Po odstranění černé obrazovky

Zpráva

Carl114 · #1 Příspěvek od **Carl114** » 16 led 2010 16:48

Po týdnu jsme společně konečně odstranili problém s černou obrazovkou ve Windows 7 a tak raději přikládám log na kontrolu. Měl by být naprosto v pořádku, ale přesto se raději ujistím

.

Kód: Vybrat vše

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:40:59, on 16.1.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
E:\Programy\NOD32\egui.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
E:\Programy\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - E:\Programy\AiRoboForm\roboform.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Programy\AiRoboForm\roboform.dll
O4 - HKLM\..\Run: [egui] "E:\Programy\NOD32\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Přizpůsobit Menu - file://E:\Programy\AiRoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Nástrojová lišta - file://E:\Programy\AiRoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Uložit formuláře - file://E:\Programy\AiRoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplnit formulář - file://E:\Programy\AiRoboForm\RoboFormComFillForms.html
O9 - Extra button: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Programy\AiRoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Programy\AiRoboForm\RoboFormComFillForms.html
O9 - Extra button: Uložit - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Programy\AiRoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Uložit formuláře - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Programy\AiRoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Programy\AiRoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF Nástrojová lišta - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Programy\AiRoboForm\RoboFormComShowToolbar.html
O13 - Gopher Prefix: 
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - E:\Programy\NOD32\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - E:\Programy\NOD32\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 4319 bytes

Jak je již řešeno víš - mám Windows 7 a tak není možné vložit log z RSIT, který na tomto operačním systému nefunguje.

#2 Příspěvek od **Rudy** » 16 led 2010 18:42

Log vypadá čistý. Pokud RSIT spustíte ve Win7 s kompatibilitou WinXP, poběží a dá log.

Carl114 · #3 Příspěvek od **Carl114** » 17 led 2010 01:11

Děkuji za radu. Zde tedy přikládám log z RSIT, který byl pořízen hned po spuštění počítače.

Kód: Vybrat vše

Logfile of random's system information tool 1.06 (written by random/random)
Run by Carl114 at 2010-01-17 01:01:09
Microsoft Windows 7 Ultimate  Service Pack 3
System drive C: has 21 GB (64%) free of 32 GB
Total RAM: 1024 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:01:25, on 17.1.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
E:\Programy\NOD32\egui.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Carl114\Desktop\RSIT.exe
E:\Programy\HijackThis\Carl114.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - E:\Programy\AiRoboForm\roboform.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Programy\AiRoboForm\roboform.dll
O4 - HKLM\..\Run: [egui] "E:\Programy\NOD32\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Přizpůsobit Menu - file://E:\Programy\AiRoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Nástrojová lišta - file://E:\Programy\AiRoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Uložit formuláře - file://E:\Programy\AiRoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplnit formulář - file://E:\Programy\AiRoboForm\RoboFormComFillForms.html
O9 - Extra button: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Programy\AiRoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Programy\AiRoboForm\RoboFormComFillForms.html
O9 - Extra button: Uložit - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Programy\AiRoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Uložit formuláře - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Programy\AiRoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Programy\AiRoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF Nástrojová lišta - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Programy\AiRoboForm\RoboFormComShowToolbar.html
O13 - Gopher Prefix: 
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - E:\Programy\NOD32\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - E:\Programy\NOD32\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 4306 bytes

