VIRY.CZ

Počítač se každou chvíli restartuje. Prosím o kontrolu logu, jestli je to hardware nebo software. Děkuji


Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-01-24 16:52:39
Systém Microsoft Windows XP Professional Service Pack 3
System drive H: has 12 GB (31%) free of 40 GB
Total RAM: 3454 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:53:00, on 24.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21020)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\COMODO\COMODO Internet Security\cfp.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\WINDOWS\RTHDCPL.EXE
H:\WINDOWS\ZSSnp211.exe
H:\WINDOWS\Domino.exe
H:\Program Files\Java\jre6\bin\jusched.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Skype\Phone\Skype.exe
H:\Program Files\uTorrent\uTorrent.exe
H:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
H:\Program Files\Java\jre6\bin\jqs.exe
H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\wbem\wmiapsrv.exe
H:\Program Files\Skype\Plugin Manager\skypePM.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
I:\Documents and Settings\Administrator\Dokumenty\Downloads\RSIT.exe
I:\Documents and Settings\Administrator\Dokumenty\Downloads\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - H:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - H:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [COMODO Internet Security] "H:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZSSnp211] H:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] H:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [uTorrent] "H:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [365dni] H:\Program Files\365dníNET\365dniNET.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://H:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://H:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: H:\WINDOWS\system32\guard32.dll
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - H:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - H:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6298 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - H:\Program Files\Ask.com\GenericAskToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - H:\Program Files\Ask.com\GenericAskToolbar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=H:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-12-02 1800464]
"NvCplDaemon"=H:\WINDOWS\system32\NvCpl.dll [2008-08-01 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=H:\WINDOWS\system32\NvMcTray.dll [2008-08-01 86016]
"RTHDCPL"=H:\WINDOWS\RTHDCPL.EXE [2009-02-17 17508864]
"Alcmtr"=H:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"Adobe Reader Speed Launcher"=H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"ZSSnp211"=H:\WINDOWS\ZSSnp211.exe [2007-04-06 57344]
"Domino"=H:\WINDOWS\Domino.exe [2006-08-18 49152]
"SunJavaUpdateSched"=H:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=H:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"uTorrent"=H:\Program Files\uTorrent\uTorrent.exe [2010-01-21 319792]
"365dni"=H:\Program Files\365dníNET\365dniNET.exe [2007-01-06 753664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" H:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\wpdshserviceobj.dll [2009-05-22 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - H:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-01-24 16:52:39 ----D---- H:\rsit
2010-01-24 16:21:47 ----D---- H:\Program Files\ASIO4ALL v2
2010-01-19 22:49:34 ----D---- H:\Documents and Settings\All Users\Data aplikací\Locktime
2010-01-12 11:49:18 ----D---- H:\Documents and Settings\Administrator\Data aplikací\PLANStudio Setup
2009-12-26 14:51:37 ----D---- H:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2009-12-26 14:42:36 ----D---- H:\Program Files\DAMN NFO Viewer
2009-12-26 14:28:14 ----A---- H:\WINDOWS\system32\vp6vfw.dll
2009-12-26 14:28:09 ----D---- H:\Program Files\Microsoft WSE
2009-12-26 14:22:59 ----D---- H:\Program Files\Electronic Arts

