Zamrzávání PC a dlouhý start - kontrola logu

[sorche]

Dobrý den, zamrzává mi počítač, asi tak po minutě kdy na nic nereaguje, se pak rozjede. Po startu také dlouho nabíhá. Mohl by se mi, prosím, někdo podívat na log?

Logfile of random's system information tool 1.08 (written by random/random)
Run by Léňa at 2011-02-17 13:17:54
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 6 GB (20%) free of 29 GB
Total RAM: 958 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:18:06, on 17.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
E:\PNotes\PNotes.exe
C:\Program Files\KB350e\MagicKey.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\KB350e\OSD.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Documents and Settings\Léňa\Local Settings\Data aplikací\Seznam.cz\postak.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Léňa\Nabídka Start\Programy\Po spuštění\FSI.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Documents and Settings\Léňa\Plocha\RSIT.exe
C:\Program Files\trend micro\Léňa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_SAAE.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PNotes] E:\PNotes\PNotes.exe
O4 - HKLM\..\Run: [KB350e] C:\Program Files\KB350e\MagicKey.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Seznam Postak] "C:\Documents and Settings\Léňa\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: FSI.EXE
O4 - Startup: Seagate Product Registration.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B4BB3A9-C6C8-4022-AD89-81FC8A9D8AF3}: NameServer = 85.207.12.202
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 8217 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2010-02-03 720896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-05 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2010-02-03 720896]
{D5D47440-0750-463D-BAEF-A47D02414806}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-01-24 2957824]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-08 53248]
"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-11-01 163840]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"EPSON Stylus DX6000 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE [2006-02-13 131072]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"PNotes"=E:\PNotes\PNotes.exe [2008-08-21 505344]
"KB350e"=C:\Program Files\KB350e\MagicKey.exe [2007-12-12 184320]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Documents and Settings\Léňa\Local Settings\Data aplikací\Seznam.cz\postak.exe [2010-02-02 448664]
"Active Desktop Calendar"=C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe [2010-01-20 5724672]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files\pdf24\pdf24.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-09-24 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\Winampa.exe [2010-02-04 24576]

C:\Documents and Settings\Léňa\Nabídka Start\Programy\Po spuštění
FSI.EXE
Seagate Product Registration.lnk - C:\Documents and Settings\Léňa\Data aplikací\Leadertech\PowerRegister\Seagate Product Registration.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\inet_srv\apache\bin\Apache.exe"="C:\inet_srv\apache\bin\Apache.exe:*:Enabled:Apache"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe:*:Enabled:Sony Ericsson PC Suite"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-02-17 13:17:55 ----D---- C:\Program Files\trend micro
2011-02-17 13:17:54 ----D---- C:\rsit
2011-02-17 11:42:52 ----D---- C:\Program Files\CrystalDiskInfo
2011-02-17 11:05:22 ----D---- C:\Program Files\SpeedFan
2011-02-17 10:54:49 ----D---- C:\Documents and Settings\Léňa\Data aplikací\HD Tune Pro
2011-02-17 10:54:40 ----D---- C:\Program Files\HD Tune Pro
2011-02-14 12:39:01 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2011-02-14 12:38:59 ----D---- C:\Program Files\PDFCreator
2011-02-14 12:38:59 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2011-02-13 12:18:45 ----A---- C:\WINDOWS\system32\pncrt.dll
2011-02-13 12:17:26 ----D---- C:\Program Files\FreeTime
2011-02-12 18:45:07 ----D---- C:\Program Files\WinPcap
2011-02-12 18:24:47 ----D---- C:\Program Files\ConvertHelper
2011-02-10 21:58:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-10 21:58:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-10 21:58:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-10 21:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-10 21:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-10 21:55:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-10 21:55:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-01-31 21:50:57 ----D---- C:\Program Files\CCleaner
2011-01-27 21:45:34 ----D---- C:\Documents and Settings\Léňa\Data aplikací\QIP
2011-01-24 14:53:06 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2011-01-24 14:09:43 ----D---- C:\Program Files\RegCleaner
2011-01-24 13:01:13 ----D---- C:\Program Files\Microsoft Synchronization Services
2011-01-24 13:00:59 ----D---- C:\Program Files\Microsoft.NET
2011-01-24 13:00:59 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2011-01-24 12:55:29 ----D---- C:\Program Files\Microsoft SQL Server
2011-01-24 12:51:23 ----D---- C:\Documents and Settings\Léňa\Data aplikací\Spyware Terminator
2011-01-24 12:51:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-01-24 12:51:21 ----D---- C:\Program Files\Spyware Terminator
2011-01-24 12:14:31 ----D---- C:\WINDOWS\system32\windowspowershell
2011-01-24 12:14:16 ----DC---- C:\WINDOWS\$NtUninstallKB926139-v2$
2011-01-23 21:03:50 ----DC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-01-23 21:01:07 ----D---- C:\WINDOWS\system32\XPSViewer
2011-01-23 21:01:02 ----D---- C:\Program Files\MSBuild
2011-01-23 19:08:40 ----D---- C:\Program Files\Microsoft Help Viewer
2011-01-23 19:08:04 ----D---- C:\Program Files\Reference Assemblies
2011-01-23 18:55:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958655-v2$
2011-01-23 18:49:14 ----D---- C:\WINDOWS\system32\en-US
2011-01-23 17:42:43 ----D---- C:\WINDOWS\SxsCaPendDel