======Scheduled tasks folder======

C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
E:\Programy\AiRoboForm\roboform.dll [2010-01-15 6013768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - E:\Programy\AiRoboForm\roboform.dll [2010-01-15 6013768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=E:\Programy\NOD32\egui.exe [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-01-16 16:39:14 ----D---- C:\rsit
2010-01-16 14:45:27 ----D---- C:\Users\Carl114\AppData\Roaming\Opera
2010-01-16 14:17:45 ----D---- C:\Program Files\Adobe Media Player
2010-01-16 14:14:10 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-01-16 13:24:15 ----D---- C:\Program Files\Common Files\Akamai
2010-01-16 13:12:14 ----D---- C:\ProgramData\FLEXnet
2010-01-16 13:06:19 ----D---- C:\ProgramData\ALM
2010-01-16 12:58:57 ----D---- C:\ProgramData\Adobe
2010-01-16 12:58:19 ----D---- C:\Program Files\Adobe
2010-01-16 12:54:56 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-01-16 12:34:11 ----D---- C:\Windows\Minidump
2010-01-16 12:15:44 ----D---- C:\Program Files\Common Files\Adobe
2010-01-15 22:28:47 ----A---- C:\Windows\system32\RTLCPL.EXE
2010-01-15 22:28:45 ----A---- C:\Windows\SOUNDMAN.EXE
2010-01-15 22:28:44 ----A---- C:\Windows\system32\RTLCPAPI.dll
2010-01-15 22:28:42 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-01-15 22:28:42 ----A---- C:\Windows\system32\RtkCfg.dll
2010-01-15 22:28:42 ----A---- C:\Windows\system32\RtkAPO.dll
2010-01-15 22:28:24 ----A---- C:\Windows\HideWin.exe
2010-01-15 22:22:00 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-01-15 22:20:31 ----D---- C:\Users\Carl114\AppData\Roaming\Apple Computer
2010-01-15 22:20:14 ----DC---- C:\Windows\system32\DRVSTORE
2010-01-15 22:20:14 ----A---- C:\Windows\system32\GEARAspi.dll
2010-01-15 22:19:13 ----D---- C:\ProgramData\RoboForm
2010-01-15 22:19:09 ----D---- C:\Program Files\iPod
2010-01-15 22:19:08 ----D---- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-01-15 22:17:38 ----D---- C:\Program Files\Bonjour
2010-01-15 22:16:50 ----D---- C:\Program Files\QuickTime
2010-01-15 22:16:27 ----D---- C:\Program Files\Siber Systems
2010-01-15 22:11:24 ----D---- C:\Users\Carl114\AppData\Roaming\ATI
2010-01-15 22:11:24 ----D---- C:\ProgramData\ATI
2010-01-15 22:08:26 ----D---- C:\Program Files\ATI Technologies
2010-01-15 22:08:22 ----D---- C:\Program Files\ATI
2010-01-15 21:46:43 ----SHD---- C:\RECYCLER
2010-01-15 18:32:52 ----D---- C:\Users\Carl114\AppData\Roaming\Media Player Classic
2010-01-15 18:23:14 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-15 18:18:24 ----D---- C:\ProgramData\Apple Computer
2010-01-15 18:17:01 ----D---- C:\Program Files\Common Files\Apple
2010-01-15 18:16:46 ----D---- C:\ProgramData\Apple
2010-01-15 18:16:46 ----D---- C:\Program Files\Apple Software Update
2010-01-15 16:53:13 ----D---- C:\Users\Carl114\AppData\Roaming\Macromedia
2010-01-15 16:53:12 ----D---- C:\Users\Carl114\AppData\Roaming\Adobe
2010-01-15 16:53:07 ----D---- C:\Windows\system32\Macromed
2010-01-15 16:29:05 ----D---- C:\Program Files\VIA
2010-01-15 16:12:43 ----D---- C:\Program Files\Common Files\InstallShield
2010-01-15 16:00:34 ----D---- C:\Users\Carl114\AppData\Roaming\WinRAR
2010-01-15 15:48:42 ----A---- C:\Windows\system32\unrar.dll
2010-01-15 15:48:39 ----A---- C:\Windows\avisplitter.ini
2010-01-15 15:48:19 ----A---- C:\Windows\system32\yv12vfw.dll
2010-01-15 15:48:17 ----A---- C:\Windows\system32\xvidvfw.dll
2010-01-15 15:48:17 ----A---- C:\Windows\system32\xvidcore.dll
2010-01-15 15:47:56 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-01-15 15:47:56 ----A---- C:\Windows\system32\ff_vfw.dll
2010-01-15 15:46:55 ----D---- C:\Users\Carl114\AppData\Roaming\PSpad
2010-01-15 15:45:57 ----D---- C:\Users\Carl114\AppData\Roaming\GHISLER
2010-01-15 15:38:41 ----D---- C:\Users\Carl114\AppData\Roaming\Uniblue
2010-01-15 15:14:37 ----D---- C:\Users\Carl114\AppData\Roaming\Mozilla
2010-01-15 15:11:49 ----D---- C:\ProgramData\ESET
2010-01-15 15:11:37 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-15 15:09:17 ----SHD---- C:\Windows\Installer
2010-01-15 15:00:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-15 14:55:14 ----D---- C:\Users\Carl114\AppData\Roaming\Identities
2010-01-15 14:55:04 ----SD---- C:\Users\Carl114\AppData\Roaming\Microsoft
2010-01-15 14:55:04 ----D---- C:\Users\Carl114\AppData\Roaming\Media Center Programs
2010-01-15 14:54:43 ----SHD---- C:\Recovery
2010-01-15 14:54:42 ----SHD---- C:\ProgramData\Šablony
2010-01-15 14:54:42 ----SHD---- C:\ProgramData\Plocha
2010-01-15 14:54:42 ----SHD---- C:\ProgramData\Oblíbené položky
2010-01-15 14:54:42 ----SHD---- C:\ProgramData\Nabídka Start
2010-01-15 14:54:42 ----SHD---- C:\ProgramData\Dokumenty
2010-01-15 14:54:42 ----SHD---- C:\ProgramData\Data aplikací
2010-01-15 14:50:25 ----D---- C:\Windows\SoftwareDistribution
2010-01-15 14:47:36 ----D---- C:\Windows\Prefetch
2010-01-15 14:47:24 ----SHD---- C:\System Volume Information
2010-01-15 14:46:26 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 months======

