Kontrola logu HJT - modrá obrazovka

Romaine · Příspěvekod **Romaine** » 15 bře 2010 10:58

Ahoj, potřebuju zkontrolovat log HJT, protože se mi stává na netbooku, že se koukám na film - vždy jen když mám puštěné video (WMP, Nero Show Time,...) - není to pokaždé, když se koukám, že mi najednou naskočí ta modrá obrazovka, tam kde má být něco napsaný jsou jen rozmazaný čáry - nestihla jsem vyfotit a notebook vydává děsivé zvuky. I když ho zaklapnu tak to nepomůže. Sám cca po 10s se znova spustí úplně od začátku, ve Win 7 se mi objeví takové to Spustit systém normálně apod. Noťas mám od srpna, typ viz podpis.

Jo a minulé úterý jsem přeinstalovala OS, protože jsem doufla že to pomůže.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:52:48, on 15.3.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (2)\Důležité\Notebook Hardware Control\nhc.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (2)\Bezpečnost PC\ESET Smart Security\egui.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (2)\Důležité\SetPoint\SetPoint\SetPoint.exe
C:\Program Files (2)\Prográmky\Rainmeter\Rainmeter.exe
C:\Program Files (2)\Prográmky\StickyNotes\SNTBHider.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\System32\StikyNot.exe
C:\Program Files (2)\Bezpečnost PC\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files (2)\Bezpečnost PC\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files (2)\Důležité\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files (2)\Bezpečnost PC\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Rainmeter.lnk = ?
O4 - Startup: Sticky Notes Taskbar Hider.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~3\DLEIT~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files (2)\Bezpečnost PC\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files (2)\Bezpečnost PC\ESET Smart Security\ekrn.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (2)\Bezpečnost PC\Spyware Terminator\sp_rsser.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\STacSV.exe
O23 - Service: @C:\Program Files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 6660 bytes

Reklama

Příspěvekod **jaro3** » 15 bře 2010 13:14

Máš ESET Smart Security, vypni si trvale rez. štít u Spyware Terminator

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O13 - Gopher Prefix:

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Romaine · Příspěvekod **Romaine** » 15 bře 2010 17:27

No, já mám rezidentní štít u Spyware terminátora právě vypnutý.

Jinak:
ATF cleaner - použit, nešlo kliknout na firefox, ale vyčistil toho mraky.

TDSSKiller

17:05:14:944 0260 TDSS rootkit removing tool 2.2.8 Mar 10 2010 15:53:20
17:05:14:944 0260 ================================================================================
17:05:14:944 0260 SystemInfo:

17:05:14:944 0260 OS Version: 6.1.7600 ServicePack: 0.0
17:05:14:944 0260 Product type: Workstation
17:05:14:944 0260 ComputerName: ROMANA
17:05:14:959 0260 UserName: Romaine
17:05:14:959 0260 Windows directory: C:\Windows
17:05:14:959 0260 Processor architecture: Intel x86
17:05:14:959 0260 Number of processors: 2
17:05:14:959 0260 Page size: 0x1000
17:05:14:975 0260 Boot type: Normal boot
17:05:14:975 0260 ================================================================================
17:05:14:990 0260 UnloadDriverW: NtUnloadDriver error 2
17:05:14:990 0260 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
17:05:26:410 0260 wfopen_ex: Trying to open file C:\Windows\system32\config\system
17:05:26:410 0260 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
17:05:26:410 0260 wfopen_ex: Trying to KLMD file open
17:05:26:410 0260 wfopen_ex: File opened ok (Flags 2)
17:05:26:441 0260 wfopen_ex: Trying to open file C:\Windows\system32\config\software
17:05:26:441 0260 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
17:05:26:441 0260 wfopen_ex: Trying to KLMD file open
17:05:26:441 0260 wfopen_ex: File opened ok (Flags 2)
17:05:26:441 0260 Initialize success
17:05:26:441 0260
17:05:26:456 0260 Scanning Services ...
17:05:28:094 0260 GetAdvancedServicesInfo: Raw services enum returned 460 services
17:05:28:110 0260
17:05:28:110 0260 Scanning Kernel memory ...
17:05:28:110 0260 Devices to scan: 1
17:05:28:110 0260
17:05:28:110 0260 Driver Name: atapi
17:05:28:110 0260 IRP_MJ_CREATE : 861F48C4
17:05:28:110 0260 IRP_MJ_CREATE_NAMED_PIPE : 81AFF537
17:05:28:110 0260 IRP_MJ_CLOSE : 861F48C4
17:05:28:110 0260 IRP_MJ_READ : 81AFF537
17:05:28:110 0260 IRP_MJ_WRITE : 81AFF537
17:05:28:110 0260 IRP_MJ_QUERY_INFORMATION : 81AFF537
17:05:28:126 0260 IRP_MJ_SET_INFORMATION : 81AFF537
17:05:28:126 0260 IRP_MJ_QUERY_EA : 81AFF537
17:05:28:126 0260 IRP_MJ_SET_EA : 81AFF537
17:05:28:126 0260 IRP_MJ_FLUSH_BUFFERS : 81AFF537
17:05:28:126 0260 IRP_MJ_QUERY_VOLUME_INFORMATION : 81AFF537
17:05:28:126 0260 IRP_MJ_SET_VOLUME_INFORMATION : 81AFF537
17:05:28:126 0260 IRP_MJ_DIRECTORY_CONTROL : 81AFF537
17:05:28:126 0260 IRP_MJ_FILE_SYSTEM_CONTROL : 81AFF537
17:05:28:126 0260 IRP_MJ_DEVICE_CONTROL : 861E047C
17:05:28:126 0260 IRP_MJ_INTERNAL_DEVICE_CONTROL : 861E044E
17:05:28:126 0260 IRP_MJ_SHUTDOWN : 81AFF537
17:05:28:126 0260 IRP_MJ_LOCK_CONTROL : 81AFF537
17:05:28:126 0260 IRP_MJ_CLEANUP : 81AFF537
17:05:28:126 0260 IRP_MJ_CREATE_MAILSLOT : 81AFF537
17:05:28:126 0260 IRP_MJ_QUERY_SECURITY : 81AFF537
17:05:28:126 0260 IRP_MJ_SET_SECURITY : 81AFF537
17:05:28:126 0260 IRP_MJ_POWER : 861E04AA
17:05:28:126 0260 IRP_MJ_SYSTEM_CONTROL : 861EFDB2
17:05:28:126 0260 IRP_MJ_DEVICE_CHANGE : 81AFF537
17:05:28:126 0260 IRP_MJ_QUERY_QUOTA : 81AFF537
17:05:28:126 0260 IRP_MJ_SET_QUOTA : 81AFF537
17:05:28:141 0260 C:\Windows\system32\DRIVERS\atapi.sys - Verdict: 1
17:05:28:141 0260
17:05:28:141 0260 Completed
17:05:28:141 0260
17:05:28:141 0260 Results:
17:05:28:141 0260 Memory objects infected / cured / cured on reboot: 0 / 0 / 0
17:05:28:141 0260 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
17:05:28:141 0260 File objects infected / cured / cured on reboot: 0 / 0 / 0
17:05:28:157 0260
17:05:28:157 0260 fclose_ex: Trying to close file C:\Windows\system32\config\system
17:05:28:157 0260 fclose_ex: Trying to close file C:\Windows\system32\config\software
17:05:28:157 0260 KLMD(ARK) unloaded successfully

Malwarebytes' Anti-Malware
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3870
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

15.3.2010 17:19:57
mbam-log-2010-03-15 (17-19-57).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 104769
Uplynulý čas: 8 minute(s), 31 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Příspěvekod **jaro3** » 15 bře 2010 17:54

vypni rez. ochrany a firewall u ESET Smart Security

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Stáhni si windatfindbat of Karl83

Rozbal do složky, otevři jí poklepej na ní (ve vistě a win7 spusť jako správce). Otevře se okno DOS a posléze se objeví log.Jinak je pod názvem dirdat.txt v C:\ . Vlož sem prosím obsah toho logu, můžeš vybrat jen ty za poslední 3 měsíce.

Romaine · Příspěvekod **Romaine** » 15 bře 2010 18:42

ComboFix 10-03-14.06 - Romaine 15.03.2010 18:09:26.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.1015.326 [GMT 1:00]
Spuštěný z: c:\users\Romaine\Desktop\ComboFix.exe
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
c:\users\Romaine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
c:\windows\system32\SHELLLNK.TLB

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-15 do 2010-03-15 )))))))))))))))))))))))))))))))
.