======List of files/folders modified in the last 1 months======

2011-02-17 13:17:55 ----RD---- C:\Program Files
2011-02-17 13:17:39 ----D---- C:\WINDOWS\Prefetch
2011-02-17 12:21:07 ----D---- C:\WINDOWS\Temp
2011-02-17 12:08:19 ----D---- C:\WINDOWS
2011-02-17 12:04:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-17 12:04:24 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-17 11:59:26 ----D---- C:\Program Files\Winamp
2011-02-17 11:59:13 ----D---- C:\WINDOWS\Minidump
2011-02-17 11:59:13 ----D---- C:\WINDOWS\Debug
2011-02-17 11:05:21 ----D---- C:\WINDOWS\system32
2011-02-16 20:40:36 ----A---- C:\WINDOWS\wincmd.ini
2011-02-16 20:40:01 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-02-12 18:46:22 ----AD---- C:\Program Files\Common Files
2011-02-12 18:45:07 ----D---- C:\WINDOWS\system32\drivers
2011-02-10 21:58:26 ----HD---- C:\WINDOWS\inf
2011-02-10 21:58:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-10 21:56:37 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-10 21:56:24 ----D---- C:\Program Files\Internet Explorer
2011-02-10 21:56:10 ----D---- C:\WINDOWS\ie8updates
2011-02-10 21:56:06 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-10 09:58:46 ----SHD---- C:\WINDOWS\Installer
2011-02-10 09:58:00 ----D---- C:\Program Files\Common Files\Adobe
2011-02-06 11:12:30 ----D---- C:\Program Files\yBook
2011-01-30 20:35:49 ----RASH---- C:\boot.ini
2011-01-30 20:35:49 ----A---- C:\WINDOWS\win.ini
2011-01-30 20:35:49 ----A---- C:\WINDOWS\system.ini
2011-01-30 17:00:45 ----A---- C:\WINDOWS\winamp.ini
2011-01-28 10:24:45 ----D---- C:\Program Files\QIP
2011-01-26 17:32:04 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-25 13:04:46 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-25 13:04:45 ----RSD---- C:\WINDOWS\assembly
2011-01-24 23:15:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-24 23:15:44 ----D---- C:\WINDOWS\WinSxS
2011-01-24 14:53:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-24 14:45:38 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-24 13:03:56 ----D---- C:\WINDOWS\system32\config
2011-01-24 13:03:28 ----D---- C:\WINDOWS\system32\wbem
2011-01-24 13:03:27 ----D---- C:\WINDOWS\Registration
2011-01-24 13:01:13 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-01-24 12:54:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-01-24 12:50:59 ----D---- C:\WINDOWS\system32\Restore
2011-01-24 11:44:40 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-23 21:55:37 ----D---- C:\WINDOWS\SoftwareDistribution
2011-01-23 21:03:31 ----D---- C:\WINDOWS\system32\cs-cz
2011-01-23 21:00:57 ----RSD---- C:\WINDOWS\Fonts
2011-01-23 17:52:59 ----D---- C:\WINDOWS\system32\1033
2011-01-21 15:44:07 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:07 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-18 22:41:33 ----D---- C:\Documents and Settings\Léňa\Data aplikací\WinEdt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 230Fltr;KB350e USB Filter Driver; C:\WINDOWS\System32\Drivers\230Fltr.sys [2007-11-26 8192]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-08-11 393088]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-02-08 244352]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 176128]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 RsFx0102;RsFx0102 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-02-03 1097216]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------

[Rudy]

Vyčistěte PC CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 a proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[sorche]

Dobře, děkuji, CCleanerem jsem PC vyčistila, sken MBAM bude asi chvíli trvat.

[Rudy]

Až bude hotov, vložte sem log.