2010-01-17 01:01:20 ----D---- C:\Windows\Temp
2010-01-17 01:01:14 ----D---- C:\Windows\system32\config
2010-01-16 20:15:59 ----D---- C:\Windows\system32\LogFiles
2010-01-16 20:10:04 ----D---- C:\Windows\System32
2010-01-16 20:10:03 ----D---- C:\Windows\inf
2010-01-16 20:00:01 ----D---- C:\Windows\system32\wdi
2010-01-16 14:18:33 ----D---- C:\Windows\system32\drivers
2010-01-16 14:17:45 ----RD---- C:\Program Files
2010-01-16 14:14:10 ----D---- C:\Program Files\Common Files
2010-01-16 13:12:14 ----HD---- C:\ProgramData
2010-01-16 13:01:24 ----RSD---- C:\Windows\Fonts
2010-01-16 12:37:03 ----D---- C:\Windows
2010-01-16 12:11:31 ----D---- C:\Windows\system32\Tasks
2010-01-16 12:11:29 ----D---- C:\Windows\Tasks
2010-01-16 12:01:33 ----D---- C:\Windows\Microsoft.NET
2010-01-16 12:01:32 ----RSD---- C:\Windows\assembly
2010-01-16 00:44:00 ----D---- C:\Windows\system32\DriverStore
2010-01-16 00:28:11 ----D---- C:\Windows\system32\catroot
2010-01-15 22:17:28 ----D---- C:\Program Files\Internet Explorer
2010-01-15 22:09:05 ----D---- C:\Windows\winsxs
2010-01-15 22:08:59 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-15 16:13:40 ----D---- C:\Windows\Logs
2010-01-15 15:11:17 ----D---- C:\Windows\system32\catroot2
2010-01-15 15:10:59 ----D---- C:\Windows\system32\restore
2010-01-15 15:04:58 ----SD---- C:\ProgramData\Microsoft
2010-01-15 15:02:24 ----D---- C:\Windows\system32\CodeIntegrity
2010-01-15 14:59:48 ----D---- C:\Windows\system32\wbem
2010-01-15 14:55:12 ----SHD---- C:\$Recycle.Bin
2010-01-15 14:55:01 ----RD---- C:\Users
2010-01-15 14:54:43 ----D---- C:\Windows\system32\Recovery
2010-01-15 14:54:42 ----D---- C:\Program Files\Windows NT
2010-01-15 14:54:11 ----D---- C:\Windows\rescache
2010-01-15 14:53:48 ----D---- C:\Windows\debug
2010-01-15 14:50:27 ----D---- C:\Windows\system32\sysprep
2010-01-15 14:48:14 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [2009-07-14 35328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2009-07-14 78336]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2009-07-14 16896]
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-07-14 74240]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2009-07-14 63488]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-11-16 95896]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2009-07-14 48128]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2009-07-14 86528]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2009-07-14 586752]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2009-07-14 60928]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-07-14 34816]
R3 AmdK8;Ovladač procesoru AMD K8; C:\Windows\system32\DRIVERS\amdk8.sys [2009-07-14 55296]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-09-30 4450816]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2009-07-14 69632]
R3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2009-07-14 720896]
R3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6.sys [2009-07-13 44032]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft; C:\Windows\system32\DRIVERS\monitor.sys [2009-07-14 23552]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2009-07-14 60416]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2009-07-14 221184]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2009-07-14 95744]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-07-14 75264]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2009-07-14 306688]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-07-14 113664]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2009-07-14 108544]
R3 umbus;Ovladač sběrnice UMBus Enumerator; C:\Windows\system32\DRIVERS\umbus.sys [2009-07-14 39936]
R3 usbehci;Ovladač miniportu vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\Windows\system32\DRIVERS\usbehci.sys [2009-07-14 41472]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\Windows\system32\DRIVERS\usbhub.sys [2009-07-14 258560]
R3 usbuhci;Ovladač miniportu univerzálního hostitelského řadiče Microsoft USB; C:\Windows\system32\DRIVERS\usbuhci.sys [2009-07-14 24064]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\Windows\system32\drivers\vinyl97.sys [2007-06-27 207488]
S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [2009-07-14 146512]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys [2009-07-14 53312]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS []
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys [2009-07-14 14912]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys [2009-07-14 76368]
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys [2009-07-13 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys [2009-07-13 5248]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys [2009-07-13 62336]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys [2009-07-13 12160]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys [2009-07-13 11904]
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\DRIVERS\bthmodem.sys [2009-07-14 56320]
S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys [2009-07-14 37888]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]
S3 Compbatt;Compbatt; C:\Windows\system32\DRIVERS\compbatt.sys [2009-07-14 19024]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-07-14 142336]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2009-07-14 28160]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
S3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-07-14 108544]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]
S3 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\DRIVERS\hidbth.sys [2009-07-14 91136]
S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys [2009-07-14 37888]
S3 HidUsb;Microsoft HID Class Driver; C:\Windows\system32\DRIVERS\hidusb.sys [2009-07-14 24064]
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [2009-07-14 332352]
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [2009-07-14 41040]
S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys [2009-07-14 15424]
S3 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys [2009-07-14 53760]
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-07-14 65536]
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [2009-07-14 46656]
S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-07-14 186960]
S3 kbdhid;Keyboard HID Driver; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-07-14 28160]
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]
S3 mouhid;Mouse HID Driver; C:\Windows\system32\DRIVERS\mouhid.sys [2009-07-14 26112]
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys [2009-07-14 130624]
S3 msahci;msahci; C:\Windows\system32\DRIVERS\msahci.sys [2009-07-14 27712]
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [2009-07-14 115792]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-07-14 162896]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]
S3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys [2009-07-14 267264]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys [2009-07-14 105024]
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [2009-07-14 117312]
S3 nvstor;nvstor; C:\Windows\system32\DRIVERS\nvstor.sys [2009-07-14 142416]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys [2009-07-14 62464]
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2009-07-14 31744]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [2009-07-14 85568]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys [2009-07-14 19968]
S3 sffdisk;SFF Storage Class Driver; C:\Windows\system32\DRIVERS\sffdisk.sys [2009-07-14 11264]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys [2009-07-14 12288]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys [2009-07-14 12800]
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [2009-07-14 40016]
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-07-14 71168]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2009-07-14 1285712]
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys [2009-07-14 30208]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys [2009-07-14 55888]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys [2009-07-14 57424]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\Windows\system32\DRIVERS\usbccgp.sys [2009-07-14 75264]
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys [2009-07-14 86016]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbohci.sys [2009-07-14 20480]
S3 usbprint;Microsoft USB PRINTER Class; C:\Windows\system32\DRIVERS\usbprint.sys [2009-07-14 19968]
S3 USBSTOR;USB Mass Storage Driver; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-07-14 74752]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2009-07-14 26112]
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys [2009-07-14 21632]
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]
S3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys [2009-07-14 22096]
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2009-07-14 16384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-09-30 733184]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; E:\Programy\NOD32\ekrn.exe [2009-11-16 735960]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-07-14 204800]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2009-07-14 1121280]
S3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2009-07-14 557056]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-07-14 94720]
S3 EhttpSrv;ESET HTTP Server; E:\Programy\NOD32\EHttpSrv.exe [2009-11-16 20680]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-16 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42856]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 878416]
S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-07-14 22528]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2009-07-14 12800]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2009-07-14 35840]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-07-14 452608]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-07-14 1202688]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 17 led 2010 11:45