2010-03-15 16:48 . 2010-03-15 16:51 -------- d-----w- c:\users\Romaine\AppData\Roaming\PhotoFiltre Studio X
2010-03-15 16:09 . 2010-03-15 16:09 -------- d-----w- c:\users\Romaine\AppData\Roaming\Malwarebytes
2010-03-15 16:08 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-15 16:08 . 2010-03-15 16:08 -------- d-----w- c:\programdata\Malwarebytes
2010-03-15 16:08 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-14 14:22 . 2010-03-14 14:22 -------- d-----w- c:\users\Romaine\AppData\Local\Xenocode
2010-03-11 13:18 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-10 15:11 . 2004-01-11 23:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-03-10 14:03 . 2010-03-10 14:03 -------- d-----w- c:\users\Romaine\AppData\Local\ESET
2010-03-10 11:56 . 2010-03-10 11:57 -------- d-----w- c:\users\Romaine\AppData\Roaming\MyPhoneExplorer
2010-03-10 08:05 . 2010-03-10 08:05 -------- d-----w- c:\programdata\ODIR
2010-03-10 06:24 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-03-10 06:19 . 2010-03-10 06:19 -------- d-----w- c:\windows\system32\x64
2010-03-10 06:19 . 2009-09-11 16:15 1002008 ----a-w- c:\windows\system32\igxpun.exe
2010-03-10 06:15 . 2010-03-10 06:15 -------- d-----w- c:\program files\IDT
2010-03-10 06:15 . 2009-08-11 10:36 380928 ----a-w- c:\windows\system32\aestecap.dll
2010-03-10 06:15 . 2009-07-20 10:34 139264 ----a-w- c:\windows\system32\aestacap.dll
2010-03-10 06:15 . 2009-03-02 16:57 61440 ----a-w- c:\windows\system32\aestaren.dll
2010-03-10 06:15 . 2009-08-13 16:09 536576 ----a-w- c:\windows\system32\idtmini1.exe
2010-03-10 06:15 . 2009-03-02 16:47 86016 ----a-w- c:\windows\system32\AESTCom.dll
2010-03-10 06:15 . 2009-08-13 16:09 467036 ----a-w- c:\windows\sttray.exe
2010-03-10 06:15 . 2009-08-13 16:09 3743744 ----a-w- c:\windows\system32\stlang.dll
2010-03-10 06:15 . 2010-03-10 06:15 -------- d-----w- c:\windows\system32\SRSLabs
2010-03-10 06:10 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-03-10 06:10 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-03-10 06:10 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-03-10 06:10 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-03-10 06:10 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-03-10 06:10 . 2010-01-18 23:29 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-03-10 06:10 . 2010-01-18 23:29 369152 ----a-w- c:\windows\system32\secproc.dll
2010-03-10 06:10 . 2010-01-18 23:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-03-10 06:10 . 2010-01-18 23:28 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-03-10 06:10 . 2010-01-18 23:28 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-03-10 06:10 . 2010-01-18 23:28 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-03-09 21:09 . 2010-03-15 16:39 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2010-03-09 19:27 . 2009-07-14 01:15 280064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzppw71.dll
2010-03-09 19:21 . 2010-03-09 19:19 29472 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2010-03-09 19:21 . 2010-03-09 19:19 108072 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2010-03-09 19:21 . 2010-03-09 19:19 86056 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2010-03-09 19:21 . 2010-03-09 19:19 18344 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2010-03-09 19:20 . 2010-03-09 19:20 -------- d-----w- c:\program files\WIDCOMM
2010-03-09 19:19 . 2010-03-09 19:19 -------- d-----w- c:\program files\DIFX
2010-03-09 18:56 . 2010-03-13 19:06 -------- d-----w- c:\users\Romaine\AppData\Roaming\esmska
2010-03-09 18:33 . 2010-03-09 18:33 -------- d-----w- c:\users\Romaine\AppData\Roaming\Nero
2010-03-09 18:10 . 2001-08-31 13:00 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll
2010-03-09 18:10 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5STKIT.DLL
2010-03-09 18:10 . 2009-05-14 15:26 207872 ----a-w- c:\windows\system32\iwpsetup.exe
2010-03-09 18:03 . 2010-03-09 18:04 -------- d-----w- c:\users\Romaine\AppData\Roaming\Miranda
2010-03-09 17:57 . 2010-03-09 17:57 -------- d-----w- c:\programdata\Nero
2010-03-09 17:57 . 2010-03-09 18:10 -------- d-----w- c:\program files\Common Files\Nero
2010-03-09 17:47 . 2010-03-09 17:47 -------- d-sh--we c:\windows\system32\config\systemprofile\Soubory cookie
2010-03-09 17:47 . 2010-03-09 17:47 -------- d-sh--we c:\windows\system32\config\systemprofile\Data aplikací
2010-03-09 17:47 . 2010-03-09 17:47 -------- d-----w- c:\users\Romaine\AppData\Local\Programs
2010-03-09 17:45 . 2010-03-15 16:35 602 ----a-w- c:\programdata\ArcSoft\ArcSoft-WebCamCompanion3\acforall.dll
2010-03-09 17:45 . 2010-03-09 17:46 -------- d-----w- c:\programdata\ArcSoft
2010-03-09 17:45 . 2010-03-09 17:45 -------- d-----w- c:\program files\Common Files\ArcSoft
2010-03-09 17:43 . 2010-03-09 17:46 -------- d-----w- c:\users\Romaine\AppData\Roaming\ArcSoft
2010-03-09 17:40 . 2010-03-15 16:11 -------- d-----w- c:\users\Romaine\AppData\Roaming\Spyware Terminator
2010-03-09 17:40 . 2010-03-09 17:40 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe
2010-03-09 17:40 . 2010-03-09 17:40 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys
2010-03-09 17:40 . 2010-03-09 17:40 141312 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-03-09 17:40 . 2010-03-09 17:40 -------- d-----w- c:\programdata\Spyware Terminator
2010-03-09 17:39 . 2010-03-09 17:39 -------- d-----w- c:\programdata\Sticky Notes TB Hider
2010-03-09 17:22 . 1999-03-26 00:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2010-03-09 17:17 . 2010-03-11 13:18 -------- d-----w- c:\program files\Movie Maker 2.6
2010-03-09 17:16 . 2010-03-09 17:16 -------- d-----w- c:\program files\Fortis Software
2010-03-09 17:10 . 2010-03-09 17:31 -------- d-----w- c:\program files\MSECache
2010-03-09 17:07 . 2010-03-09 17:06 737280 ----a-w- c:\windows\iun6002.exe
2010-03-09 17:07 . 2010-03-09 17:07 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-03-09 16:57 . 2010-03-09 16:57 6172672 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Curious Giraffe.tls.dll
2010-03-09 16:56 . 2010-03-09 16:56 -------- d--h--w- c:\windows\Icons
2010-03-09 16:47 . 2010-02-25 10:15 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-03-09 16:47 . 2010-02-25 10:15 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-03-09 16:45 . 2010-02-25 10:22 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-03-09 16:44 . 2010-03-09 16:44 -------- d-----w- c:\users\Romaine\AppData\Roaming\TuneUp Software
2010-03-09 16:43 . 2010-03-09 16:44 -------- d-----w- c:\programdata\TuneUp Software
2010-03-09 16:43 . 2010-03-09 16:43 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-03-09 16:41 . 2006-02-28 07:53 2936832 ----a-w- c:\windows\system32\MA2_6.scr
2010-03-09 16:34 . 2010-03-09 16:34 520192 ----a-w- c:\programdata\LangSoft\WebIE.dll
2010-03-09 16:34 . 2010-03-09 16:34 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2010-03-09 16:34 . 2010-03-09 16:34 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2010-03-09 16:32 . 2010-03-09 16:34 -------- d-----w- c:\programdata\LangSoft
2010-03-09 16:32 . 2010-03-09 16:34 -------- d-----w- c:\users\Romaine\AppData\Roaming\LangSoft
2010-03-09 16:31 . 2010-03-09 16:31 -------- d-----w- c:\programdata\LogiShrd
2010-03-09 16:31 . 2010-03-09 16:31 -------- d-----w- c:\users\Romaine\AppData\Roaming\Logitech
2010-03-09 16:30 . 2008-11-03 08:55 6963200 ----a-w- c:\windows\system32\RTS5121icon.dll
2010-03-09 16:30 . 2009-02-18 23:26 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2010-03-09 16:30 . 2010-03-09 16:30 -------- d-----w- c:\program files\Synaptics
2010-03-09 16:30 . 2009-02-18 23:27 84496 ----a-w- c:\windows\system32\KemXML.dll
2010-03-09 16:30 . 2009-02-18 23:27 117264 ----a-w- c:\windows\system32\KemWnd.dll
2010-03-09 16:30 . 2009-02-18 23:27 145936 ----a-w- c:\windows\system32\KemUtil.dll
2010-03-09 16:30 . 2009-02-18 23:27 170512 ----a-w- c:\windows\system32\kemutb.dll
2010-03-09 16:30 . 2010-03-09 16:30 -------- d-----w- c:\program files\Realtek
2010-03-09 16:29 . 2010-03-09 16:31 -------- d-----w- c:\programdata\Logitech
2010-03-09 16:29 . 2010-03-09 16:31 -------- d-----w- c:\program files\Common Files\Logishrd
2010-03-09 16:28 . 2010-03-09 19:27 -------- d-----w- c:\programdata\Hewlett-Packard
2010-03-09 16:27 . 2010-03-09 17:43 -------- d-----w- c:\program files\Common Files\InstallShield
2010-03-09 16:25 . 2010-03-09 17:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-09 16:24 . 2010-03-09 16:28 -------- d-----w- c:\program files\Hewlett-Packard
2010-03-09 16:24 . 2010-03-09 16:24 -------- d-----w- c:\users\Romaine\AppData\Roaming\hpqLog
2010-03-09 16:23 . 2010-03-09 16:23 -------- d-----w- c:\users\Romaine\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
2010-03-09 16:20 . 2010-03-09 16:20 -------- d-----w- c:\program files\HP USB Bluetooth Adpater Software Driver
2010-03-09 16:16 . 2010-03-09 16:17 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-09 16:00 . 2010-03-09 16:00 -------- d-----w- c:\users\Romaine\AppData\Roaming\Itsth
2010-03-09 15:57 . 2010-03-09 15:57 -------- d-----w- c:\users\Romaine\AppData\Roaming\Ashampoo
2010-03-09 15:56 . 2010-03-09 15:56 -------- d-----w- c:\programdata\ashampoo
2010-03-09 15:52 . 2009-10-11 03:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-09 15:52 . 2010-03-09 16:59 -------- d-----w- c:\program files\Java
2010-03-09 15:50 . 2010-03-09 15:50 -------- d-----w- c:\windows\system32\Macromed
2010-03-09 15:30 . 2010-03-09 15:31 -------- d-----w- c:\users\Romaine\AppData\Roaming\AIMP
2010-03-09 14:36 . 2010-03-09 14:36 -------- d-----w- c:\windows\system32\Wat
2010-03-09 14:28 . 2010-03-09 14:28 21976 ----a-w- c:\windows\system32\emptyregdb.dat
2010-03-09 14:22 . 2010-03-09 14:22 -------- d-----w- c:\users\Romaine\AppData\Local\Mozilla
2010-03-09 14:20 . 2010-03-09 19:10 84512 ----a-w- c:\users\Romaine\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-09 14:20 . 2010-03-09 14:20 -------- dc----w- c:\users\Romaine\AppData\Local\MigWiz
2010-03-09 14:12 . 2010-03-09 14:12 -------- d-----w- c:\program files\Microsoft Works
2010-03-09 14:06 . 2010-03-09 14:06 -------- d-----w- c:\windows\PCHEALTH
2010-03-09 14:06 . 2010-03-09 14:06 -------- d-----w- c:\program files\Microsoft.NET
2010-03-09 13:53 . 2010-03-09 13:53 -------- d-----w- c:\users\Romaine\AppData\Local\Microsoft Help
2010-03-09 13:53 . 2010-03-09 17:26 -------- d-----w- c:\programdata\Microsoft Help
2010-03-09 13:53 . 2010-03-11 13:18 -------- d-sh--w- c:\windows\Installer
2010-03-09 13:50 . 2010-03-09 13:50 -------- d-----r- C:\MSOCache
2010-03-09 13:45 . 2010-03-09 19:38 -------- d-----r- C:\Program Files (2)
2010-03-09 13:45 . 2010-02-24 08:16 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-03-09 13:30 . 2010-03-15 16:40 -------- d-----w- c:\windows\system32\wbem\Performance