[sorche]

Tady je log z kompletního skenu MBAM:

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3693
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

17.2.2011 22:35:42
mbam-log-2011-02-17 (22-35-42).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|E:\|F:\|)
Zkontrolované objekty: 284659
Uplynulý čas: 2 hour(s), 6 minute(s), 52 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

[Rudy]

Log ja OK. Zkusíme to jinak. Start>spustit>(napsat) msconfig>OK. V otevřeném okně odstraňte všechny zatržítka u položek, které nemusí startovat automaticky při startu (tj. takové, které si můžete ručně spustit, když je budete potřebovat). Nastavení uložte, zavřete okno a restartujte PC.

[sorche]

V msconfigu už jsem zkoušela povypínat programy, které se nemusí spouštět při startu, než jsem se obrátila na toto fórum. Bohužel to taky nepomohlo, myslím, že mi asi odchází HDD (chtěla jsem mít jistotu, že ho nemám zavirovaný), protože když mi PC zamrzne, tak v disku jakoby po 1-2 min cvakne a pak zase běží. Ale je divné, že se mi včera nejvíc sekal, hned ráno po zapnutí, dokud byl studený... až běžel dýl, tak byl celkem klid, jen večer u toho skenu MBAM jednou zamrzl.

Nebo možná bude problém v kabelu mezi HDD a řadičem, protože když spustím program HD Tune Pro tak mám warning u Ultra DMA CRC Error Count, hodnota je 143. Těžko říct...

[Rudy]

Je to možné. Dříve, než začnete něco dělat s diskem, vyzkoušejte jiný, zaručeně dobrý, kabel. Udělejte zálohu důležitých dat a pak proveďte systémový checkdisk s opravou chyb.

[sorche]

Takže si taky myslíte, že by to mohl být kabel? Mně to taky přišlo, že by to mohl dělat... ale ptala jsem se dneska v servise, co tu máme a pan mi tam tvrdil, že to kablem nebude, že to bude odcházet disk, když v něm "cvaká". Disk mám asi 5,5 roků.

Nemám ještě pro jistotu zkusit udělat ComboFix nebo myslíte, že to nemá cenu?

[Rudy]

Já si také myslím, že to bude dělat samotný disk, ale vycházím z toho, že naděje umírá poslední. Za kabel dáte něco kolem 40Kč, za disk mnohem více. CF udělat můžete, ale myslím že top k ničemu nebude.

[sorche]

Dobře, zkusím napřed nový kabel, jestli to nepomůže.

Zkusila jsem ještě ten ComboFix, kdyby náhodou... můžete se na něj, prosím, ještě podívat?

ComboFix 11-02-17.02 - Léňa 18.02.2011 19:38:19.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.958.567 [GMT 1:00]
Spuštěný z: c:\documents and settings\Léňa\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Golden\Golden.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-18 do 2011-02-18 )))))))))))))))))))))))))))))))
.