I tento log vypadá čistý.

#5 Příspěvek od **Rudy** » 17 led 2010 11:52

Promiňte, něco jsem přehlédl. Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Carl114 · #6 Příspěvek od **Carl114** » 18 led 2010 13:15

To nic

. Zde tedy přikládám log (program spuštěn hned po startu s vypnutým NODem).

Kód: Vybrat vše

ComboFix 10-01-17.02 - Carl114 18.01.2010  12:51:50.1.1 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.420.1029.18.1024.511 [GMT 1:00]
Spuštěný z: c:\users\Carl114\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-527237240-1060284298-725345543-1006
c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

.
(((((((((((((((((((((((((   Soubory vytvořené od 2009-12-18 do 2010-01-18  )))))))))))))))))))))))))))))))
.

2010-01-18 11:59 . 2010-01-18 12:00	--------	d-----w-	c:\users\Carl114\AppData\Local\temp
2010-01-18 11:59 . 2010-01-18 11:59	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-01-16 17:12 . 2010-01-16 17:12	--------	d-----w-	c:\users\Carl114\AppData\Local\GHISLER
2010-01-16 15:39 . 2010-01-17 00:01	--------	d-----w-	C:\rsit
2010-01-16 15:13 . 2010-01-16 15:13	--------	d-----w-	c:\users\Carl114\AppData\Local\ESET
2010-01-16 13:45 . 2010-01-16 13:45	--------	d-----w-	c:\users\Carl114\AppData\Local\Opera
2010-01-16 13:17 . 2010-01-16 13:17	--------	d-----w-	c:\program files\Adobe Media Player
2010-01-16 13:14 . 2010-01-16 13:14	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2010-01-16 12:24 . 2010-01-18 11:48	--------	d-----w-	c:\program files\Common Files\Akamai
2010-01-16 12:12 . 2010-01-16 14:32	--------	d-----w-	c:\programdata\FLEXnet
2010-01-16 12:06 . 2010-01-16 12:06	--------	d-----w-	c:\programdata\ALM
2010-01-16 11:55 . 2010-01-16 12:15	--------	d-----w-	c:\users\Carl114\AppData\Local\Adobe
2010-01-16 11:54 . 2010-01-16 11:54	--------	d-----w-	c:\program files\Common Files\Macrovision Shared
2010-01-16 11:15 . 2010-01-16 13:18	--------	d-----w-	c:\program files\Common Files\Adobe
2010-01-15 23:28 . 2007-06-27 13:42	207488	----a-w-	c:\windows\system32\drivers\vinyl97.sys
2010-01-15 21:28 . 2009-03-10 13:03	10975264	----a-w-	c:\windows\system32\RTLCPL.EXE
2010-01-15 21:28 . 2009-03-10 13:03	604704	----a-w-	c:\windows\SOUNDMAN.EXE
2010-01-15 21:28 . 2009-03-10 13:03	154144	----a-w-	c:\windows\system32\RTLCPAPI.dll
2010-01-15 21:28 . 2009-03-10 13:03	965664	----a-w-	c:\windows\system32\RtkPgExt.dll
2010-01-15 21:28 . 2009-03-10 13:03	141856	----a-w-	c:\windows\system32\RtkCfg.dll
2010-01-15 21:28 . 2009-03-10 13:03	2510368	----a-w-	c:\windows\system32\RtkAPO.dll
2010-01-15 21:28 . 2010-01-15 23:31	319488	----a-w-	c:\windows\HideWin.exe
2010-01-15 21:22 . 2010-01-15 21:22	--------	d-----w-	c:\program files\Common Files\DVDVideoSoft
2010-01-15 21:20 . 2010-01-16 14:13	--------	d-----w-	c:\users\Carl114\AppData\Roaming\Apple Computer
2010-01-15 21:20 . 2010-01-16 14:13	--------	d-----w-	c:\users\Carl114\AppData\Local\Apple Computer
2010-01-15 21:20 . 2010-01-15 21:20	--------	dc----w-	c:\windows\system32\DRVSTORE
2010-01-15 21:20 . 2009-05-18 13:17	26600	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2010-01-15 21:20 . 2008-04-17 12:12	107368	----a-w-	c:\windows\system32\GEARAspi.dll
2010-01-15 21:19 . 2010-01-15 21:19	--------	d-----w-	c:\programdata\RoboForm
2010-01-15 21:19 . 2010-01-15 21:19	--------	d-----w-	c:\program files\iPod
2010-01-15 21:19 . 2010-01-15 21:20	--------	d-----w-	c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-01-15 21:17 . 2010-01-15 21:17	--------	d-----w-	c:\program files\Bonjour
2010-01-15 21:16 . 2010-01-15 21:17	--------	d-----w-	c:\program files\QuickTime
2010-01-15 21:16 . 2010-01-15 21:16	--------	d-----w-	c:\program files\Siber Systems
2010-01-15 21:11 . 2010-01-16 12:12	57560	----a-w-	c:\users\Carl114\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-15 21:11 . 2010-01-15 21:11	--------	d-----w-	c:\users\Carl114\AppData\Roaming\ATI
2010-01-15 21:11 . 2010-01-15 21:11	--------	d-----w-	c:\users\Carl114\AppData\Local\ATI
2010-01-15 21:11 . 2010-01-15 21:11	--------	d-----w-	c:\programdata\ATI
2010-01-15 21:08 . 2010-01-15 21:08	10134	----a-r-	c:\users\Carl114\AppData\Roaming\Microsoft\Installer\{AC9BAC65-97AC-4F3F-23A0-706169424F59}\ARPPRODUCTICON.exe
2010-01-15 21:08 . 2010-01-15 21:11	--------	d-----w-	c:\program files\ATI Technologies
2010-01-15 21:08 . 2010-01-15 21:08	--------	d-----w-	c:\program files\ATI
2010-01-15 17:32 . 2010-01-15 17:32	--------	d-----w-	c:\users\Carl114\AppData\Roaming\Media Player Classic
2010-01-15 17:23 . 2010-01-15 23:28	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-01-15 17:18 . 2010-01-15 21:19	--------	d-----w-	c:\programdata\Apple Computer