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-15 16:40 . 2009-07-14 08:44 625914 ----a-w- c:\windows\system32\perfh005.dat
2010-03-15 16:40 . 2009-07-14 08:44 120000 ----a-w- c:\windows\system32\perfc005.dat
2010-03-09 16:31 . 2010-03-09 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-03-09 16:31 . 2010-03-09 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-03-09 16:31 . 2010-03-09 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2010-03-09 14:36 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll
2010-03-09 14:36 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll
2010-03-09 14:35 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll
2010-03-09 14:34 . 2010-03-09 14:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Plocha
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Oblíbené položky
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Šablony
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Nabídka Start
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Dokumenty
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Data aplikací
2010-02-04 09:01 . 2010-03-09 16:17 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-04 09:01 . 2010-03-09 16:17 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-04 09:01 . 2010-03-09 16:17 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-04 09:01 . 2010-03-09 16:17 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-02-02 07:45 . 2010-03-10 06:05 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-01-08 03:18 . 2010-03-10 06:05 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-03-10 06:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-19 09:02 . 2010-03-10 06:05 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-03-10 06:05 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-03-10 06:05 1328640 ----a-w- c:\windows\system32\quartz.dll
2009-12-19 09:02 . 2010-03-10 06:05 22016 ----a-w- c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-03-10 06:05 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-19 09:02 . 2010-03-10 06:05 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-03-10 06:05 84480 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-19 09:02 . 2010-03-10 06:05 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-19 09:02 . 2010-03-10 06:05 91648 ----a-w- c:\windows\system32\avifil32.dll
2009-12-18 14:02 . 2009-12-18 14:02 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

------- Sigcheck -------

[-] 2010-03-09 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-01-15 1418536]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-12-18 76304]
"NotebookHardwareControl"="c:\program files (2)\Důležité\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-11 150552]
"egui"="c:\program files (2)\Bezpečnost PC\ESET Smart Security\egui.exe" [2009-11-16 2054360]

c:\users\Romaine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sticky Notes Taskbar Hider.lnk - c:\program files (2)\Progr mky\StickyNotes\SNTBHider.exe [2010-3-9 638976]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files (2)\D…le§it‚\SetPoint\SetPoint\SetPoint.exe [2010-3-9 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-02-18 23:30 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SysTrayApp"=c:\program files\IDT\WDM\sttray.exe
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (2)\Prográmky\Adobe Reader\Reader\Reader_sl.exe"

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-09 29472]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys [x]
R3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-09 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-03-09 141312]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe [2009-03-02 81920]
S2 ekrn;ESET Service;c:\program files (2)\Bezpečnost PC\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-12-18 38240]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2009-11-13 58368]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: YamicsoftDisabled
IE: YamicsoftDisabled\E&xportovat do aplikace Microsoft Excel - c:\progra~3\DLEIT~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: YamicsoftDisabled\Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: YamicsoftDisabled\Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Romaine\AppData\Roaming\Mozilla\Firefox\Profiles\7flwrva2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://amail.centrum.cz/INBOX/list.aspx ... seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=

---- NASTAVENÍ FIREFOXU ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.10
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: browser.tabs.closeButtons - 1
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-PC Translator - c:\users\Romaine\AppData\Local\Temp\UN32.EXE

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-03-15 18:27:55
ComboFix-quarantined-files.txt 2010-03-15 17:27

Před spuštěním: Volných bajtů: 27 377 266 688
Po spuštění: Volných bajtů: 27 201 757 184

- - End Of File - - 2A86EEEC890330E388E537E44D2E2F32

windatfindbat of Karl83

Svazek v jednotce C je Syst‚m.
S‚riov‚ źˇslo svazku je A804-1160.

Věpis adres ýe C:\

15.03.2010 18:28 0 dirdat.txt
15.03.2010 18:27 25˙106 ComboFix.txt
15.03.2010 17:35 1˙073˙741˙824 pagefile.sys
15.03.2010 17:35 798˙466˙048 hiberfil.sys
10.06.2009 22:42 10 config.sys
10.06.2009 22:42 24 autoexec.bat
Soubor…: 6, Bajt…: 1˙872˙233˙012
Adres ý…: 0, Volněch bajt…: 27˙260˙600˙320
Svazek v jednotce C je Syst‚m.
S‚riov‚ źˇslo svazku je A804-1160.

Věpis adres ýe C:\Windows\system

13.07.2009 22:41 24˙064 OLESVR.DLL
13.07.2009 22:41 12˙704 WFWNET.DRV
13.07.2009 22:41 32˙816 COMMDLG.DLL
13.07.2009 22:41 4˙048 TIMER.DRV
13.07.2009 22:41 68˙992 MMSYSTEM.DLL
13.07.2009 22:41 1˙152 mmtask.tsk
13.07.2009 22:41 2˙032 mouse.drv
13.07.2009 22:41 2˙176 vga.drv
13.07.2009 22:41 1˙744 sound.drv
13.07.2009 22:41 2˙000 keyboard.drv
13.07.2009 22:41 5˙120 SHELL.DLL
13.07.2009 22:41 3˙360 system.drv
10.06.2009 22:42 9˙008 ver.dll
10.06.2009 22:42 82˙944 olecli.dll
10.06.2009 22:42 9˙936 lzexpand.dll
10.06.2009 22:25 5˙532 stdole.tlb
10.06.2009 22:21 126˙912 msvideo.dll
10.06.2009 22:21 28˙160 mciwave.drv
10.06.2009 22:21 25˙264 mciseq.drv
10.06.2009 22:21 73˙376 mciavi.drv
10.06.2009 22:21 109˙456 avifile.dll
10.06.2009 22:21 69˙584 avicap.dll
Soubor…: 22, Bajt…: 700˙380
Adres ý…: 0, Volněch bajt…: 27˙260˙600˙320
Svazek v jednotce C je Syst‚m.
S‚riov‚ źˇslo svazku je A804-1160.

