BSOD Win 7 (ntoskrnl.exe)

Zpráva

Madnessvk · #1 Příspěvek od **Madnessvk** » 21 srp 2011 23:59

Zdravím mam new pc, cca 4 dni. A už asi 5 krát som preinštaloval win no stále mi hádže BSOD kôli nejakékemu ntoskrnl.exe a už neviem čo mám robiť. Mám tam win 7 professional 64-bit. Budem naozaj veľmi rád ak mi dokáže niekto pomôcť

Vopred Ďakujem.

Zostava:

AMD Phenom X4 955 BE 3.2 GHz
Ati Radeon HD 6850
MSI 870A-G54
2x2 GB DDR3 Kingston Kit
Corsair CX500
WD Barracuda 1TB

Screen z BlueScreenView:

Obrázek

MiliNess · #2 Příspěvek od **MiliNess** » 22 srp 2011 00:48

Upni soubory z Windows\Minidump na http://www.leteckaposta.cz
Dále stáhni GoldMemory, vypal ISO na CD jako obraz disku, nabootuj z něho a spusť test paměti.
Nejspíše to bude HW závada.
Předpokládám, že se jedná o originální OS a nenatáhl sis do systému hned po instalaci nějaké potvory, prostřednictvím KeyGenů a cracků.

Madnessvk · #3 Příspěvek od **Madnessvk** » 22 srp 2011 01:05

Tu sú tie súbory z Minidump:

Kód: Vybrat vše

http://leteckaposta.cz/235797741

Idem ešte otestovať tú ramku.

//EDIT: RAMky som otestoval a žiadny Error to nenašlo, síce bol ten program niaky divný a furt mi tam niečo blikalo že nie je registrovaný, ale myslím že to error nenašlo. Nie je z toho testu nejaký log keďtak v PC ? + Som tie RAMky skúšal aj tak že jednu som vytiahol a nechal som v PC len jednu a opačne že som ju vytiahol a hodil tam zas druhu len samostatne a aj tak to hádzalo BSOD.. A myslím že je dosť malá šanca aby boli obi dve pototo .. Či ? Kde môže byť potom problém keď nie v RAM ?

MiliNess · #4 Příspěvek od **MiliNess** » 22 srp 2011 08:49

Paměti se to tedy zřejmě týkat nebude.
Spusť ještě Verifier:

Spustit->napište "verifier"->OK->Vytvořit uživatelské nastavení->Vybrat individuální nastavení z úplného seznamu->mimo "Simulace nedostatku prostředků" zatrhněte vše->vybrat ovladače ze seznamu->vyberte vše, co není od Microsoftu->Dokončit->restartujte PC

Pokud verifier narazí na nějaký problém, objeví se BSOD a dojde k restartu počítače. Ve složce Windows\Minidump by se měl vytvořit nový výpis paměti, který mi upněte.
Pokud by k BSOD docházelo už při startu OS a nedařilo se i po několika restartech zavést systém,
spusťte nouzový režim (mačkání F8 při startu PC)
Tam spusťte Verifier a zvolte "Odstranit existující nastavení->Dokončit->restart PC.
Detekce chyby může trvat několik hodin i dní

Dále spusť CrystalDiskInfo, v nabídce Úpravy zvol Kopírovat a obsah schránky sem vlož pomocí Ctrl+V.

Také poprosím kolegyni, aby se podívala po potvorách

#5 Příspěvek od **motji** » 22 srp 2011 09:04

Hezké dopoledne

Poprosím o log ze rsitu, viz můj podpis

Madnessvk · #6 Příspěvek od **Madnessvk** » 22 srp 2011 12:10

Neviem čo sa stalo ale zrazu mi nejde zapnúť PC. Resp. PC beží ale obrazovka nejde ... Nič som z PC nerobil akurat som v noci dokončil ten test ramky a vypol som ho natvrdo cez zdroj, lebo vždy keď ho vypnem cez win tak hodi BSOD a restart ..
A všimol som si že teraz ako mi nejde zapnúť tak mi na základovke svieti niaka kontrolka na červeno + modrá dioda, čo za normálnych okolností nesvietia ...