======List of files/folders modified in the last 1 months======

2010-01-24 16:53:00 ----D---- H:\WINDOWS\Prefetch
2010-01-24 16:52:36 ----D---- H:\Documents and Settings\Administrator\Data aplikací\uTorrent
2010-01-24 16:38:12 ----D---- H:\Documents and Settings\Administrator\Data aplikací\Skype
2010-01-24 16:29:26 ----D---- H:\Program Files\Mozilla Firefox
2010-01-24 16:28:23 ----D---- H:\WINDOWS\Temp
2010-01-24 16:25:38 ----D---- H:\Documents and Settings\Administrator\Data aplikací\365dni
2010-01-24 16:25:17 ----D---- H:\WINDOWS\system32\CatRoot2
2010-01-24 16:25:04 ----D---- H:\WINDOWS
2010-01-24 16:21:47 ----RD---- H:\Program Files
2010-01-24 16:03:33 ----D---- H:\Documents and Settings\Administrator\Data aplikací\skypePM
2010-01-24 09:01:00 ----A---- H:\WINDOWS\SchedLgU.Txt
2010-01-22 14:30:04 ----D---- H:\Program Files\JDownloader
2010-01-22 14:20:22 ----D---- H:\WINDOWS\system32\drivers
2010-01-22 14:20:14 ----D---- H:\WINDOWS\system32
2010-01-22 14:17:56 ----D---- H:\Program Files\uTorrent
2010-01-21 09:06:39 ----D---- H:\WINDOWS\system32\config
2010-01-19 22:48:28 ----AD---- H:\Documents and Settings\All Users\Data aplikací\TEMP
2010-01-19 22:47:18 ----D---- H:\Program Files\Internet Explorer
2010-01-15 07:16:28 ----D---- H:\Program Files\Mozilla Thunderbird
2010-01-13 20:14:16 ----SHD---- H:\WINDOWS\Installer
2009-12-26 15:02:22 ----SD---- H:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-12-26 14:51:59 ----D---- H:\Documents and Settings\Administrator\Data aplikací\XnView
2009-12-26 14:28:10 ----SD---- H:\Documents and Settings\Administrator\Data aplikací\Microsoft
2009-12-26 14:28:10 ----RSD---- H:\WINDOWS\assembly
2009-12-26 14:22:58 ----HD---- H:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Ovladač procesoru HwPState AMD; H:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; H:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-12-02 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver; H:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-12-02 25160]
R1 VD_FileDisk;VD_FileDisk; H:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; H:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R3 gdrv;gdrv; \??\H:\WINDOWS\gdrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; H:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; H:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); H:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-17 5026816]
R3 mouhid;Ovladač myši standardu HID; H:\WINDOWS\system32\DRIVERS\mouhid.sys [2009-05-22 12160]
R3 nv;nv; H:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-01 6555104]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; H:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; H:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 pcouffin;VSO Software pcouffin; H:\WINDOWS\System32\Drivers\pcouffin.sys [2009-10-10 47360]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; H:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; H:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; H:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Ambfilt;Ambfilt; H:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AMDMSRIO;AMDMSRIO; \??\H:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys []
S3 CCDECODE;Dekodér Closed Caption; H:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\H:\Program Files\MediaCoder\SysInfo.sys []
S3 Monfilt;Monfilt; H:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; H:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; H:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; H:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Ser2pl;MAT Serial port driver; H:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SLIP;BDA Slip De-Framer; H:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; H:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 WSTCODEC;Dálnopisný kodek světového standardu; H:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-05-22 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-05-22 82944]
S3 ZSMC211;ZSMC USB PC Camera (ZS211); H:\WINDOWS\System32\Drivers\ZS211.sys [2007-06-08 1534464]
S4 exFat;exFat; H:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
S4 IntelIde;IntelIde; H:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; H:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-15 723632]
R2 ES lite Service;ES lite Service for program management.; H:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2008-12-24 68136]
R2 JavaQuickStarterService;Java Quick Starter; H:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; H:\WINDOWS\system32\nvsvc32.exe [2008-08-01 159812]
S3 aspnet_state;ASP.NET State Service; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 odserv;Microsoft Office Diagnostics Service; H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; H:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

ComboFix 10-01-24.01 - Administrator 24.01.2010 21:40:27.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3454.3028 [GMT 1:00]
Spuštěný z: i:\documents and settings\Administrator\Dokumenty\Downloads\ComboFix.exe
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