Věpis adres ýe C:\Windows

15.03.2010 18:22 215 system.ini
15.03.2010 17:37 587˙764 WindowsUpdate.log
15.03.2010 17:35 67˙584 bootstat.dat
10.03.2010 18:17 69 NeroDigital.ini
10.03.2010 11:24 68 desktop.ini
09.03.2010 20:10 0 setuperr.log
09.03.2010 18:23 478 win.ini
09.03.2010 18:07 39˙530 Codec Pack - All In 1 Setup Log.txt
09.03.2010 18:06 737˙280 iun6002.exe
09.03.2010 17:34 2˙686 TRNCOM.INI
09.03.2010 17:33 72 WTRDCTM.INI
09.12.2009 22:54 261˙632 PEV.exe
31.10.2009 06:45 2˙614˙272 explorer.exe
25.10.2009 06:11 77˙312 MBR.exe
13.08.2009 17:09 467˙036 sttray.exe
29.07.2009 01:21 9˙728 FreeMem.exe
14.07.2009 05:41 749 WindowsShell.Manifest
14.07.2009 02:16 51˙200 twain_32.dll
14.07.2009 02:14 9˙216 write.exe
14.07.2009 02:14 9˙728 winhlp32.exe
14.07.2009 02:14 31˙232 twunk_32.exe
14.07.2009 02:14 398˙336 regedit.exe
14.07.2009 02:14 179˙712 notepad.exe
14.07.2009 02:14 15˙360 hh.exe
14.07.2009 02:14 497˙152 HelpPane.exe
14.07.2009 02:14 13˙824 fveupdate.exe
14.07.2009 02:14 65˙024 bfsvc.exe
13.07.2009 23:58 43˙131 mib.bin
10.06.2009 22:42 707 _default.pif
10.06.2009 22:42 256˙192 winhelp.exe
10.06.2009 22:41 49˙680 twunk_16.exe
10.06.2009 22:41 94˙784 twain.dll
10.06.2009 22:34 316˙640 WMSysPr9.prx
10.06.2009 22:19 1˙405 msdfmap.ini
10.06.2009 22:14 48˙201 Starter.xml
10.06.2009 22:14 48˙265 HomePremium.xml
20.04.2009 12:56 31˙232 NIRCMD.exe
18.12.2008 23:42 76˙304 KHALMNPR.Exe
31.08.2000 08:00 136˙704 SWSC.exe
31.08.2000 08:00 161˙792 SWREG.exe
31.08.2000 08:00 98˙816 sed.exe
31.08.2000 08:00 80˙412 grep.exe
31.08.2000 08:00 68˙096 zip.exe
31.08.2000 08:00 212˙480 SWXCACLS.exe
Soubor…: 44, Bajt…: 7˙862˙100
Adres ý…: 0, Volněch bajt…: 27˙260˙596˙224
Svazek v jednotce C je Syst‚m.
S‚riov‚ źˇslo svazku je A804-1160.

Věpis adres ýe C:\Users\Romaine\AppData\Local\Temp

15.03.2010 18:28 0 FXSAPIDebugLogFile.txt
Soubor…: 1, Bajt…: 0
Adres ý…: 0, Volněch bajt…: 27˙260˙596˙224

Příspěvekod **jaro3** » 15 bře 2010 20:03

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
C:\Users\Romaine\AppData\Local\Temp\FXSAPIDebugLogFile.txt

Folder::
c:\windows\system32\x64

Firefox::
FF - ProfilePath - c:\users\Romaine\AppData\Roaming\Mozilla\Firefox\Profiles\7flwrva2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Curious Giraffe.tls.dll
c:\windows\System32\user32.dll

Pokud už byl soubor testován-klikni na otestovat znovu.
Až skončí test všech antivirů, vlož sem pak odkazy na stránky s výsledky.

Jak vypadají ty zvuky?

Romaine · Příspěvekod **Romaine** » 15 bře 2010 23:20

Takže Combo fix:

ComboFix 10-03-15.02 - Romaine 15.03.2010 22:31:41.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.1015.424 [GMT 1:00]
Spuštěný z: c:\users\Romaine\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Romaine\Desktop\CFScript.txt
* Rezidentní štít AV je zapnutý

FILE ::
"c:\users\Romaine\AppData\Local\Temp\FXSAPIDebugLogFile.txt"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Romaine\AppData\Local\Temp\FXSAPIDebugLogFile.txt
c:\users\Romaine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
c:\windows\system32\x64

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-15 do 2010-03-15 )))))))))))))))))))))))))))))))
.