Screen:

Obrázek

Dosku mám presne túto:

Kód: Vybrat vše

http://www.alza.sk/msi-870a-g54-d167619.htm#foto

//EDIT: Už mi to ide, zapol som ho, nechal som ho asi minutku bežať a podržal som tlačítko na reštart tvrdý a zrazu nabehla obrazovka Idem spraviť to čo ste mi kázali .. Tie testy a RSIT

Ten Verifier mi nešiel spustiť.. vyhodilo mi to okno (ani v safe mode):

Obrázek

Crystal Disk Info :

Kód: Vybrat vše

----------------------------------------------------------------------------
CrystalDiskInfo 4.0.2 (C) 2008-2011 hiyohiyo
                                Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7  [6.1 Build 7600] (x64)
  Date : 2011/08/22 13:39:59

-- Controller Map ----------------------------------------------------------
 + PCI Standardní dvoukanálový řadič IDE [ATA]
   - ATA Channel 0 (0)
   - ATA Channel 1 (1)
 + PCI Standardní dvoukanálový řadič IDE [ATA]
   - ATA Channel 0 (0)
   - ATA Channel 1 (1)
 + PCI Standardní dvoukanálový řadič IDE [ATA]
   + ATA Channel 0 (0)
     - HL-DT-ST DVDRAM GSA-4167B ATA Device
     - ST31000524AS ATA Device
   - ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
 (1) ST31000524AS : 1000.2 GB [0-0-0, pd1]

----------------------------------------------------------------------------
 (1) ST31000524AS
----------------------------------------------------------------------------
           Model : ST31000524AS
        Firmware : JC45
   Serial Number : 6VPC796V
       Disk Size : 1000.2 GB (8.4/137.4/1000.2)
     Buffer Size : Neznámy údaj
     Queue Depth : 32
    # of Sectors : 1953525168
   Rotation Rate : 7200 RPM
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ATA8-ACS version 4
   Transfer Mode : SATA/600
  Power On Hours : 19 hod.
  Power On Count : 56 krát
     Temparature : 33 C (91 F)
   Health Status : Dobrý
        Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
       APM Level : ----
       AAM Level : D0D0h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 118 _99 __6 00000AAF146C Počet chyb čtení
03 100 100 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 000000000051 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _61 _60 _30 00000014DF19 Počet chybných hledání
09 100 100 __0 000000000013 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 000000000038 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _67 _52 _45 0000211C0021 Teplota toku vzduchu
C2 _33 _48 __0 001900000021 Teplota
C3 _47 _46 __0 00000AAF146C Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 E7910000008E Čas nastavování hlaviček - v hodinách
F1 100 253 __0 000023B8D6EB Specifický pro výrobce
F2 100 253 __0 0000BF80581A Specifický pro výrobce

-- IDENTIFY_DEVICE ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0C 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 36 56 50 43 37 39 36 56 00 00 00 00 00 04 4A 43
030: 34 35 20 20 20 20 53 54 33 31 30 30 30 35 32 34
040: 41 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 05 0E 00 06 00 48 00 40
0A0: 01 F0 00 29 34 6B 7F 01 41 63 34 69 BE 01 41 63
0B0: 40 7F 00 55 00 55 00 00 FF FE 00 00 D0 D0 00 00
0C0: 00 00 00 00 00 00 00 00 6D B0 74 70 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 00 C5 00 32 FE 2A 1C
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1E
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 6D B0 74 70 6D B0 74 70 20 20 00 02 01 40
110: 01 00 50 00 3C 06 3C 0A 00 00 00 3C 00 00 00 08
120: 00 00 00 00 00 4F 02 80 00 00 00 00 00 08 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 3F 00 98 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 10 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 1C 20 00 00 00 00 00 00 00 00 10 10 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 56 A5

RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pato at 2011-08-22 13:43:01
Microsoft Windows 7 Professional
System drive C: has 886 GB (93%) free of 954 GB
Total RAM: 4095 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:43:04, on 22.8.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\QIP Infium\infium.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Pato.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP Infium\infium.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6483 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ac773b6a-70df-40fc-a301-43eb15a733c9 -SystemEventPortName:HostProcess-b083cae8-51ee-471b-9bc9-716f85c22f4e -IoCancelEventPortName:HostProcess-bbe2fb59-d650-481c-848b-444935214ca0 -NonStateChangingEventPortName:HostProcess-f91d7953-4bc8-4e4b-8b18-3fe3385365f7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:34c3d30c-fc56-409b-96b6-c6bba45334af
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
"C:\Program Files (x86)\QIP Infium\infium.exe" /autorun
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
taskeng.exe {24D784FA-8E17-44DC-8ED2-44BBCAB00734}
"C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3680.fb7dd50.1520282732 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.6.0 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 3680 "\\.\pipe\gecko-crash-server-pipe.3680" plugin
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Pato\Download\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qzb4wj0l.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/ig"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npwachk.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qzb4wj0l.default\extensions\
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll [2011-03-28 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll [2011-03-28 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll [2011-03-28 176936]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll [2011-03-28 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-05-03 11842152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2011-08-17 4527424]
"Infium"=C:\Program Files (x86)\QIP Infium\infium.exe [2010-10-25 5892560]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe [2011-01-25 303104]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-07-11 74752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-22 13:43:01 ----D---- C:\rsit
2011-08-22 13:43:01 ----D---- C:\Program Files\trend micro
2011-08-22 13:29:37 ----A---- C:\Windows\ntbtlog.txt
2011-08-22 00:45:51 ----D---- C:\Program Files (x86)\NirSoft
2011-08-21 01:11:00 ----D---- C:\Program Files (x86)\Winamp Detect
2011-08-21 01:10:56 ----D---- C:\Users\Pato\AppData\Roaming\Winamp
2011-08-21 01:10:56 ----D---- C:\Program Files (x86)\Winamp
2011-08-21 01:06:48 ----D---- C:\Program Files (x86)\LS
2011-08-21 01:04:43 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2011-08-21 01:04:43 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2011-08-21 01:04:43 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2011-08-21 01:04:43 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-08-21 01:04:43 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-08-21 01:04:43 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2011-08-21 01:04:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-08-21 01:04:42 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-08-21 01:04:40 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2011-08-21 01:04:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2011-08-21 01:04:40 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-08-21 01:04:40 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-08-21 01:04:39 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2011-08-21 01:04:39 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2011-08-21 01:04:39 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2011-08-21 01:04:39 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2011-08-21 01:04:39 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-08-21 01:04:39 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-08-21 01:04:39 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-08-21 01:04:39 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-08-21 01:04:38 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2011-08-21 01:04:38 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2011-08-21 01:04:38 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2011-08-21 01:04:38 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2011-08-21 01:04:38 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2011-08-21 01:04:38 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2011-08-21 01:04:38 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2011-08-21 01:04:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2011-08-21 01:04:38 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-08-21 01:04:38 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-08-21 01:04:38 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-08-21 01:04:38 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-08-21 01:04:38 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-08-21 01:04:38 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-08-21 01:04:38 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-08-21 01:04:38 