h:\documents and settings\Administrator\avidemux
h:\documents and settings\Administrator\avidemux\config
h:\documents and settings\Administrator\Dokumenty
h:\documents and settings\Administrator\Dokumenty\Downloads\Ace Ventura 2.avi
h:\documents and settings\Administrator\Dokumenty\Downloads\Ace Ventura.avi
h:\documents and settings\Administrator\Dokumenty\Downloads\Agentky D.E.B.S\Agentky D.E.B.S.avi
h:\documents and settings\Administrator\Dokumenty\Downloads\Holky v baliku.avi
h:\documents and settings\Administrator\Dokumenty\Downloads\My dva a Křen .avi.avi
h:\documents and settings\Administrator\Dokumenty\Downloads\Thumbs.db
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VIDEO_TS.BUP
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VIDEO_TS.IFO
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VIDEO_TS.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VTS_01_0.BUP
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VTS_01_0.IFO
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VTS_01_0.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VTS_01_1.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VTS_01_2.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VTS_01_3.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VTS_01_4.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\WITHIN TEMPTATION-The Silent Force Tour\VIDEO_TS\VTS_01_5.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VIDEO_TS.BUP
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VIDEO_TS.IFO
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VTS_01_0.BUP
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VTS_01_0.IFO
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VTS_01_1.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VTS_01_2.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VTS_01_3.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VTS_02_0.BUP
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VTS_02_0.IFO
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VTS_02_1.VOB
h:\documents and settings\Administrator\Dokumenty\Downloads\Within Temptation - Black Symphony 2008 - DVD2\VIDEO_TS\VTS_02_2.VOB
h:\documents and settings\Administrator\Dokumenty\DVDFab\Log\dvdfab_burn_vso.log
h:\documents and settings\Administrator\Dokumenty\DVDFab\Log\dvdfab_internal.log
h:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Update\Update.ini
h:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\video.stats
h:\documents and settings\Administrator\Local Settings\desktop.ini
h:\documents and settings\Administrator\NabÝdka Start
h:\documents and settings\Administrator\ntuser.ini
h:\documents and settings\Administrator\Okolní síť
h:\documents and settings\Administrator\Okolní tiskárny
h:\documents and settings\Administrator\Plocha\ASIO4ALL v2 Instruction Manual.lnk
h:\documents and settings\Administrator\Plocha\Dokumenty 1.lnk
h:\documents and settings\Administrator\Plocha\Hudba.lnk
h:\documents and settings\Administrator\Plocha\Nový objekt - Dokument aplikace Microsoft Word.doc
h:\documents and settings\Administrator\Plocha\Nový objekt - Textový dokument.txt
h:\documents and settings\Administrator\Plocha\Nová složka
h:\documents and settings\Administrator\Plocha\Nová složka\Adobe Reader 8.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\µTorrent.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Classic Menu Manager.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\COMODO Internet Security.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\GOM Player.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Internet Explorer.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\JDownloader.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\KMPlayer.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Microsoft Office Access 2003.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Microsoft Office Excel 2003.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Microsoft Office InfoPath 2003.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Microsoft Office Outlook 2003.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Microsoft Office PowerPoint 2003.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Microsoft Office Publisher 2003.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Microsoft Office Word 2003.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Mozilla Firefox.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Mozilla Thunderbird.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\QIP 2005.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Skype.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\TC UP.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\XnView.lnk
h:\documents and settings\Administrator\Plocha\Nová složka\Zástupce - PdbConvertor.exe.lnk
h:\documents and settings\Administrator\Plocha\obrázky.lnk
h:\documents and settings\Administrator\Plocha\programy
h:\documents and settings\Administrator\Plocha\programy\Desktop.ini
h:\documents and settings\Administrator\Plocha\programy\GOM Player.lnk
h:\documents and settings\Administrator\Plocha\programy\grafika\Adobe ImageReady CS2.lnk
h:\documents and settings\Administrator\Plocha\programy\grafika\Adobe Photoshop CS2.lnk
h:\documents and settings\Administrator\Plocha\programy\grafika\ArtIcons Pro.lnk
h:\documents and settings\Administrator\Plocha\programy\grafika\PhotoFiltre Studio.lnk
h:\documents and settings\Administrator\Plocha\programy\grafika\Zoner Photo Studio 8 - Karneval Edition.lnk
h:\documents and settings\Administrator\Plocha\programy\NetLimiter 2 Monitor.lnk
h:\documents and settings\Administrator\Plocha\programy\PC Translator 2007 DEMO.lnk
h:\documents and settings\Administrator\Plocha\programy\PdbConvertor\DocumentFormat.OpenXml.dll
h:\documents and settings\Administrator\Plocha\programy\PdbConvertor\PdbConvertor.exe
h:\documents and settings\Administrator\Plocha\programy\Slovník DEMO.lnk
h:\documents and settings\Administrator\Plocha\programy\video\amcap.lnk
h:\documents and settings\Administrator\Plocha\programy\video\AVS Video Converter 6.lnk
h:\documents and settings\Administrator\Plocha\programy\video\AVS4YOU Software Navigator.lnk
h:\documents and settings\Administrator\Plocha\programy\video\Easy Video Splitter.lnk
h:\documents and settings\Administrator\Plocha\programy\video\MKV TO AVI CONVERTER.lnk
h:\documents and settings\Administrator\Plocha\programy\video\MP3 Repair Tool.lnk
h:\documents and settings\Administrator\Plocha\programy\video\Video Convert Premier.lnk
h:\documents and settings\Administrator\Plocha\Vypalování
h:\documents and settings\Administrator\Plocha\Vypalování\Ashampoo Burning Studio 9.lnk
h:\documents and settings\Administrator\Plocha\Vypalování\Desktop.ini
h:\documents and settings\Administrator\Plocha\Vypalování\DVDFab 6.lnk
h:\documents and settings\Administrator\Plocha\Vypalování\Exact Audio Copy.lnk
h:\documents and settings\Administrator\Plocha\Vypalování\MediaCoder.lnk
h:\documents and settings\Administrator\Zástupce - Administrator.lnk