2010-03-15 21:45 . 2010-03-15 21:48 -------- d-----w- c:\users\Romaine\AppData\Local\temp
2010-03-15 21:45 . 2010-03-15 21:45 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-15 21:45 . 2010-03-15 21:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-15 16:48 . 2010-03-15 16:51 -------- d-----w- c:\users\Romaine\AppData\Roaming\PhotoFiltre Studio X
2010-03-15 16:09 . 2010-03-15 16:09 -------- d-----w- c:\users\Romaine\AppData\Roaming\Malwarebytes
2010-03-15 16:08 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-15 16:08 . 2010-03-15 16:08 -------- d-----w- c:\programdata\Malwarebytes
2010-03-15 16:08 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-14 14:22 . 2010-03-14 14:22 -------- d-----w- c:\users\Romaine\AppData\Local\Xenocode
2010-03-11 13:18 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-10 15:11 . 2004-01-11 23:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-03-10 14:03 . 2010-03-10 14:03 -------- d-----w- c:\users\Romaine\AppData\Local\ESET
2010-03-10 11:56 . 2010-03-10 11:57 -------- d-----w- c:\users\Romaine\AppData\Roaming\MyPhoneExplorer
2010-03-10 08:05 . 2010-03-10 08:05 -------- d-----w- c:\programdata\ODIR
2010-03-10 06:24 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-03-10 06:19 . 2009-09-11 16:15 1002008 ----a-w- c:\windows\system32\igxpun.exe
2010-03-10 06:15 . 2010-03-10 06:15 -------- d-----w- c:\program files\IDT
2010-03-10 06:15 . 2009-08-11 10:36 380928 ----a-w- c:\windows\system32\aestecap.dll
2010-03-10 06:15 . 2009-07-20 10:34 139264 ----a-w- c:\windows\system32\aestacap.dll
2010-03-10 06:15 . 2009-03-02 16:57 61440 ----a-w- c:\windows\system32\aestaren.dll
2010-03-10 06:15 . 2009-08-13 16:09 536576 ----a-w- c:\windows\system32\idtmini1.exe
2010-03-10 06:15 . 2009-03-02 16:47 86016 ----a-w- c:\windows\system32\AESTCom.dll
2010-03-10 06:15 . 2009-08-13 16:09 467036 ----a-w- c:\windows\sttray.exe
2010-03-10 06:15 . 2009-08-13 16:09 3743744 ----a-w- c:\windows\system32\stlang.dll
2010-03-10 06:15 . 2010-03-10 06:15 -------- d-----w- c:\windows\system32\SRSLabs
2010-03-10 06:10 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-03-10 06:10 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-03-10 06:10 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-03-10 06:10 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-03-10 06:10 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-03-10 06:10 . 2010-01-18 23:29 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-03-10 06:10 . 2010-01-18 23:29 369152 ----a-w- c:\windows\system32\secproc.dll
2010-03-10 06:10 . 2010-01-18 23:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-03-10 06:10 . 2010-01-18 23:28 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-03-10 06:10 . 2010-01-18 23:28 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-03-10 06:10 . 2010-01-18 23:28 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-03-09 21:09 . 2010-03-15 21:47 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2010-03-09 19:27 . 2009-07-14 01:15 280064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzppw71.dll
2010-03-09 19:21 . 2010-03-09 19:19 29472 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2010-03-09 19:21 . 2010-03-09 19:19 108072 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2010-03-09 19:21 . 2010-03-09 19:19 86056 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2010-03-09 19:21 . 2010-03-09 19:19 18344 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2010-03-09 19:20 . 2010-03-09 19:20 -------- d-----w- c:\program files\WIDCOMM
2010-03-09 19:19 . 2010-03-09 19:19 -------- d-----w- c:\program files\DIFX
2010-03-09 18:56 . 2010-03-13 19:06 -------- d-----w- c:\users\Romaine\AppData\Roaming\esmska
2010-03-09 18:33 . 2010-03-09 18:33 -------- d-----w- c:\users\Romaine\AppData\Roaming\Nero
2010-03-09 18:10 . 2001-08-31 13:00 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll
2010-03-09 18:10 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5STKIT.DLL
2010-03-09 18:10 . 2009-05-14 15:26 207872 ----a-w- c:\windows\system32\iwpsetup.exe
2010-03-09 18:03 . 2010-03-09 18:04 -------- d-----w- c:\users\Romaine\AppData\Roaming\Miranda
2010-03-09 17:57 . 2010-03-09 17:57 -------- d-----w- c:\programdata\Nero
2010-03-09 17:57 . 2010-03-09 18:10 -------- d-----w- c:\program files\Common Files\Nero
2010-03-09 17:47 . 2010-03-09 17:47 -------- d-sh--we c:\windows\system32\config\systemprofile\Soubory cookie
2010-03-09 17:47 . 2010-03-09 17:47 -------- d-sh--we c:\windows\system32\config\systemprofile\Data aplikací
2010-03-09 17:47 . 2010-03-09 17:47 -------- d-----w- c:\users\Romaine\AppData\Local\Programs
2010-03-09 17:45 . 2010-03-15 21:46 602 ----a-w- c:\programdata\ArcSoft\ArcSoft-WebCamCompanion3\acforall.dll
2010-03-09 17:45 . 2010-03-09 17:46 -------- d-----w- c:\programdata\ArcSoft
2010-03-09 17:45 . 2010-03-09 17:45 -------- d-----w- c:\program files\Common Files\ArcSoft
2010-03-09 17:43 . 2010-03-09 17:46 -------- d-----w- c:\users\Romaine\AppData\Roaming\ArcSoft
2010-03-09 17:40 . 2010-03-15 16:11 -------- d-----w- c:\users\Romaine\AppData\Roaming\Spyware Terminator
2010-03-09 17:40 . 2010-03-09 17:40 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe
2010-03-09 17:40 . 2010-03-09 17:40 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys
2010-03-09 17:40 . 2010-03-09 17:40 141312 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-03-09 17:40 . 2010-03-09 17:40 -------- d-----w- c:\programdata\Spyware Terminator
2010-03-09 17:39 . 2010-03-09 17:39 -------- d-----w- c:\programdata\Sticky Notes TB Hider
2010-03-09 17:22 . 1999-03-26 00:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2010-03-09 17:17 . 2010-03-11 13:18 -------- d-----w- c:\program files\Movie Maker 2.6
2010-03-09 17:16 . 2010-03-09 17:16 -------- d-----w- c:\program files\Fortis Software
2010-03-09 17:10 . 2010-03-09 17:31 -------- d-----w- c:\program files\MSECache
2010-03-09 17:07 . 2010-03-09 17:06 737280 ----a-w- c:\windows\iun6002.exe
2010-03-09 17:07 . 2010-03-09 17:07 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-03-09 16:57 . 2010-03-09 16:57 6172672 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Curious Giraffe.tls.dll
2010-03-09 16:56 . 2010-03-09 16:56 -------- d--h--w- c:\windows\Icons
2010-03-09 16:47 . 2010-02-25 10:15 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-03-09 16:47 . 2010-02-25 10:15 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-03-09 16:45 . 2010-02-25 10:22 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-03-09 16:44 . 2010-03-09 16:44 -------- d-----w- c:\users\Romaine\AppData\Roaming\TuneUp Software
2010-03-09 16:43 . 2010-03-09 16:44 -------- d-----w- c:\programdata\TuneUp Software
2010-03-09 16:43 . 2010-03-09 16:43 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-03-09 16:41 . 2006-02-28 07:53 2936832 ----a-w- c:\windows\system32\MA2_6.scr
2010-03-09 16:34 . 2010-03-09 16:34 520192 ----a-w- c:\programdata\LangSoft\WebIE.dll
2010-03-09 16:34 . 2010-03-09 16:34 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2010-03-09 16:34 . 2010-03-09 16:34 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2010-03-09 16:32 . 2010-03-09 16:34 -------- d-----w- c:\programdata\LangSoft
2010-03-09 16:32 . 2010-03-09 16:34 -------- d-----w- c:\users\Romaine\AppData\Roaming\LangSoft
2010-03-09 16:31 . 2010-03-09 16:31 -------- d-----w- c:\programdata\LogiShrd
2010-03-09 16:31 . 2010-03-09 16:31 -------- d-----w- c:\users\Romaine\AppData\Roaming\Logitech
2010-03-09 16:30 . 2008-11-03 08:55 6963200 ----a-w- c:\windows\system32\RTS5121icon.dll
2010-03-09 16:30 . 2009-02-18 23:26 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2010-03-09 16:30 . 2010-03-09 16:30 -------- d-----w- c:\program files\Synaptics
2010-03-09 16:30 . 2009-02-18 23:27 84496 ----a-w- c:\windows\system32\KemXML.dll
2010-03-09 16:30 . 2009-02-18 23:27 117264 ----a-w- c:\windows\system32\KemWnd.dll
2010-03-09 16:30 . 2009-02-18 23:27 145936 ----a-w- c:\windows\system32\KemUtil.dll
2010-03-09 16:30 . 2009-02-18 23:27 170512 ----a-w- c:\windows\system32\kemutb.dll
2010-03-09 16:30 . 2010-03-09 16:30 -------- d-----w- c:\program files\Realtek
2010-03-09 16:29 . 2010-03-09 16:31 -------- d-----w- c:\programdata\Logitech
2010-03-09 16:29 . 2010-03-09 16:31 -------- d-----w- c:\program files\Common Files\Logishrd
2010-03-09 16:28 . 2010-03-09 19:27 -------- d-----w- c:\programdata\Hewlett-Packard
2010-03-09 16:27 . 2010-03-09 17:43 -------- d-----w- c:\program files\Common Files\InstallShield
2010-03-09 16:25 . 2010-03-09 17:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-09 16:24 . 2010-03-09 16:28 -------- d-----w- c:\program files\Hewlett-Packard
2010-03-09 16:24 . 2010-03-09 16:24 -------- d-----w- c:\users\Romaine\AppData\Roaming\hpqLog
2010-03-09 16:23 . 2010-03-09 16:23 -------- d-----w- c:\users\Romaine\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
2010-03-09 16:20 . 2010-03-09 16:20 -------- d-----w- c:\program files\HP USB Bluetooth Adpater Software Driver
2010-03-09 16:16 . 2010-03-09 16:17 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-09 16:00 . 2010-03-09 16:00 -------- d-----w- c:\users\Romaine\AppData\Roaming\Itsth
2010-03-09 15:57 . 2010-03-09 15:57 -------- d-----w- c:\users\Romaine\AppData\Roaming\Ashampoo
2010-03-09 15:56 . 2010-03-09 15:56 -------- d-----w- c:\programdata\ashampoo
2010-03-09 15:52 . 2009-10-11 03:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-09 15:52 . 2010-03-09 16:59 -------- d-----w- c:\program files\Java
2010-03-09 15:50 . 2010-03-09 15:50 -------- d-----w- c:\windows\system32\Macromed
2010-03-09 15:30 . 2010-03-09 15:31 -------- d-----w- c:\users\Romaine\AppData\Roaming\AIMP
2010-03-09 14:36 . 2010-03-09 14:36 -------- d-----w- c:\windows\system32\Wat
2010-03-09 14:28 . 2010-03-09 14:28 21976 ----a-w- c:\windows\system32\emptyregdb.dat
2010-03-09 14:22 . 2010-03-09 14:22 -------- d-----w- c:\users\Romaine\AppData\Local\Mozilla
2010-03-09 14:20 . 2010-03-09 19:10 84512 ----a-w- c:\users\Romaine\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-09 14:20 . 2010-03-09 14:20 -------- dc----w- c:\users\Romaine\AppData\Local\MigWiz
2010-03-09 14:12 . 2010-03-09 14:12 -------- d-----w- c:\program files\Microsoft Works
2010-03-09 14:06 . 2010-03-09 14:06 -------- d-----w- c:\windows\PCHEALTH
2010-03-09 14:06 . 2010-03-09 14:06 -------- d-----w- c:\program files\Microsoft.NET
2010-03-09 13:53 . 2010-03-09 13:53 -------- d-----w- c:\users\Romaine\AppData\Local\Microsoft Help
2010-03-09 13:53 . 2010-03-09 17:26 -------- d-----w- c:\programdata\Microsoft Help
2010-03-09 13:53 . 2010-03-11 13:18 -------- d-sh--w- c:\windows\Installer
2010-03-09 13:50 . 2010-03-09 13:50 -------- d-----r- C:\MSOCache
2010-03-09 13:45 . 2010-03-09 19:38 -------- d-----r- C:\Program Files (2)