2010-01-15 17:17 . 2010-01-15 21:19	--------	d-----w-	c:\program files\Common Files\Apple
2010-01-15 17:16 . 2010-01-15 17:16	--------	d-----w-	c:\users\Carl114\AppData\Local\Apple
2010-01-15 17:16 . 2010-01-15 17:16	--------	d-----w-	c:\programdata\Apple
2010-01-15 17:16 . 2010-01-15 17:16	--------	d-----w-	c:\program files\Apple Software Update
2010-01-15 15:53 . 2010-01-15 15:53	--------	d-----w-	c:\windows\system32\Macromed
2010-01-15 15:29 . 2010-01-15 23:44	--------	d-----w-	c:\program files\VIA
2010-01-15 15:12 . 2010-01-15 17:22	--------	d-----w-	c:\program files\Common Files\InstallShield
2010-01-15 14:48 . 2009-12-12 14:15	178176	----a-w-	c:\windows\system32\unrar.dll
2010-01-15 14:48 . 2004-01-25 16:18	217088	----a-w-	c:\windows\system32\yv12vfw.dll
2010-01-15 14:48 . 2009-05-29 21:37	205824	----a-w-	c:\windows\system32\xvidvfw.dll
2010-01-15 14:48 . 2009-05-29 21:31	881664	----a-w-	c:\windows\system32\xvidcore.dll
2010-01-15 14:47 . 2010-01-04 18:00	85504	----a-w-	c:\windows\system32\ff_vfw.dll
2010-01-15 14:46 . 2010-01-15 14:46	--------	d-----w-	c:\users\Carl114\AppData\Roaming\PSpad
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\UC.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\RAR.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\PKZIP.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\PKUNZIP.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\NOCLOSE.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\LHA.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\ARJ.PIF
2010-01-15 14:45 . 2010-01-15 20:52	--------	d-----w-	c:\users\Carl114\AppData\Roaming\GHISLER
2010-01-15 14:38 . 2010-01-15 14:38	--------	d-----w-	c:\users\Carl114\AppData\Roaming\Uniblue
2010-01-15 14:14 . 2010-01-15 14:14	--------	d-----w-	c:\users\Carl114\AppData\Local\Mozilla
2010-01-15 14:11 . 2009-11-02 19:42	195456	------w-	c:\windows\system32\MpSigStub.exe
2010-01-15 14:09 . 2010-01-16 13:20	--------	d-sh--w-	c:\windows\Installer
2010-01-15 13:59 . 2010-01-18 11:57	--------	d-----w-	c:\windows\system32\wbem\Performance
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-----w-	C:\Recovery
2010-01-15 13:50 . 2010-01-15 13:50	0	----a-w-	c:\windows\ativpsrm.bin
2010-01-15 13:46 . 2010-01-15 13:54	--------	d-----w-	c:\windows\Panther

.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-18 11:57 . 2009-07-14 08:44	622422	----a-w-	c:\windows\system32\perfh005.dat
2010-01-18 11:57 . 2009-07-14 08:44	118604	----a-w-	c:\windows\system32\perfc005.dat
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Plocha
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Oblíbené položky
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Šablony
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Nabídka Start
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Dokumenty
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Data aplikací
2009-11-16 08:06 . 2009-11-16 08:06	95896	----a-w-	c:\windows\system32\drivers\epfwwfpr.sys
2009-11-16 08:03 . 2009-11-16 08:03	108792	----a-w-	c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56	116520	----a-w-	c:\windows\system32\drivers\eamon.sys
2009-11-12 16:07 . 2009-11-12 16:07	79144	----a-w-	c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-05 20:16 . 2009-11-05 20:16	73728	----a-w-	c:\programdata\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="e:\programy\NOD32\egui.exe" [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [14.7.2009 0:19 20992]
R2 ekrn;ESET Service;e:\programy\NOD32\ekrn.exe [16.11.2009 9:04 735960]
R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [16.11.2009 9:06 95896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: Přizpůsobit Menu - file://e:\programy\AiRoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://e:\programy\AiRoboForm\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://e:\programy\AiRoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://e:\programy\AiRoboForm\RoboFormComFillForms.html
FF - ProfilePath - c:\users\Carl114\AppData\Roaming\Mozilla\Firefox\Profiles\juh0f3q2.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - component: e:\programy\AiRoboForm\Firefox\components\rfproxy_31.dll
FF - plugin: e:\programy\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin2.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin3.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin4.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin5.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin6.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin7.dll