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2011-08-21 01:04:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-08-21 01:04:37 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-08-21 01:04:36 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2011-08-21 01:04:36 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2011-08-21 01:04:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2011-08-21 01:04:36 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2011-08-21 01:04:36 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2011-08-21 01:04:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2011-08-21 01:04:36 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-08-21 01:04:36 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-08-21 01:04:36 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-08-21 01:04:36 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-08-21 01:04:36 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-08-21 01:04:36 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-08-21 01:04:35 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2011-08-21 01:04:35 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2011-08-21 01:04:35 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2011-08-21 01:04:35 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2011-08-21 01:04:35 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-08-21 01:04:35 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-08-21 01:04:35 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-08-21 01:04:35 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-08-21 01:04:34 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2011-08-21 01:04:34 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2011-08-21 01:04:34 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2011-08-21 01:04:34 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2011-08-21 01:04:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2011-08-21 01:04:34 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-08-21 01:04:34 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-08-21 01:04:34 ----A---- C:\Windows\system32\d3dx9_35.dll
2011-08-21 01:04:34 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-08-21 01:04:34 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-08-21 01:04:33 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2011-08-21 01:04:33 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2011-08-21 01:04:33 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2011-08-21 01:04:33 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2011-08-21 01:04:33 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2011-08-21 01:04:33 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2011-08-21 01:04:33 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2011-08-21 01:04:33 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2011-08-21 01:04:33 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2011-08-21 01:04:33 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2011-08-21 01:04:33 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-08-21 01:04:33 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-08-21 01:04:33 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-08-21 01:04:33 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-08-21 01:04:33 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-08-21 01:04:33 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-08-21 01:04:33 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-08-21 01:04:33 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-08-21 01:04:33 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-08-21 01:04:33 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-08-21 01:04:32 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2011-08-21 01:04:32 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2011-08-21 01:04:32 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2011-08-21 01:04:32 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2011-08-21 01:04:32 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2011-08-21 01:04:32 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2011-08-21 01:04:32 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2011-08-21 01:04:32 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2011-08-21 01:04:32 ----A---- C:\Windows\system32\xinput1_2.dll
2011-08-21 01:04:32 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-08-21 01:04:32 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-08-21 01:04:32 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-08-21 01:04:32 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-08-21 01:04:32 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-08-21 01:04:32 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-08-21 01:04:32 ----A---- C:\Windows\system32\d3dx10.dll
2011-08-21 01:04:31 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2011-08-21 01:04:31 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2011-08-21 01:04:31 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2011-08-21 01:04:31 ----A---- C:\Windows\system32\xinput1_1.dll