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-15 17:34 . 2009-07-14 08:44 625914 ----a-w- c:\windows\system32\perfh005.dat
2010-03-15 17:34 . 2009-07-14 08:44 120000 ----a-w- c:\windows\system32\perfc005.dat
2010-03-09 16:31 . 2010-03-09 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-03-09 16:31 . 2010-03-09 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-03-09 16:31 . 2010-03-09 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2010-03-09 14:36 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll
2010-03-09 14:36 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll
2010-03-09 14:35 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll
2010-03-09 14:34 . 2010-03-09 14:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Plocha
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Oblíbené položky
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Šablony
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Nabídka Start
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Dokumenty
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Data aplikací
2010-02-04 09:01 . 2010-03-09 16:17 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-04 09:01 . 2010-03-09 16:17 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-04 09:01 . 2010-03-09 16:17 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-04 09:01 . 2010-03-09 16:17 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-02-02 07:45 . 2010-03-10 06:05 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-01-08 03:18 . 2010-03-10 06:05 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-03-10 06:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-19 09:02 . 2010-03-10 06:05 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-03-10 06:05 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-03-10 06:05 1328640 ----a-w- c:\windows\system32\quartz.dll
2009-12-19 09:02 . 2010-03-10 06:05 22016 ----a-w- c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-03-10 06:05 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-19 09:02 . 2010-03-10 06:05 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-03-10 06:05 84480 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-19 09:02 . 2010-03-10 06:05 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-19 09:02 . 2010-03-10 06:05 91648 ----a-w- c:\windows\system32\avifil32.dll
2009-12-18 14:02 . 2009-12-18 14:02 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

------- Sigcheck -------

[-] 2010-03-09 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-01-15 1418536]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-12-18 76304]
"NotebookHardwareControl"="c:\program files (2)\Důležité\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-11 150552]
"egui"="c:\program files (2)\Bezpečnost PC\ESET Smart Security\egui.exe" [2009-11-16 2054360]

c:\users\Romaine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sticky Notes Taskbar Hider.lnk - c:\program files (2)\Progr mky\StickyNotes\SNTBHider.exe [2010-3-9 638976]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files (2)\D…le§it‚\SetPoint\SetPoint\SetPoint.exe [2010-3-9 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-02-18 23:30 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SysTrayApp"=c:\program files\IDT\WDM\sttray.exe
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (2)\Prográmky\Adobe Reader\Reader\Reader_sl.exe"

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-09 29472]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys [x]
R3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-09 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-03-09 141312]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe [2009-03-02 81920]
S2 ekrn;ESET Service;c:\program files (2)\Bezpečnost PC\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-12-18 38240]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2009-11-13 58368]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: YamicsoftDisabled
IE: YamicsoftDisabled\E&xportovat do aplikace Microsoft Excel - c:\progra~3\DLEIT~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: YamicsoftDisabled\Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: YamicsoftDisabled\Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Romaine\AppData\Roaming\Mozilla\Firefox\Profiles\7flwrva2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://amail.centrum.cz/INBOX/list.aspx ... seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=

---- NASTAVENÍ FIREFOXU ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.10
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: browser.tabs.closeButtons - 1
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3480)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\STacSV.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files (2)\Bezpečnost PC\Spyware Terminator\sp_rsser.exe
c:\program files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Celkový čas: 2010-03-15 22:55:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-15 21:55

Před spuštěním: Volných bajtů: 27 229 917 184
Po spuštění: Volných bajtů: 27 047 747 584

- - End Of File - - A155D0ECCCA262FAAE4EAB18D6138D05

A HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:51, on 15.3.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (2)\Důležité\Notebook Hardware Control\nhc.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (2)\Bezpečnost PC\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\Explorer.exe
C:\Program Files (2)\Důležité\Mozzila Firefox\firefox.exe
C:\Program Files (2)\Bezpečnost PC\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files (2)\Důležité\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files (2)\Bezpečnost PC\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Sticky Notes Taskbar Hider.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~3\DLEIT~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files (2)\Bezpečnost PC\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files (2)\Bezpečnost PC\ESET Smart Security\ekrn.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (2)\Bezpečnost PC\Spyware Terminator\sp_rsser.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\STacSV.exe
O23 - Service: @C:\Program Files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 4586 bytes

http://www.virustotal.com/cs/analisis/3 ... 1268690715

http://www.virustotal.com/cs/analisis/8 ... 1268691356

Zvuky? Asi vždy jiný. Šramocení, možná nějaké pípnutí - nyní si nejsem jistá.

Příspěvekod **jaro3** » 16 bře 2010 00:18

Tak to bude ještě problém s HW. Zkus přeinstalovat ovladač grafiky.Teploty, napětí atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit, smazat, přesunout nebo přejmenovat

Tak ještě jeden script v CF:

Kód: Vybrat vše

DirLook::
c:\windows\Icons
c:\users\Romaine\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

Firefox::
FF - ProfilePath - c:\users\Romaine\AppData\Roaming\Mozilla\Firefox\Profiles\7flwrva2.default\
FF - prefs.js: browser.startup.homepage - hxxp://amail.centrum.cz/INBOX/list.aspx ... seznam.cz/

potom log CF , z HJT dávat nemusíš.

Romaine · Příspěvekod **Romaine** » 16 bře 2010 10:29

Takže Dr. Web nic nenašel.

Ještě zkusím stáhnout teda ovladače na grafiku, ale napřed musím najít. A cos myslel tím teploty, napětí?

Log z CF:

ComboFix 10-03-15.04 - Romaine 16.03.2010 10:06:54.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.1015.509 [GMT 1:00]
Spuštěný z: c:\users\Romaine\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Romaine\Desktop\CFScript.txt
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Romaine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-16 do 2010-03-16 )))))))))))))))))))))))))))))))
.