h:\documents and settings\All Users\Dokumenty\desktop.ini
h:\documents and settings\All Users\Dokumenty\Filmy
h:\documents and settings\All Users\Dokumenty\Filmy\Desktop.ini
h:\documents and settings\All Users\Dokumenty\Hudba
h:\documents and settings\All Users\Dokumenty\Hudba\Desktop.ini
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\01_Music_auto_rated_at_5_stars.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\02_Music_added_in_the_last_month.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\03_Music_rated_at_4_or_5_stars.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\04_Music_played_in_the_last_month.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\05_Pictures_taken_in_the_last_month.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\06_Pictures_rated_4_or_5_stars.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\07_TV_recorded_in_the_last_week.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\08_Video_rated_at_4_or_5_stars.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\09_Music_played_the_most.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\10_All_Music.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\11_All_Pictures.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Sync Playlists\12_All_Video.wpl
h:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\AlbumArt_{E201F44C-B9E2-490F-9ED7-0976E9DA2EA5}_Large.jpg
h:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\AlbumArt_{E201F44C-B9E2-490F-9ED7-0976E9DA2EA5}_Small.jpg
h:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\AlbumArt_{EFFDEB51-C913-4EE1-8B2A-C80112057955}_Large.jpg
h:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\AlbumArt_{EFFDEB51-C913-4EE1-8B2A-C80112057955}_Small.jpg
h:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\AlbumArtSmall.jpg
h:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\Beethovenova symfonie č. 9 (Scherzo).wma
h:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\desktop.ini
h:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\Folder.jpg
h:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\Nové příběhy (Highway Blues).wma
h:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\Thumbs.db
h:\documents and settings\All Users\Dokumenty\Rdministrator
h:\documents and settings\All Users\DRM
h:\documents and settings\All Users\Plocha\The Sims™ 3.lnk
h:\documents and settings\Default User\Local Settings\desktop.ini
h:\documents and settings\Default User\Okolní síť
h:\documents and settings\Default User\Okolní tiskárny
h:\documents and settings\LocalService\Local Settings\desktop.ini
h:\documents and settings\LocalService\ntuser.ini
h:\documents and settings\NetworkService\Local Settings\desktop.ini
h:\documents and settings\NetworkService\ntuser.ini
h:\windows\system32\config\systemprofile\Dokumenty
h:\windows\system32\config\systemprofile\Local Settings\desktop.ini
h:\windows\system32\config\systemprofile\Nabídka Start
h:\windows\system32\config\systemprofile\Nabídka Start\desktop.ini
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\desktop.ini
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\desktop.ini
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Příkazový řádek.lnk
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Poznámkový blok.lnk
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Průvodce ověřením kompatibility programu.lnk
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Průzkumník Windows.lnk
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Prohlídka systému Windows XP.lnk
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Synchronizovat.lnk
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Usnadnění\desktop.ini
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Usnadnění\Klávesnice na obrazovce.lnk
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Usnadnění\Lupa.lnk
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Usnadnění\Správce nástrojů.lnk
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Zábava\desktop.ini
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Po spuštění\desktop.ini
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Vzdálená pomoc.lnk
h:\windows\system32\config\systemprofile\Nabídka Start\Programy\Windows Media Player.lnk
h:\windows\system32\config\systemprofile\nskA93.tmp
h:\windows\system32\config\systemprofile\nskA93.tmp\NSISArray.dll
h:\windows\system32\config\systemprofile\nsvA96.tmp
h:\windows\system32\config\systemprofile\nsvA96.tmp\NSISArray.dll
h:\windows\system32\config\systemprofile\Šablony
h:\windows\system32\config\systemprofile\Šablony\amipro.sam
h:\windows\system32\config\systemprofile\Šablony\excel.xls
h:\windows\system32\config\systemprofile\Šablony\excel4.xls
h:\windows\system32\config\systemprofile\Šablony\lotus.wk4
h:\windows\system32\config\systemprofile\Šablony\powerpnt.ppt
h:\windows\system32\config\systemprofile\Šablony\presenta.shw
h:\windows\system32\config\systemprofile\Šablony\quattro.wb2
h:\windows\system32\config\systemprofile\Šablony\sndrec.wav
h:\windows\system32\config\systemprofile\Šablony\winword.doc
h:\windows\system32\config\systemprofile\Šablony\winword2.doc
h:\windows\system32\config\systemprofile\Šablony\wordpfct.wpd
h:\windows\system32\config\systemprofile\Šablony\wordpfct.wpg
h:\windows\system32\config\systemprofile\Oblíbené položky
h:\windows\system32\config\systemprofile\Oblíbené položky\links\no.url
h:\windows\system32\config\systemprofile\Oblíbené položky\Weby společnosti Microsoft\Aplikace Internet Explorer na webu Microsoft.url
h:\windows\system32\config\systemprofile\Oblíbené položky\Weby společnosti Microsoft\Microsoft Česká Republika.url
h:\windows\system32\config\systemprofile\Oblíbené položky\Weby společnosti Microsoft\Microsoft Doma.url
h:\windows\system32\config\systemprofile\Oblíbené položky\Weby společnosti Microsoft\Microsoft v práci.url
h:\windows\system32\config\systemprofile\Oblíbené položky\Weby společnosti Microsoft\Systém Windows.url
h:\windows\system32\config\systemprofile\Oblíbené položky\Weby společnosti Microsoft\Vítá vás aplikace Internet Explorer 7.url
h:\windows\system32\config\systemprofile\Oblíbené položky\Weby společnosti Microsoft\Windows Marketplace.url
h:\windows\system32\config\systemprofile\Okolní síť
h:\windows\system32\config\systemprofile\Okolní tiskárny
h:\windows\system32\config\systemprofile\Plocha
i:\documents and settings\Administrator\Dokumenty\Dan Brown - Bod klamu.doc
i:\documents and settings\Administrator\Dokumenty\Dan Brown - Digitální pevnost.doc
i:\documents and settings\Administrator\Dokumenty\Dan Brown - Šifra mistra Leonarda.doc
i:\documents and settings\Administrator\Dokumenty\Dan Brown - Pavučina lží.doc
i:\documents and settings\Administrator\Dokumenty\desktop.ini
i:\documents and settings\Administrator\Dokumenty\Downloads
i:\documents and settings\Administrator\Dokumenty\Downloads\AdbeRdr813_cs_CZ.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\Administrator.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\Alanis Morissete - Thank You.mp3