---- NASTAVENÍ FIREFOXU ----
e:\programy\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/rswin_3629.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/rswin_3629.dll"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-01-18  13:02:37
ComboFix-quarantined-files.txt  2010-01-18 12:02

Před spuštěním: Volných bajtů: 20 108 218 368
Po spuštění: Volných bajtů: 20 049 719 296

- - End Of File - - 175FE4CDC0910140209396ADF61A1D95

Edit: Po následném restartu se mi ukazují i normálně skryté složky (jako koš a podobně). Klikal jsem v možnostech složky, aby se nezobrazovali, ale nepomohlo to. Nevíte jak to vyřešit? Je to dost nepřehledné... viz obrázek: http://imgway.eu/get.php?img=16361

#7 Příspěvek od **Rudy** » 18 led 2010 18:04

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Driver::
Akamai

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.

Obrázek

Carl114 · #8 Příspěvek od **Carl114** » 09 úno 2010 23:59

Hotovo, promiňte za zdržení. Ještě dodám, že soubory jsou stále zobrazené. Zde přikládám log, který vyskočil po dokončení:

Kód: Vybrat vše

ComboFix 10-02-09.02 - Carl114 09.02.2010  23:35:33.2.1 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.420.1029.18.1024.641 [GMT 1:00]
Spuštěný z: c:\users\Carl114\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Carl114\Desktop\CFScript.txt
 * Rezidentní štít AV je zapnutý

.

(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
(((((((((((((((((((((((((((((((((((((((   Ovladače/Služby   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Akamai


(((((((((((((((((((((((((   Soubory vytvořené od 2010-01-09 do 2010-02-09  )))))))))))))))))))))))))))))))
.