2010-03-16 09:19 . 2010-03-16 09:19 -------- d-----w- c:\users\Romaine\AppData\Local\temp
2010-03-16 09:19 . 2010-03-16 09:19 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-16 09:19 . 2010-03-16 09:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-16 07:49 . 2010-03-16 07:49 -------- d-----w- c:\users\Romaine\DoctorWeb
2010-03-16 07:39 . 2010-03-16 07:39 -------- d-----w- c:\users\Romaine\AppData\Local\Adobe
2010-03-15 16:48 . 2010-03-15 16:51 -------- d-----w- c:\users\Romaine\AppData\Roaming\PhotoFiltre Studio X
2010-03-15 16:09 . 2010-03-15 16:09 -------- d-----w- c:\users\Romaine\AppData\Roaming\Malwarebytes
2010-03-15 16:08 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-15 16:08 . 2010-03-15 16:08 -------- d-----w- c:\programdata\Malwarebytes
2010-03-15 16:08 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-14 14:22 . 2010-03-14 14:22 -------- d-----w- c:\users\Romaine\AppData\Local\Xenocode
2010-03-11 13:18 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-10 15:11 . 2004-01-11 23:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-03-10 14:03 . 2010-03-10 14:03 -------- d-----w- c:\users\Romaine\AppData\Local\ESET
2010-03-10 11:56 . 2010-03-10 11:57 -------- d-----w- c:\users\Romaine\AppData\Roaming\MyPhoneExplorer
2010-03-10 08:05 . 2010-03-10 08:05 -------- d-----w- c:\programdata\ODIR
2010-03-10 06:24 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-03-10 06:19 . 2009-09-11 16:15 1002008 ----a-w- c:\windows\system32\igxpun.exe
2010-03-10 06:15 . 2010-03-10 06:15 -------- d-----w- c:\program files\IDT
2010-03-10 06:15 . 2009-08-11 10:36 380928 ----a-w- c:\windows\system32\aestecap.dll
2010-03-10 06:15 . 2009-07-20 10:34 139264 ----a-w- c:\windows\system32\aestacap.dll
2010-03-10 06:15 . 2009-03-02 16:57 61440 ----a-w- c:\windows\system32\aestaren.dll
2010-03-10 06:15 . 2009-08-13 16:09 536576 ----a-w- c:\windows\system32\idtmini1.exe
2010-03-10 06:15 . 2009-03-02 16:47 86016 ----a-w- c:\windows\system32\AESTCom.dll
2010-03-10 06:15 . 2009-08-13 16:09 467036 ----a-w- c:\windows\sttray.exe
2010-03-10 06:15 . 2009-08-13 16:09 3743744 ----a-w- c:\windows\system32\stlang.dll
2010-03-10 06:15 . 2010-03-10 06:15 -------- d-----w- c:\windows\system32\SRSLabs
2010-03-10 06:10 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-03-10 06:10 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-03-10 06:10 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-03-10 06:10 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-03-10 06:10 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-03-10 06:10 . 2010-01-18 23:29 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-03-10 06:10 . 2010-01-18 23:29 369152 ----a-w- c:\windows\system32\secproc.dll
2010-03-10 06:10 . 2010-01-18 23:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-03-10 06:10 . 2010-01-18 23:28 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-03-10 06:10 . 2010-01-18 23:28 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-03-10 06:10 . 2010-01-18 23:28 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-03-09 21:09 . 2010-03-16 07:21 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2010-03-09 19:27 . 2009-07-14 01:15 280064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzppw71.dll
2010-03-09 19:21 . 2010-03-09 19:19 29472 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2010-03-09 19:21 . 2010-03-09 19:19 108072 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2010-03-09 19:21 . 2010-03-09 19:19 86056 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2010-03-09 19:21 . 2010-03-09 19:19 18344 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2010-03-09 19:20 . 2010-03-09 19:20 -------- d-----w- c:\program files\WIDCOMM
2010-03-09 19:19 . 2010-03-09 19:19 -------- d-----w- c:\program files\DIFX
2010-03-09 18:56 . 2010-03-13 19:06 -------- d-----w- c:\users\Romaine\AppData\Roaming\esmska
2010-03-09 18:33 . 2010-03-09 18:33 -------- d-----w- c:\users\Romaine\AppData\Roaming\Nero
2010-03-09 18:10 . 2001-08-31 13:00 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll
2010-03-09 18:10 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5STKIT.DLL
2010-03-09 18:10 . 2009-05-14 15:26 207872 ----a-w- c:\windows\system32\iwpsetup.exe
2010-03-09 18:03 . 2010-03-09 18:04 -------- d-----w- c:\users\Romaine\AppData\Roaming\Miranda
2010-03-09 17:57 . 2010-03-09 17:57 -------- d-----w- c:\programdata\Nero
2010-03-09 17:57 . 2010-03-09 18:10 -------- d-----w- c:\program files\Common Files\Nero
2010-03-09 17:47 . 2010-03-09 17:47 -------- d-sh--we c:\windows\system32\config\systemprofile\Soubory cookie
2010-03-09 17:47 . 2010-03-09 17:47 -------- d-sh--we c:\windows\system32\config\systemprofile\Data aplikací
2010-03-09 17:47 . 2010-03-09 17:47 -------- d-----w- c:\users\Romaine\AppData\Local\Programs
2010-03-09 17:45 . 2010-03-16 07:20 602 ----a-w- c:\programdata\ArcSoft\ArcSoft-WebCamCompanion3\acforall.dll
2010-03-09 17:45 . 2010-03-09 17:46 -------- d-----w- c:\programdata\ArcSoft
2010-03-09 17:45 . 2010-03-09 17:45 -------- d-----w- c:\program files\Common Files\ArcSoft
2010-03-09 17:43 . 2010-03-09 17:46 -------- d-----w- c:\users\Romaine\AppData\Roaming\ArcSoft
2010-03-09 17:40 . 2010-03-15 16:11 -------- d-----w- c:\users\Romaine\AppData\Roaming\Spyware Terminator
2010-03-09 17:40 . 2010-03-09 17:40 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe
2010-03-09 17:40 . 2010-03-09 17:40 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys
2010-03-09 17:40 . 2010-03-09 17:40 141312 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-03-09 17:40 . 2010-03-09 17:40 -------- d-----w- c:\programdata\Spyware Terminator
2010-03-09 17:39 . 2010-03-09 17:39 -------- d-----w- c:\programdata\Sticky Notes TB Hider
2010-03-09 17:22 . 1999-03-26 00:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2010-03-09 17:17 . 2010-03-11 13:18 -------- d-----w- c:\program files\Movie Maker 2.6
2010-03-09 17:16 . 2010-03-09 17:16 -------- d-----w- c:\program files\Fortis Software
2010-03-09 17:10 . 2010-03-09 17:31 -------- d-----w- c:\program files\MSECache
2010-03-09 17:07 . 2010-03-09 17:06 737280 ----a-w- c:\windows\iun6002.exe
2010-03-09 17:07 . 2010-03-09 17:07 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-03-09 16:57 . 2010-03-09 16:57 6172672 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Curious Giraffe.tls.dll
2010-03-09 16:56 . 2010-03-09 16:56 -------- d--h--w- c:\windows\Icons
2010-03-09 16:47 . 2010-02-25 10:15 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-03-09 16:47 . 2010-02-25 10:15 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-03-09 16:45 . 2010-02-25 10:22 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-03-09 16:44 . 2010-03-09 16:44 -------- d-----w- c:\users\Romaine\AppData\Roaming\TuneUp Software
2010-03-09 16:43 . 2010-03-09 16:44 -------- d-----w- c:\programdata\TuneUp Software
2010-03-09 16:43 . 2010-03-09 16:43 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-03-09 16:41 . 2006-02-28 07:53 2936832 ----a-w- c:\windows\system32\MA2_6.scr
2010-03-09 16:34 . 2010-03-09 16:34 520192 ----a-w- c:\programdata\LangSoft\WebIE.dll
2010-03-09 16:34 . 2010-03-09 16:34 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2010-03-09 16:34 . 2010-03-09 16:34 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2010-03-09 16:32 . 2010-03-09 16:34 -------- d-----w- c:\programdata\LangSoft
2010-03-09 16:32 . 2010-03-09 16:34 -------- d-----w- c:\users\Romaine\AppData\Roaming\LangSoft
2010-03-09 16:31 . 2010-03-09 16:31 -------- d-----w- c:\programdata\LogiShrd
2010-03-09 16:31 . 2010-03-09 16:31 -------- d-----w- c:\users\Romaine\AppData\Roaming\Logitech
2010-03-09 16:30 . 2008-11-03 08:55 6963200 ----a-w- c:\windows\system32\RTS5121icon.dll
2010-03-09 16:30 . 2009-02-18 23:26 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2010-03-09 16:30 . 2010-03-09 16:30 -------- d-----w- c:\program files\Synaptics
2010-03-09 16:30 . 2009-02-18 23:27 84496 ----a-w- c:\windows\system32\KemXML.dll
2010-03-09 16:30 . 2009-02-18 23:27 117264 ----a-w- c:\windows\system32\KemWnd.dll
2010-03-09 16:30 . 2009-02-18 23:27 145936 ----a-w- c:\windows\system32\KemUtil.dll
2010-03-09 16:30 . 2009-02-18 23:27 170512 ----a-w- c:\windows\system32\kemutb.dll
2010-03-09 16:30 . 2010-03-09 16:30 -------- d-----w- c:\program files\Realtek
2010-03-09 16:29 . 2010-03-09 16:31 -------- d-----w- c:\programdata\Logitech
2010-03-09 16:29 . 2010-03-09 16:31 -------- d-----w- c:\program files\Common Files\Logishrd
2010-03-09 16:28 . 2010-03-09 19:27 -------- d-----w- c:\programdata\Hewlett-Packard
2010-03-09 16:27 . 2010-03-09 17:43 -------- d-----w- c:\program files\Common Files\InstallShield
2010-03-09 16:25 . 2010-03-09 17:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-09 16:24 . 2010-03-09 16:28 -------- d-----w- c:\program files\Hewlett-Packard
2010-03-09 16:24 . 2010-03-09 16:24 -------- d-----w- c:\users\Romaine\AppData\Roaming\hpqLog
2010-03-09 16:23 . 2010-03-09 16:23 -------- d-----w- c:\users\Romaine\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
2010-03-09 16:20 . 2010-03-09 16:20 -------- d-----w- c:\program files\HP USB Bluetooth Adpater Software Driver
2010-03-09 16:16 . 2010-03-09 16:17 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-09 16:00 . 2010-03-09 16:00 -------- d-----w- c:\users\Romaine\AppData\Roaming\Itsth
2010-03-09 15:57 . 2010-03-09 15:57 -------- d-----w- c:\users\Romaine\AppData\Roaming\Ashampoo
2010-03-09 15:56 . 2010-03-09 15:56 -------- d-----w- c:\programdata\ashampoo
2010-03-09 15:52 . 2009-10-11 03:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-09 15:52 . 2010-03-09 16:59 -------- d-----w- c:\program files\Java
2010-03-09 15:50 . 2010-03-09 15:50 -------- d-----w- c:\windows\system32\Macromed
2010-03-09 15:30 . 2010-03-09 15:31 -------- d-----w- c:\users\Romaine\AppData\Roaming\AIMP
2010-03-09 14:36 . 2010-03-09 14:36 -------- d-----w- c:\windows\system32\Wat
2010-03-09 14:28 . 2010-03-09 14:28 21976 ----a-w- c:\windows\system32\emptyregdb.dat
2010-03-09 14:22 . 2010-03-09 14:22 -------- d-----w- c:\users\Romaine\AppData\Local\Mozilla
2010-03-09 14:20 . 2010-03-09 19:10 84512 ----a-w- c:\users\Romaine\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-09 14:20 . 2010-03-09 14:20 -------- dc----w- c:\users\Romaine\AppData\Local\MigWiz
2010-03-09 14:12 . 2010-03-09 14:12 -------- d-----w- c:\program files\Microsoft Works
2010-03-09 14:06 . 2010-03-09 14:06 -------- d-----w- c:\windows\PCHEALTH
2010-03-09 14:06 . 2010-03-09 14:06 -------- d-----w- c:\program files\Microsoft.NET
2010-03-09 13:53 . 2010-03-09 13:53 -------- d-----w- c:\users\Romaine\AppData\Local\Microsoft Help
2010-03-09 13:53 . 2010-03-09 17:26 -------- d-----w- c:\programdata\Microsoft Help
2010-03-09 13:53 . 2010-03-11 13:18 -------- d-sh--w- c:\windows\Installer