2011-08-21 01:04:31 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-08-21 01:04:31 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-08-21 01:04:30 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2011-08-21 01:04:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-08-21 01:04:29 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2011-08-21 01:04:29 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2011-08-21 01:04:29 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2011-08-21 01:04:29 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2011-08-21 01:04:29 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2011-08-21 01:04:29 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2011-08-21 01:04:29 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-08-21 01:04:29 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-08-21 01:04:29 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-08-21 01:04:29 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-08-21 01:04:29 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-08-21 01:04:29 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-08-21 01:04:28 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2011-08-21 01:04:28 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2011-08-21 01:04:28 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-08-21 01:04:28 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-08-21 00:55:50 ----D---- C:\Program Files (x86)\The Witcher 2 (CZ)
2011-08-20 17:56:47 ----D---- C:\Windows\Minidump
2011-08-20 14:49:10 ----D---- C:\Windows\Panther
2011-08-20 14:47:46 ----D---- C:\Program Files (x86)\Electronic Arts
2011-08-20 14:47:46 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2011-08-20 14:47:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2011-08-20 14:47:46 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-08-20 14:47:46 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-08-20 14:47:45 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2011-08-20 14:47:45 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2011-08-20 14:47:45 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2011-08-20 14:47:45 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-08-20 14:47:45 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-08-20 14:47:45 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-08-20 14:47:40 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2011-08-20 14:47:40 ----A---- C:\Windows\system32\xinput1_3.dll
2011-08-20 14:30:10 ----N---- C:\Windows\system32\MpSigStub.exe
2011-08-20 14:29:49 ----D---- C:\Program Files (x86)\FinalWire
2011-08-20 14:26:15 ----D---- C:\Program Files (x86)\ConduitEngine
2011-08-20 14:26:15 ----A---- C:\Windows\SYSWOW64\ConduitEngine.tmp
2011-08-20 14:26:14 ----D---- C:\Program Files (x86)\uTorrentBar
2011-08-20 14:26:12 ----D---- C:\Program Files (x86)\uTorrent
2011-08-20 14:25:48 ----D---- C:\Users\Pato\AppData\Roaming\uTorrent
2011-08-20 14:24:37 ----D---- C:\Users\Pato\AppData\Roaming\Macromedia
2011-08-20 14:24:37 ----D---- C:\Users\Pato\AppData\Roaming\Adobe
2011-08-20 14:24:34 ----D---- C:\Windows\SYSWOW64\Macromed
2011-08-20 14:23:23 ----D---- C:\Users\Pato\AppData\Roaming\Ashampoo
2011-08-20 14:23:21 ----D---- C:\Program Files (x86)\MyAshampoo
2011-08-20 14:23:21 ----D---- C:\Program Files (x86)\Conduit
2011-08-20 14:23:18 ----D---- C:\ProgramData\ashampoo
2011-08-20 14:23:06 ----D---- C:\Program Files (x86)\Ashampoo
2011-08-20 14:21:26 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-08-20 14:21:23 ----D---- C:\Program Files (x86)\DAEMON Tools Pro
2011-08-20 14:21:15 ----D---- C:\Users\Pato\AppData\Roaming\DAEMON Tools Pro
2011-08-20 14:21:15 ----D---- C:\ProgramData\DAEMON Tools Pro
2011-08-20 14:20:18 ----D---- C:\Program Files (x86)\QIP Infium
2011-08-20 14:19:07 ----D---- C:\Program Files\WinRAR
2011-08-20 14:15:34 ----RD---- C:\Pato
2011-08-20 14:14:46 ----D---- C:\Users\Pato\AppData\Roaming\WinRAR
2011-08-20 14:14:25 ----D---- C:\Program Files (x86)\SpeedFan
2011-08-20 14:13:38 ----D---- C:\Program Files\CCleaner
2011-08-20 14:12:32 ----D---- C:\Users\Pato\AppData\Roaming\ATI
2011-08-20 14:12:32 ----D---- C:\ProgramData\ATI
2011-08-20 14:10:13 ----D---- C:\Program Files (x86)\MSI
2011-08-20 14:09:42 ----D---- C:\Program Files (x86)\Renesas Electronics
2011-08-20 14:09:31 ----D---- C:\ProgramData\Downloaded Installations
2011-08-20 14:09:05 ----D---- C:\Windows\SYSWOW64\RTCOM
2011-08-20 14:08:51 ----A---- C:\Windows\system32\WavesGUILib.dll
2011-08-20 14:08:51 ----A---- C:\Windows\system32\SRSWOW64.dll
2011-08-20 14:08:51 ----A---- C:\Windows\system32\SRSTSX64.dll
2011-08-20 14:08:50 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2011-08-20 14:08:50 ----A---- C:\Windows\system32\SRSTSH64.dll
2011-08-20 14:08:50 ----A---- C:\Windows\system32\SRSHP64.dll
2011-08-20 14:08:50 ----A---- C:\Windows\system32\SFSS_APO.dll
2011-08-20 14:08:50 ----A---- C:\Windows\system32\SFNHK64.dll
2011-08-20 14:08:50 ----A---- C:\Windows\system32\SFCOM64.dll
2011-08-20 14:08:50 ----A---- C:\Windows\system32\SFAPO64.dll
2011-08-20 14:08:50 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2011-08-20 14:08:50 ----A---- C:\Windows\system32\RtkCfg64.dll