2010-02-09 22:43 . 2010-02-09 22:43	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-02-09 22:43 . 2010-02-09 22:43	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-01-18 12:02 . 2010-02-09 22:45	--------	d-----w-	c:\users\Carl114\AppData\Local\temp
2010-01-16 17:12 . 2010-01-16 17:12	--------	d-----w-	c:\users\Carl114\AppData\Local\GHISLER
2010-01-16 15:39 . 2010-01-17 00:01	--------	d-----w-	C:\rsit
2010-01-16 15:13 . 2010-01-16 15:13	--------	d-----w-	c:\users\Carl114\AppData\Local\ESET
2010-01-16 13:45 . 2010-01-16 13:45	--------	d-----w-	c:\users\Carl114\AppData\Local\Opera
2010-01-16 13:17 . 2010-01-16 13:17	--------	d-----w-	c:\program files\Adobe Media Player
2010-01-16 13:14 . 2010-01-16 13:14	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2010-01-16 12:24 . 2010-02-09 22:26	--------	d-----w-	c:\program files\Common Files\Akamai
2010-01-16 12:12 . 2010-01-16 14:32	--------	d-----w-	c:\programdata\FLEXnet
2010-01-16 12:06 . 2010-01-16 12:06	--------	d-----w-	c:\programdata\ALM
2010-01-16 11:55 . 2010-01-16 12:15	--------	d-----w-	c:\users\Carl114\AppData\Local\Adobe
2010-01-16 11:54 . 2010-01-16 11:54	--------	d-----w-	c:\program files\Common Files\Macrovision Shared
2010-01-16 11:15 . 2010-01-16 13:18	--------	d-----w-	c:\program files\Common Files\Adobe
2010-01-15 23:28 . 2007-06-27 13:42	207488	----a-w-	c:\windows\system32\drivers\vinyl97.sys
2010-01-15 21:28 . 2009-03-10 13:03	10975264	----a-w-	c:\windows\system32\RTLCPL.EXE
2010-01-15 21:28 . 2009-03-10 13:03	604704	----a-w-	c:\windows\SOUNDMAN.EXE
2010-01-15 21:28 . 2009-03-10 13:03	154144	----a-w-	c:\windows\system32\RTLCPAPI.dll
2010-01-15 21:28 . 2009-03-10 13:03	965664	----a-w-	c:\windows\system32\RtkPgExt.dll
2010-01-15 21:28 . 2009-03-10 13:03	141856	----a-w-	c:\windows\system32\RtkCfg.dll
2010-01-15 21:28 . 2009-03-10 13:03	2510368	----a-w-	c:\windows\system32\RtkAPO.dll
2010-01-15 21:28 . 2010-01-15 23:31	319488	----a-w-	c:\windows\HideWin.exe
2010-01-15 21:22 . 2010-01-15 21:22	--------	d-----w-	c:\program files\Common Files\DVDVideoSoft
2010-01-15 21:20 . 2010-01-16 14:13	--------	d-----w-	c:\users\Carl114\AppData\Roaming\Apple Computer
2010-01-15 21:20 . 2010-01-16 14:13	--------	d-----w-	c:\users\Carl114\AppData\Local\Apple Computer
2010-01-15 21:20 . 2010-01-15 21:20	--------	dc----w-	c:\windows\system32\DRVSTORE
2010-01-15 21:20 . 2009-05-18 13:17	26600	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2010-01-15 21:20 . 2008-04-17 12:12	107368	----a-w-	c:\windows\system32\GEARAspi.dll
2010-01-15 21:19 . 2010-01-15 21:19	--------	d-----w-	c:\programdata\RoboForm
2010-01-15 21:19 . 2010-01-15 21:19	--------	d-----w-	c:\program files\iPod
2010-01-15 21:19 . 2010-01-15 21:20	--------	d-----w-	c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-01-15 21:17 . 2010-01-15 21:17	--------	d-----w-	c:\program files\Bonjour
2010-01-15 21:16 . 2010-01-15 21:17	--------	d-----w-	c:\program files\QuickTime
2010-01-15 21:16 . 2010-01-15 21:16	--------	d-----w-	c:\program files\Siber Systems
2010-01-15 21:11 . 2010-01-16 12:12	57560	----a-w-	c:\users\Carl114\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-15 21:11 . 2010-01-15 21:11	--------	d-----w-	c:\users\Carl114\AppData\Roaming\ATI
2010-01-15 21:11 . 2010-01-15 21:11	--------	d-----w-	c:\users\Carl114\AppData\Local\ATI
2010-01-15 21:11 . 2010-01-15 21:11	--------	d-----w-	c:\programdata\ATI
2010-01-15 21:08 . 2010-01-15 21:08	10134	----a-r-	c:\users\Carl114\AppData\Roaming\Microsoft\Installer\{AC9BAC65-97AC-4F3F-23A0-706169424F59}\ARPPRODUCTICON.exe
2010-01-15 21:08 . 2010-01-15 21:11	--------	d-----w-	c:\program files\ATI Technologies
2010-01-15 21:08 . 2010-01-15 21:08	--------	d-----w-	c:\program files\ATI
2010-01-15 17:32 . 2010-01-15 17:32	--------	d-----w-	c:\users\Carl114\AppData\Roaming\Media Player Classic
2010-01-15 17:23 . 2010-01-15 23:28	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-01-15 17:18 . 2010-01-15 21:19	--------	d-----w-	c:\programdata\Apple Computer
2010-01-15 17:17 . 2010-01-15 21:19	--------	d-----w-	c:\program files\Common Files\Apple
2010-01-15 17:16 . 2010-01-15 17:16	--------	d-----w-	c:\users\Carl114\AppData\Local\Apple
2010-01-15 17:16 . 2010-01-15 17:16	--------	d-----w-	c:\programdata\Apple
2010-01-15 17:16 . 2010-01-15 17:16	--------	d-----w-	c:\program files\Apple Software Update
2010-01-15 15:53 . 2010-01-15 15:53	--------	d-----w-	c:\windows\system32\Macromed
2010-01-15 15:29 . 2010-01-15 23:44	--------	d-----w-	c:\program files\VIA
2010-01-15 15:12 . 2010-01-15 17:22	--------	d-----w-	c:\program files\Common Files\InstallShield
2010-01-15 14:48 . 2009-12-12 14:15	178176	----a-w-	c:\windows\system32\unrar.dll
2010-01-15 14:48 . 2004-01-25 16:18	217088	----a-w-	c:\windows\system32\yv12vfw.dll
2010-01-15 14:48 . 2009-05-29 21:37	205824	----a-w-	c:\windows\system32\xvidvfw.dll
2010-01-15 14:48 . 2009-05-29 21:31	881664	----a-w-	c:\windows\system32\xvidcore.dll
2010-01-15 14:47 . 2010-01-04 18:00	85504	----a-w-	c:\windows\system32\ff_vfw.dll
2010-01-15 14:46 . 2010-01-15 14:46	--------	d-----w-	c:\users\Carl114\AppData\Roaming\PSpad
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\UC.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\RAR.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\PKZIP.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\PKUNZIP.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\NOCLOSE.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\LHA.PIF
2010-01-15 14:45 . 2009-09-24 06:50	545	----a-w-	c:\windows\ARJ.PIF
2010-01-15 14:45 . 2010-01-15 20:52	--------	d-----w-	c:\users\Carl114\AppData\Roaming\GHISLER
2010-01-15 14:38 . 2010-01-15 14:38	--------	d-----w-	c:\users\Carl114\AppData\Roaming\Uniblue
2010-01-15 14:14 . 2010-01-15 14:14	--------	d-----w-	c:\users\Carl114\AppData\Local\Mozilla
2010-01-15 14:11 . 2009-11-02 19:42	195456	------w-	c:\windows\system32\MpSigStub.exe
2010-01-15 14:09 . 2010-01-16 13:20	--------	d-sh--w-	c:\windows\Installer
2010-01-15 13:59 . 2010-02-09 22:30	--------	d-----w-	c:\windows\system32\wbem\Performance
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-----w-	C:\Recovery
2010-01-15 13:50 . 2010-01-15 13:50	0	----a-w-	c:\windows\ativpsrm.bin
2010-01-15 13:46 . 2010-01-15 13:54	--------	d-----w-	c:\windows\Panther