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-16 07:24 . 2009-07-14 08:44 625914 ----a-w- c:\windows\system32\perfh005.dat
2010-03-16 07:24 . 2009-07-14 08:44 120000 ----a-w- c:\windows\system32\perfc005.dat
2010-03-09 16:31 . 2010-03-09 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-03-09 16:31 . 2010-03-09 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-03-09 16:31 . 2010-03-09 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2010-03-09 14:36 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll
2010-03-09 14:36 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll
2010-03-09 14:35 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll
2010-03-09 14:34 . 2010-03-09 14:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Plocha
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Oblíbené položky
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Šablony
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Nabídka Start
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Dokumenty
2010-03-09 13:24 . 2010-03-09 13:24 -------- d-sh--we c:\programdata\Data aplikací
2010-02-04 09:01 . 2010-03-09 16:17 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-04 09:01 . 2010-03-09 16:17 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-04 09:01 . 2010-03-09 16:17 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-04 09:01 . 2010-03-09 16:17 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-02-02 07:45 . 2010-03-10 06:05 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-01-08 03:18 . 2010-03-10 06:05 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-03-10 06:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-19 09:02 . 2010-03-10 06:05 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-03-10 06:05 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-03-10 06:05 1328640 ----a-w- c:\windows\system32\quartz.dll
2009-12-19 09:02 . 2010-03-10 06:05 22016 ----a-w- c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-03-10 06:05 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-19 09:02 . 2010-03-10 06:05 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-03-10 06:05 84480 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-19 09:02 . 2010-03-10 06:05 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-19 09:02 . 2010-03-10 06:05 91648 ----a-w- c:\windows\system32\avifil32.dll
2009-12-18 14:02 . 2009-12-18 14:02 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} ----

2010-03-09 16:43 . 2010-03-09 16:43 18525696 ----a-w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi

---- Directory of c:\users\Romaine\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716} ----

2010-03-09 16:23 . 2010-03-09 16:23 13660 ----a-w- c:\users\Romaine\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}\0x0409.ini
2010-03-09 16:23 . 2010-03-09 16:23 18580480 ----a-w- c:\users\Romaine\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}\HP Support Assistant.msi

---- Directory of c:\windows\Icons ----

2010-03-09 16:56 . 2010-03-09 16:56 295606 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.39.ico
2010-03-09 16:56 . 2010-03-09 16:56 295606 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.38.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.37.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.36.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.35.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.34.ico
2010-03-09 16:56 . 2010-03-09 16:56 88108 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.33.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.32.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.31.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.30.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.29.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.28.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.27.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.26.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.25.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.24.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.23.ico
2010-03-09 16:56 . 2010-03-09 16:56 16958 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.43.ico
2010-03-09 16:56 . 2010-03-09 16:56 89474 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.42.ico
2010-03-09 16:56 . 2010-03-09 16:56 51262 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.40.ico
2010-03-09 16:56 . 2010-03-09 16:56 277733 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.22.ico
2010-03-09 16:56 . 2010-03-09 16:56 282543 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.21.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.20.ico
2010-03-09 16:56 . 2010-03-09 16:56 332989 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.19.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.18.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.17.ico
2010-03-09 16:56 . 2010-03-09 16:56 267236 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.16.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.15.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.14.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.13.ico
2010-03-09 16:56 . 2010-03-09 16:56 81582 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.12.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.10.ico
2010-03-09 16:56 . 2010-03-09 16:56 81582 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.9.ico
2010-03-09 16:56 . 2010-03-09 16:56 161862 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.8.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.7.ico
2010-03-09 16:56 . 2010-03-09 16:56 81582 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.6.ico
2010-03-09 16:56 . 2010-03-09 16:56 67646 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.5.ico
2010-03-09 16:56 . 2010-03-09 16:56 25214 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.4.ico
2010-03-09 16:56 . 2010-03-09 16:56 366864 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.3.ico
2010-03-09 16:56 . 2010-03-09 16:56 326106 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.2.ico
2010-03-09 16:56 . 2010-03-09 16:56 22486 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.1.ico
2010-03-09 16:56 . 2010-03-09 16:56 26694 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl.0.ico
2010-03-09 16:56 . 2010-02-08 18:15 4930946 ----a-w- c:\windows\Icons\Windows 7 the best\Windows 7 the best.icl

------- Sigcheck -------

[-] 2010-03-09 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-01-15 1418536]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-12-18 76304]
"NotebookHardwareControl"="c:\program files (2)\Důležité\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-11 150552]
"egui"="c:\program files (2)\Bezpečnost PC\ESET Smart Security\egui.exe" [2009-11-16 2054360]

c:\users\Romaine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sticky Notes Taskbar Hider.lnk - c:\program files (2)\Progr mky\StickyNotes\SNTBHider.exe [2010-3-9 638976]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files (2)\D…le§it‚\SetPoint\SetPoint\SetPoint.exe [2010-3-9 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-02-18 23:30 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SysTrayApp"=c:\program files\IDT\WDM\sttray.exe
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (2)\Prográmky\Adobe Reader\Reader\Reader_sl.exe"

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-09 29472]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys [x]
R3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-09 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-03-09 141312]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe [2009-03-02 81920]
S2 ekrn;ESET Service;c:\program files (2)\Bezpečnost PC\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-12-18 38240]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2009-11-13 58368]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (2)\Bezpečnost PC\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - Dwsh00002C74

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: YamicsoftDisabled
IE: YamicsoftDisabled\E&xportovat do aplikace Microsoft Excel - c:\progra~3\DLEIT~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: YamicsoftDisabled\Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: YamicsoftDisabled\Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Romaine\AppData\Roaming\Mozilla\Firefox\Profiles\7flwrva2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=

---- NASTAVENÍ FIREFOXU ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.10
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: browser.tabs.closeButtons - 1
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (2)\D…le§it‚\Mozzila Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (2)\D…le§it‚\Mozzila Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
Celkový čas: 2010-03-16 10:24:23
ComboFix-quarantined-files.txt 2010-03-16 09:24
ComboFix2.txt 2010-03-15 21:55

Před spuštěním: Volných bajtů: 27 599 790 080
Po spuštění: Volných bajtů: 27 420 233 728

- - End Of File - - B918B94136E829E76C36D5EBAC62CB53

Romaine · Příspěvekod **Romaine** » 16 bře 2010 10:42

Vybrala jsem správný driver? Podle everestu mám to, co je na obrázku.

Stáhla jsem toto:
http://downloadcenter.intel.com/Detail_ ... 1&lang=eng

Ještě jsem raději neinstalovala.

Příspěvekod **jaro3** » 16 bře 2010 14:11

To by mělo být ono , ale i tak může být vadná , tím myslím studený spoj , ztráta kapacity el. kondezátorů atd.
Myslel jsem kontrolovat teploty a napětí CPU , GPU. Na vině může být baterka..Zkus foto BSOD.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

Ještě:

Spusť F-Secure Online Scanner

Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .

Romaine · Příspěvekod **Romaine** » 16 bře 2010 16:22

Takže pročištěno. No a vkládám obrázky teplot.

Baterku mám teda jinou, než byl originál - větší kapacita. Ale mám ji už dlouho a ten problém se vyskytuje až teď.

No a vyfotit BSOD (spíš video na mobil, aby tam byly i ty zvuky) se pokusím, ale nevím kdy.. Objevuje se to naprosto nepravidelně a jen když koukám na video. Ale každopádně je to modrá obrazovka a místo textu jsou rozmazané bílé čáry.

Ten online sken opravdu vypadá na několik hodin jak píšou :-(

Kontrola logu HJT - modrá obrazovka Vyřešeno

Kontrola logu HJT - modrá obrazovka

Re: Kontrola logu HJT - modrá obrazovka

Re: Kontrola logu HJT - modrá obrazovka

Re: Kontrola logu HJT - modrá obrazovka

Re: Kontrola logu HJT - modrá obrazovka

Re: Kontrola logu HJT - modrá obrazovka

Re: Kontrola logu HJT - modrá obrazovka

Re: Kontrola logu HJT - modrá obrazovka Vyřešeno

Re: Kontrola logu HJT - modrá obrazovka

Re: Kontrola logu HJT - modrá obrazovka

Re: Kontrola logu HJT - modrá obrazovka

Re: Kontrola logu HJT - modrá obrazovka

Kdo je online