym rezimu pomoci ESET a nic to nenaslo...Prehravani nechapem, jiz ta vyskakujici hlaska a hnout se stim dale neda.

[jdKstrejcek]

navic, zacalo to delat az nedavno (netusim zda pritelkyne do toho neco instalovala, budu se muset zeptat)...sem na internetovem prohlizeci (jakykoliv) a najednou zacne obrazovka problikavat, kosat, zamrzat...

[Rudy]

jak je jiz videt z prvniho logu, misto je.

Ptal jsem se proto, že nevím, zda tento disk (40GB) je jediný v PC. Přítelkyně se rozhodně zeptejte, co bylo instalováno těsně před tím, než se problém objevil. Zkuste reinstalovat ovladač gr. karty a zákl. desky. I chyba hw to být může (gr. karta).

[jdKstrejcek]

pardon, nevedel jsme ze tam neni druhy videt. Ano i na nem misto je, po jejim prichodu se zeptam co instalovala, ale pouze jedine co vim je ze brouzda vsude po internetu a zacalo ji to delat pri surfovani.Ty ovladace ozkousim, ale notebook byl nedavno reinstalovan (2 mesice)

[Rudy]

Jj, zkuste.

[jdKstrejcek]

[jdKstrejcek]

toto to pise pri obycejnem stahovani, zacalo to zniceho nic, nic se neprenastavovalo...a u prehravani filmu taky pise ze nemame opravneni, ale az u konce a nedostatek mista v oddilu atd...vse sme zkouseli reinstal a stale nic

[Rudy]

Spíše než na vir to vypadá, že je v systému něco poškozeno. Zkuste obnovu systému k datu, kdy korektně fungoval.