i:\documents and settings\Administrator\Dokumenty\Downloads\AlbumArt_{ED2C5A7E-4661-40FA-A97E-2128ABE2347E}_Large.jpg
i:\documents and settings\Administrator\Dokumenty\Downloads\AlbumArt_{ED2C5A7E-4661-40FA-A97E-2128ABE2347E}_Small.jpg
i:\documents and settings\Administrator\Dokumenty\Downloads\AlbumArtSmall.jpg
i:\documents and settings\Administrator\Dokumenty\Downloads\ASIO4ALL_2_9_English.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\aswclnr.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\aswclnr.log
i:\documents and settings\Administrator\Dokumenty\Downloads\AVSVideoConverter.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\ComboFix.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\DAMN_NFO_Viewer_v2-10-0032-RC3.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\desktop.ini
i:\documents and settings\Administrator\Dokumenty\Downloads\FirefoxPortable_3.5.7_English.paf.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\Folder.jpg
i:\documents and settings\Administrator\Dokumenty\Downloads\Gomplayerensetup.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\GSpot270a.zip
i:\documents and settings\Administrator\Dokumenty\Downloads\hijackthis.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\hijackthis.log
i:\documents and settings\Administrator\Dokumenty\Downloads\JDownloaderSetup.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\MAPY.zip
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\A2561472.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\A35614A2.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\A4561473.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\AV561435.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\CC561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\CD561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\CF561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\CL561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\CM561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\CP561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\CR561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\CS561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\E25614B3.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\E35614AG.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\E4561420.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\EV561451.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\G3561479.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\GV561412.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\IJ561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\IS561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\IU561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\L25614BG.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\L3561465.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\L4561473.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\L9561412.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\LV561420.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\M2561451.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\M35614FL.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\M45614DH.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\M9561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\MA561420.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\MC5614A5.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\MG561447.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\MH561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\MO561446.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\MT561455.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\O0561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\O15614GR.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\O9561448.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\P25614A1.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\P3561459.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\P4561418.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\PA561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\PR102901.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\PR103196.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\PR103369.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\PR105107.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\PV561418.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\PW561439.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\Q25614B1.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\Q35614B4.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\Q4561420.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\QV561420.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\SKU011.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\SKU026.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\SKU0A4.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\TR103102.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\V3561415.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\W25614AZ.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\W3561479.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\W4561451.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\WV561420.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\X25614A4.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\X3561450.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\YA5614BE.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\YB561488.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\YC561418.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\YH561431.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\YI561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\YL561476.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\YM561403.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\YO561417.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\YT561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZA561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZC561412.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZD561402.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZE561418.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZF561402.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZG561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZH561448.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZI561462.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZJ561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZK561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZM561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZN561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZO561420.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZQ561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZR561417.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZS561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZT561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZU561481.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZV561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZY5614A8.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\MS Office 2003 Professional Edition CZ\Instalace\ZZ561401.CAB