2011-02-18 14:25 . 2011-02-18 14:25 711168 ----a-w- c:\windows\isRS-000.tmp
2011-02-17 12:17 . 2011-02-17 12:18 -------- d-----w- c:\program files\trend micro
2011-02-17 12:17 . 2011-02-17 12:18 -------- d-----w- C:\rsit
2011-02-17 10:42 . 2011-02-17 10:43 -------- d-----w- c:\program files\CrystalDiskInfo
2011-02-17 10:05 . 2011-02-18 10:37 -------- d-----w- c:\program files\SpeedFan
2011-02-17 09:54 . 2011-02-17 16:32 -------- d-----w- c:\documents and settings\Léňa\Data aplikací\HD Tune Pro
2011-02-17 09:54 . 2011-02-17 09:54 -------- d-----w- c:\program files\HD Tune Pro
2011-02-14 11:39 . 2004-03-09 00:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2011-02-14 11:39 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-02-14 11:39 . 1998-06-24 00:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-02-14 11:38 . 2011-02-14 11:39 -------- d-----w- c:\program files\PDFCreator
2011-02-14 11:38 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-02-13 11:17 . 2011-02-13 11:17 -------- d-----w- c:\program files\FreeTime
2011-02-12 17:45 . 2011-02-12 17:45 -------- d-----w- c:\program files\WinPcap
2011-02-12 17:24 . 2011-02-12 17:24 -------- d-----w- c:\program files\ConvertHelper
2011-01-31 20:50 . 2011-01-31 20:50 -------- d-----w- c:\program files\CCleaner
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-01-27 20:45 . 2011-01-27 20:45 -------- d-----w- c:\documents and settings\Léňa\Data aplikací\QIP
2011-01-24 14:02 . 2011-01-25 11:57 188128 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2011-01-24 13:53 . 2011-01-25 11:56 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2011-01-24 13:09 . 2011-01-24 13:20 -------- d-----w- c:\program files\RegCleaner
2011-01-24 12:03 . 2011-01-24 12:03 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-24 12:01 . 2011-01-24 12:01 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-01-24 12:00 . 2011-01-24 12:00 -------- d-----w- c:\program files\Microsoft.NET
2011-01-24 12:00 . 2011-01-24 12:00 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-01-24 11:55 . 2011-01-24 12:01 -------- d-----w- c:\program files\Microsoft SQL Server
2011-01-24 11:51 . 2011-02-18 18:31 -------- d-----w- c:\documents and settings\Léňa\Data aplikací\Spyware Terminator
2011-01-24 11:51 . 2011-02-16 12:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2011-01-24 11:51 . 2011-02-17 12:00 -------- d-----w- c:\program files\Spyware Terminator
2011-01-23 20:01 . 2011-01-24 11:58 -------- d-----w- c:\windows\system32\XPSViewer
2011-01-23 20:01 . 2011-01-23 20:01 -------- d-----w- c:\program files\MSBuild
2011-01-23 18:08 . 2011-01-23 18:08 -------- d-----w- c:\program files\Microsoft Help Viewer
2011-01-23 18:08 . 2011-01-23 18:08 -------- d-----w- c:\program files\Reference Assemblies
2011-01-23 16:42 . 2011-01-24 11:16 -------- d-----w- c:\windows\SxsCaPendDel
2011-01-21 14:44 . 2011-01-21 14:44 440320 -c----w- c:\windows\system32\dllcache\shimgvw.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-21 14:44 . 2006-03-02 12:00 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 08:47 . 2010-12-25 10:49 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-12-25 10:49 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-12-25 10:49 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-12-25 10:49 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-12-25 10:49 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-12-25 10:49 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-12-25 10:49 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-12-25 10:49 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-12-25 10:49 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-07 14:09 . 2006-03-02 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2006-03-02 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2006-03-02 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:52 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:52 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:52 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:25 . 2006-03-02 12:00 729088 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15 . 2006-03-02 12:00 713216 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 15:14 . 2004-08-17 15:45 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-12-09 15:14 . 2006-03-02 12:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 14:30 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\documents and settings\Léňa\Local Settings\Data aplikací\Seznam.cz\postak.exe" [2010-02-02 448664]
"Active Desktop Calendar"="c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe" [2010-01-20 5724672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2011-01-24 2957824]
"VTTimer"="VTTimer.exe" [2005-03-08 53248]
"VTTrayp"="VTtrayp.exe" [2005-11-01 163840]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"PNotes"="e:\pnotes\PNotes.exe" [2008-08-21 505344]
"KB350e"="c:\program files\KB350e\MagicKey.exe" [2007-12-12 184320]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-10-19 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\L‚ĺa\Nabˇdka Start\Programy\Po spuçtŘnˇ\
FSI.EXE [2001-12-9 391680]
Seagate Product Registration.lnk - c:\documents and settings\L‚ĺa\Data aplikacˇ\Leadertech\PowerRegister\Seagate Product Registration.exe [2010-12-24 1731736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-10-19 18:16 286720 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-09-24 12:41 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-02-04 19:28 24576 ----a-w- c:\program files\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\inet_srv\\apache\\bin\\Apache.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson PC Suite\\SEPCSuite.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.12.2010 11:49 294608]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [3.2.2010 18:52 138752]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.12.2010 11:49 17744]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 3:09 50704]
R3 230Fltr;KB350e USB Filter Driver;c:\windows\system32\drivers\230Fltr.sys [15.3.2010 16:40 8192]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2.7.2010 18:18 27632]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2.7.2010 18:18 90112]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [3.2.2010 21:32 176128]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [11.7.2008 1:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 2:49 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [11.7.2008 1:28 369688]
.
Obsah adresáře 'Naplánované úlohy'

2011-01-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
TCP: {3B4BB3A9-C6C8-4022-AD89-81FC8A9D8AF3} = 85.207.12.202
FF - ProfilePath - c:\documents and settings\Léňa\Data aplikací\Mozilla\Firefox\Profiles\1xg9f4lk.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-PDFPrint - c:\program files\pdf24\pdf24.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-18 19:43
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2011-02-18 19:45:10
ComboFix-quarantined-files.txt 2011-02-18 18:45

Před spuštěním: Volných bajtů: 12 457 926 656
Po spuštění: Volných bajtů: 12 621 598 720

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - F2F42A96356CC60DB2039360D34E7ED9

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\isRS-000.tmp

Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[sorche]

Dočištěno. Děkuji za rady a strávený čas. Zkusím vyměnit ještě ten kabel a uvidím, co to bude dělat. Mějte se hezky.

[Rudy]

Vy též a nemáte zač!