.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-09 22:30 . 2009-07-14 08:44	622422	----a-w-	c:\windows\system32\perfh005.dat
2010-02-09 22:30 . 2009-07-14 08:44	118604	----a-w-	c:\windows\system32\perfc005.dat
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Plocha
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Oblíbené položky
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Šablony
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Nabídka Start
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Dokumenty
2010-01-15 13:54 . 2010-01-15 13:54	--------	d-sh--we	c:\programdata\Data aplikací
2009-11-16 08:06 . 2009-11-16 08:06	95896	----a-w-	c:\windows\system32\drivers\epfwwfpr.sys
2009-11-16 08:03 . 2009-11-16 08:03	108792	----a-w-	c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56	116520	----a-w-	c:\windows\system32\drivers\eamon.sys
2009-11-12 16:07 . 2009-11-12 16:07	79144	----a-w-	c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((   SnapShot@2010-01-18_12.00.08   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-09 19:14 . 2010-02-09 19:14	53164              c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2010-01-15 20:50 . 2010-02-09 12:04	15806              c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2010-02-09 18:09	34252              c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-15 14:30 . 2010-02-09 22:45	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-15 14:30 . 2010-01-18 11:48	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-15 14:30 . 2010-01-18 11:48	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-15 14:30 . 2010-02-09 22:45	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-15 14:30 . 2010-02-09 22:45	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-15 14:30 . 2010-01-18 11:48	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-15 14:30 . 2010-02-09 22:45	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-15 14:30 . 2010-01-18 11:48	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-16 16:11 . 2010-02-09 22:06	32768              c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-16 16:11 . 2010-01-18 11:50	32768              c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-16 16:11 . 2010-02-09 22:06	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
- 2010-01-16 16:11 . 2010-01-18 11:50	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
- 2010-01-16 16:11 . 2010-01-18 11:50	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
+ 2010-01-16 16:11 . 2010-02-09 22:06	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
+ 2010-01-15 14:30 . 2010-02-09 22:45	32768              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-15 14:30 . 2010-01-18 11:50	32768              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-15 14:30 . 2010-02-09 22:45	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-15 14:30 . 2010-01-18 11:48	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-15 17:04 . 2010-02-09 12:04	3596              c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1322365796-685927806-935002929-1001_UserData.bin
+ 2010-02-09 22:25 . 2010-02-09 22:45	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-01-18 11:47 . 2010-01-18 11:47	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-01-18 11:47 . 2010-01-18 11:47	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-02-09 22:25 . 2010-02-09 22:45	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:05 . 2010-01-18 11:57	606992              c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2010-02-09 22:30	606992              c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2010-01-18 11:57	103370              c:\windows\System32\perfc009.dat
+ 2009-07-14 02:05 . 2010-02-09 22:30	103370              c:\windows\System32\perfc009.dat
- 2009-07-14 02:03 . 2010-01-18 11:58	6553600              c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:03 . 2010-02-09 18:18	6553600              c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="e:\programy\NOD32\egui.exe" [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [16.11.2009 9:06 95896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: Přizpůsobit Menu - file://e:\programy\AiRoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://e:\programy\AiRoboForm\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://e:\programy\AiRoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://e:\programy\AiRoboForm\RoboFormComFillForms.html
FF - ProfilePath - c:\users\Carl114\AppData\Roaming\Mozilla\Firefox\Profiles\juh0f3q2.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - component: e:\programy\AiRoboForm\Firefox\components\rfproxy_31.dll
FF - plugin: e:\programy\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin2.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin3.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin4.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin5.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin6.dll
FF - plugin: e:\programy\Opera\program\plugins\npqtplugin7.dll

---- NASTAVENÍ FIREFOXU ----
e:\programy\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
e:\programy\NOD32\ekrn.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2010-02-09  23:49:39 - počítač byl restartován
ComboFix-quarantined-files.txt  2010-02-09 22:49
ComboFix2.txt  2010-01-18 12:02

Před spuštěním: Volných bajtů: 18 583 515 136
Po spuštění: Volných bajtů: 18 433 093 632

- - End Of File - - 88176ED819FE6951BA80BF0058C1D647

#9 Příspěvek od **Rudy** » 10 úno 2010 18:51

Smazáno, log již vypadá čistý.

Carl114 · #10 Příspěvek od **Carl114** » 10 úno 2010 21:24

Poradil by jste mi když tak jak se zbavit těch složek? Dřív tam nebyli, ale od doby spuštění se stále zobrazují. Všechno je pak nepřehledné. Obnovil jsem nastavení složek (viditelnost atd) na standardní, ale i to nepomohlo.

#11 Příspěvek od **Rudy** » 10 úno 2010 21:52

Jinak, nežli přes "Možnosti složky" to nepůjde.

Carl114 · #12 Příspěvek od **Carl114** » 10 úno 2010 22:11

Nebyl by nějaký tip? Nikdy se mi to ještě nestalo a nějak moc nevím, co ta aplikace přesně dělala takže ani nevím jak to vrátit zpět.

#13 Příspěvek od **Rudy** » 10 úno 2010 22:21

Možnosti složky si otevřete z ovl. panelů a zaškrtnete "Nezobrazovat skryté a systémové složky".

Carl114 · #14 Příspěvek od **Carl114** » 11 úno 2010 12:56

To právě nepomohlo. Tak jsem prošel vlastnosti všech složek, které by měli být skryté a skryl je. Asi při čištění se atribut skrýt odznačil. Již je vše v pořádku. Pokud je tedy log čistý - děkuji

.

#15 Příspěvek od **Rudy** » 11 úno 2010 18:32

Můžete se pokusit problém opravit pomocí TuneUp: http://www.stahuj.centrum.cz/utility_a_ ... utilities/ . Nemáte zač!

VIRY.CZ

Po odstranění černé obrazovky

Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky

Re: Po odstranění černé obrazovky