i:\documents and settings\Administrator\Dokumenty\Downloads\ms_of_2003_prof-edition-cz.rar
i:\documents and settings\Administrator\Dokumenty\Downloads\PdbConvertor.zip
i:\documents and settings\Administrator\Dokumenty\Downloads\RSIT.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\Setup99954_2013.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\ShaPlus-Google-Translator-Setup.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\Thumbs.db
i:\documents and settings\Administrator\Dokumenty\Downloads\TRNDEMO.exe
i:\documents and settings\Administrator\Dokumenty\Downloads\utorrent.lng
i:\documents and settings\Administrator\Dokumenty\DVDFab
i:\documents and settings\Administrator\Dokumenty\DVDFab\generic\Thumbs.db
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\45254088_ 9718.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\45254088_ 17848.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\47605408_ 18199.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\47605408_ 25198.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\47605408_ 26321.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\47605408_ 26958.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\47605440_ 3121.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\47606528_ 2217.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\47606528_ 10170.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\47606528_ 24407.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\47646400_ 17793.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\47646528_ 17235.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\59899808_ 15894.raw
i:\documents and settings\Administrator\Dokumenty\DVDFab\Temp\Raw\60236384_ 9744.raw
i:\documents and settings\Administrator\Dokumenty\Electronic Arts
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\CASPartCache.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\compositorCache.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Custom Music\Blame It On Me.mp3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Custom Music\Ghosts (Radio Edit).mp3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Custom Music\I Love LA.mp3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Custom Music\Punches, Kicks, Trenches And Swords.mp3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Custom Music\Revolution.mp3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Custom Music\The Other Side.mp3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Custom Music\True Stories.mp3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\DeviceConfig.log
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Library\ebf_0x055e002ed9adc010.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Library\ebf_0x055e002ee19da560.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Library\ebf_0x055e002ee1a0ea40.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Library\ebf_0x055e002efb70a170.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Library\ebf_0x055e002efb70a200.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Library\ebf_0x055e002f06882ed0.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Options.ini
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Saves\Martin.sims3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Saves\Martin.sims3.backup
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Saves\Sunset Valley.sims3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Saves\Sunset Valley.sims3.backup
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Saves\Tereza.sims3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Saves\Tereza.sims3.backup
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Saves\Terrrrinka.sims3
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\scriptCache.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\simCompositorCache.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Sims3Logs.xml
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Thumbnails\CASThumbnails.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\Thumbnails\ObjectThumbnails.package
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\xcpt KOMP 09-12-26 14.15.29.mdmp
i:\documents and settings\Administrator\Dokumenty\Electronic Arts\The Sims 3\xcpt KOMP 09-12-26 14.15.29.txt
i:\documents and settings\Administrator\Dokumenty\Filmy
i:\documents and settings\Administrator\Dokumenty\Filmy\Desktop.ini
i:\documents and settings\Administrator\Dokumenty\Hudba
i:\documents and settings\Administrator\Dokumenty\Hudba\Desktop.ini
i:\documents and settings\Administrator\Dokumenty\Hudba\My Playlists\Seznam stop bez názvu.wpl
i:\documents and settings\Administrator\Dokumenty\Hudba\Ukázky hudby.lnk
i:\documents and settings\Administrator\Dokumenty\spider.sav
i:\documents and settings\Administrator\Dokumenty\Stažené soubory
i:\documents and settings\Administrator\Dokumenty\Stažené soubory\AlbumArt_{7DA277F6-BC5F-4CF4-A232-69318120BE13}_Large.jpg
i:\documents and settings\Administrator\Dokumenty\Stažené soubory\AlbumArt_{7DA277F6-BC5F-4CF4-A232-69318120BE13}_Small.jpg
i:\documents and settings\Administrator\Dokumenty\Stažené soubory\AlbumArtSmall.jpg
i:\documents and settings\Administrator\Dokumenty\Stažené soubory\desktop.ini
i:\documents and settings\Administrator\Dokumenty\Stažené soubory\Folder.jpg
i:\documents and settings\Administrator\Dokumenty\Stažené soubory\Holly Valance - Kiss Kiss (mp3wma.spydar.com).mp3
i:\documents and settings\Administrator\Dokumenty\Stažené soubory\srandovni-mp3.htm
i:\documents and settings\Administrator\Dokumenty\torrent
i:\documents and settings\Administrator\Dokumenty\torrent\Agentky D.E.B.S.torrent
i:\documents and settings\Administrator\Dokumenty\torrent\Andele A Demoni CZ 2009 DVDRip XviD.avi.torrent
i:\documents and settings\Administrator\Dokumenty\torrent\Naruto Manga CZ 1-440.torrent
i:\documents and settings\Administrator\Dokumenty\torrent\Songs.torrent
i:\documents and settings\Administrator\Dokumenty\torrent\taxi1,2,3,4.torrent
i:\documents and settings\Administrator\Dokumenty\torrent\Transformers Pomsta poražených.torrent
i:\documents and settings\Administrator\Dokumenty\torrent\Vzhůrů do oblak.Title1.avi.torrent
i:\documents and settings\Administrator\Dokumenty\ZPS8
i:\documents and settings\Administrator\Dokumenty\ZPS8\_@Keywords\_@ZmeAlbumData.zme
i:\documents and settings\Administrator\Dokumenty\ZPS8\_@Keywords\keywords.xml
i:\documents and settings\Administrator\Dokumenty\ZPS8\Archiv médií\_@ZmeAlbumData.zme
i:\documents and settings\Administrator\Dokumenty\ZPS8\Archiv médií\_@ZmeArchive.ico
i:\documents and settings\Administrator\Dokumenty\ZPS8\Archiv médií\desktop.ini
i:\documents and settings\Administrator\Dokumenty\ZPS8\Archiv médií\zmedb.mdb

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-24 do 2010-01-24 )))))))))))))))))))))))))))))))
.

2010-01-24 15:52 . 2010-01-24 15:53 -------- d-----w- H:\rsit
2010-01-24 15:21 . 2010-01-24 15:22 -------- d-----w- h:\program files\ASIO4ALL v2
2009-12-26 13:42 . 2009-12-26 13:42 -------- d-----w- h:\program files\DAMN NFO Viewer
2009-12-26 13:28 . 2008-09-05 00:22 447752 ----a-w- h:\windows\system32\vp6vfw.dll
2009-12-26 13:28 . 2009-12-26 13:28 -------- d-----w- h:\program files\Microsoft WSE
2009-12-26 13:22 . 2009-12-26 13:22 -------- d-----w- h:\program files\Electronic Arts

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-24 21:00 . 2009-10-08 16:45 1474832 ----a-w- h:\windows\system32\drivers\sfi.dat
2010-01-24 20:20 . 2009-10-08 17:07 16608 ----a-w- h:\windows\gdrv.sys
2010-01-22 13:30 . 2009-11-21 17:46 -------- d-----w- h:\program files\JDownloader
2010-01-22 13:17 . 2009-10-08 18:17 -------- d-----w- h:\program files\uTorrent
2010-01-15 06:16 . 2009-10-08 16:42 -------- d-----w- h:\program files\Mozilla Thunderbird
2009-12-26 13:22 . 2009-10-08 15:38 -------- d--h--w- h:\program files\InstallShield Installation Information
2009-12-02 12:57 . 2009-10-08 16:42 171552 ----a-w- h:\windows\system32\guard32.dll
2009-12-02 12:57 . 2009-10-08 16:42 87104 ----a-w- h:\windows\system32\drivers\inspect.sys
2009-12-02 12:57 . 2009-10-08 16:42 25160 ----a-w- h:\windows\system32\drivers\cmdhlp.sys
2009-12-02 12:57 . 2009-10-08 16:42 133064 ----a-w- h:\windows\system32\drivers\cmdguard.sys
.

------- Sigcheck -------

[-] 2009-05-22 . 1F39C7BDBA4C5F3F01C4EABF7EDBF4B3 . 361600 . . [5.1.2600.5625] . . h:\windows\system32\drivers\tcpip.sys

[-] 2009-05-22 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . h:\windows\system32\sfcfiles.dll

[-] 2009-05-22 14:39 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . h:\windows\system32\mspmsnsv.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="h:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"uTorrent"="h:\program files\uTorrent\uTorrent.exe" [2010-01-21 319792]
"365dni"="h:\program files\365dníNET\365dniNET.exe" [2007-01-06 753664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="h:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-12-02 1800464]
"NvCplDaemon"="h:\windows\system32\NvCpl.dll" [2008-08-01 13529088]
"nwiz"="nwiz.exe" [2008-08-01 1630208]
"NvMediaCenter"="h:\windows\system32\NvMcTray.dll" [2008-08-01 86016]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-17 17508864]
"Adobe Reader Speed Launcher"="h:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"ZSSnp211"="h:\windows\ZSSnp211.exe" [2007-04-06 57344]
"Domino"="h:\windows\Domino.exe" [2006-08-18 49152]
"SunJavaUpdateSched"="h:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=h:\windows\system32\guard32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=

R1 cmdGuard;COMODO Internet Security Sandbox Driver;h:\windows\system32\drivers\cmdguard.sys [8.10.2009 17:42 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;h:\windows\system32\drivers\cmdhlp.sys [8.10.2009 17:42 25160]
R1 VD_FileDisk;VD_FileDisk;h:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 14:00 15872]
R2 ES lite Service;ES lite Service for program management.;h:\program files\Gigabyte\EasySaver\essvr.exe [8.10.2009 16:38 68136]
S3 Ambfilt;Ambfilt;h:\windows\system32\drivers\Ambfilt.sys [8.10.2009 16:44 1684736]
S3 AMDMSRIO;AMDMSRIO;h:\docume~1\ADMINI~1\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys [19.8.2002 7:40 32804]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ask.com?o=15187&l=dis
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - h:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - h:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - h:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\juxh458j.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&q=
FF - component: h:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

---- NASTAVENÍ FIREFOXU ----
h:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - h:\program files\Ask.com\GenericAskToolbar.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - h:\program files\Ask.com\GenericAskToolbar.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - h:\program files\Ask.com\GenericAskToolbar.dll
AddRemove-HijackThis - i:\documents and settings\Administrator\Dokumenty\Downloads\HijackThis.exe
AddRemove-PC Translator 2007 DEMO - h:\docume~1\ADMINI~1\LOCALS~1\Temp\UN32.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-24 21:59
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1078081533-1965331169-682003330-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(792)
h:\windows\system32\guard32.dll

- - - - - - - > 'lsass.exe'(848)
h:\windows\system32\guard32.dll
.
Celkový čas: 2010-01-24 22:04:46
ComboFix-quarantined-files.txt 2010-01-24 21:04

Před spuštěním: Volných bajtů: 13 863 219 200
Po spuštění: Volných bajtů: 13 805 432 832

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
h:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Pod "ostatní výmazy" najdete smazané položky. Zbytek logu vypadá čistý. Nastala nějaká změna?

Zatím nevím, restartuje si, kdy se mu zachce. Uvidíme zítra. Děkuju

Zatím nemáte zač!

Jenom ještě jenom takový dva malý dotazy. Kde ty ostatní výmazy najdu? A co to je za chybu, co sem tam měla? Děkuju za odpověď

ComboFix 10-01-24.01 - Administrator 24.01.2010 21:40:27.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3454.3028 [GMT 1:00]
Spuštěný z: i:\documents and settings\Administrator\Dokumenty\Downloads\ComboFix.exe
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))

Soubory byly patrně infikovány, když je CF smazal. Problém ale může být i hardwarový.

O to nejde, to vím, že tam mám, ale zajímá mě, jestli se mi někam uložil seznam souborů, co byly smazány. Pod Combofix jsem to nenašla.

Přece pod nadpisem "Ostatní výmazy".

Aha, to toho bylo tolik? Nevěděla jsem, že sem měla něco takovýho infikovaný. Už to tam bylo dlouho a nic se nedělo.

Dodatečně jsem se dověděl, že CF měl včera večer chybu. Pokud se jednalo o chbnou detekci, omlouvám se vám, ale v okamžiku použití jsem o tom nevěděl. Možná ale byly soubory opravdu infikovány. To už se teď nedovíme.

Včera mi počítač zase restartoval asi 3x za sebou. Chtěla jsem se zeptat, jestli by to mohlo být i v chlazení procesoru, že se přehřívá.

Přehřívat se může. Zkontrolujte, zda se točí všechny větráky a zda chladiče nejsou zaneseny prachem.

Už jsem zjistila, že to přehříváním není, nainstalovala jsem si na to program SpeedFan. Ale mám novinku, mám novou chybu. Už to není 0x000000BE, ale 0x0000008E a taky se mi zase objevila modrá obrazovka a bylo tam, že mám špatný videoadaptér a že mám ukončit nějaký BIOS. Nevím co to je, ale asi si koupím novou grafickou kartu. Myslím si, že to bude tím.