2011-08-20 14:08:50 ----A---- C:\Windows\system32\RtkApi64.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\RtPgEx64.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\RtkAPO64.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\RTEEP64A.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\RTEEL64A.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\RTEEG64A.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\RTEED64A.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\RTCOM64.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\RP3DHT64.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\RP3DAA64.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\RCoInst64.dll
2011-08-20 14:08:49 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2011-08-20 14:08:48 ----A---- C:\Windows\system32\RCoRes64.dat
2011-08-20 14:08:45 ----A---- C:\Windows\system32\R4EEP64A.dll
2011-08-20 14:08:45 ----A---- C:\Windows\system32\R4EEL64A.dll
2011-08-20 14:08:45 ----A---- C:\Windows\system32\R4EEG64A.dll
2011-08-20 14:08:45 ----A---- C:\Windows\system32\R4EED64A.dll
2011-08-20 14:08:45 ----A---- C:\Windows\system32\R4EEA64A.dll
2011-08-20 14:08:45 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2011-08-20 14:08:45 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll
2011-08-20 14:08:44 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2011-08-20 14:08:44 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2011-08-20 14:08:44 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2011-08-20 14:08:42 ----A---- C:\Windows\system32\FMAPO64.dll
2011-08-20 14:08:42 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\AERTAR64.dll
2011-08-20 14:08:41 ----A---- C:\Windows\system32\AERTAC64.dll
2011-08-20 14:08:39 ----R---- C:\Windows\RtlExUpd.dll
2011-08-20 14:07:51 ----D---- C:\Program Files\Realtek
2011-08-20 14:07:49 ----A---- C:\Windows\system32\RtkHDM64.dll
2011-08-20 14:07:49 ----A---- C:\Windows\system32\RTEEP64H.dll
2011-08-20 14:07:49 ----A---- C:\Windows\system32\drivers\RtHDMIVX.sys
2011-08-20 14:07:48 ----A---- C:\Windows\system32\RTEEL64H.dll
2011-08-20 14:07:48 ----A---- C:\Windows\system32\RTEEG64H.dll
2011-08-20 14:07:48 ----A---- C:\Windows\system32\RTEED64H.dll
2011-08-20 14:07:48 ----A---- C:\Windows\system32\RHDMEx64.dll
2011-08-20 14:07:48 ----A---- C:\Windows\system32\RHCoInst64.dll
2011-08-20 14:07:48 ----A---- C:\Windows\system32\RH3DHT64.dll
2011-08-20 14:07:48 ----A---- C:\Windows\system32\RH3DAA64.dll
2011-08-20 14:07:47 ----HD---- C:\Program Files (x86)\Temp
2011-08-20 14:06:53 ----A---- C:\Windows\system32\RTNUninst64.dll
2011-08-20 14:06:53 ----A---- C:\Windows\system32\RtNicProp64.dll
2011-08-20 14:06:53 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2011-08-20 14:06:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-08-20 14:06:48 ----D---- C:\Program Files (x86)\Realtek
2011-08-20 14:05:56 ----D---- C:\Program Files\DIFX
2011-08-20 14:05:54 ----DC---- C:\Windows\system32\DRVSTORE
2011-08-20 14:05:54 ----D---- C:\Program Files (x86)\AMD
2011-08-20 14:05:54 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2011-08-20 14:05:50 ----A---- C:\Windows\system32\drivers\AtiPcie.sys
2011-08-20 14:01:35 ----D---- C:\Users\Pato\AppData\Roaming\Mozilla
2011-08-20 14:01:29 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-20 14:01:02 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-08-20 14:00:55 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2011-08-20 13:59:50 ----A---- C:\Windows\SYSWOW64\atipblag.dat
2011-08-20 13:59:50 ----A---- C:\Windows\system32\coinst.dll
2011-08-20 13:59:50 ----A---- C:\Windows\system32\atipblag.dat
2011-08-20 13:59:50 ----A---- C:\Windows\system32\ATIDEMGX.dll
2011-08-20 13:59:21 ----D---- C:\Program Files (x86)\ATI Technologies
2011-08-20 13:59:19 ----SHD---- C:\Windows\Installer
2011-08-20 13:58:41 ----D---- C:\Program Files\ATI Technologies
2011-08-20 13:58:39 ----D---- C:\Program Files\ATI
2011-08-20 13:57:55 ----D---- C:\Windows\SoftwareDistribution
2011-08-20 13:56:03 ----D---- C:\Users\Pato\AppData\Roaming\Identities
2011-08-20 13:55:50 ----SD---- C:\Users\Pato\AppData\Roaming\Microsoft
2011-08-20 13:55:50 ----D---- C:\Users\Pato\AppData\Roaming\Media Center Programs
2011-08-20 13:54:51 ----SHD---- C:\Recovery
2011-08-20 13:54:51 ----SHD---- C:\ProgramData\Šablony
2011-08-20 13:54:51 ----SHD---- C:\ProgramData\Plocha
2011-08-20 13:54:51 ----SHD---- C:\ProgramData\Oblíbené položky
2011-08-20 13:54:51 ----SHD---- C:\ProgramData\Nabídka Start
2011-08-20 13:54:51 ----SHD---- C:\ProgramData\Dokumenty
2011-08-20 13:54:51 ----SHD---- C:\ProgramData\Data aplikací
2011-08-20 13:50:17 ----D---- C:\Windows\Prefetch
2011-08-20 13:49:46 ----SHD---- C:\System Volume Information
2011-08-20 13:49:46 ----ASH---- C:\pagefile.sys
2011-08-20 13:49:46 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2011-08-22 13:43:01 ----RD---- C:\Program Files
2011-08-22 13:43:01 ----D---- C:\Windows\Temp
2011-08-22 13:41:43 ----D---- C:\Windows\System32
2011-08-22 13:41:43 ----D---- C:\Windows\inf
2011-08-22 13:41:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-22 13:37:22 ----D---- C:\Windows
2011-08-22 00:45:51 ----RD---- C:\Program Files (x86)
2011-08-21 01:10:58 ----D---- C:\Program Files (x86)\Common Files
2011-08-21 01:04:53 ----D---- C:\Windows\SysWOW64
2011-08-21 01:04:31 ----RSD---- C:\Windows\assembly
2011-08-21 01:04:30 ----D---- C:\Windows\Microsoft.NET
2011-08-21 00:42:24 ----D---- C:\Windows\system32\wdi
2011-08-20 23:04:09 ----D---- C:\Windows\system32\config
2011-08-20 22:49:36 ----D---- C:\Windows\Logs
2011-08-20 20:06:57 ----D---- C:\Windows\system32\catroot2
2011-08-20 14:57:46 ----D---- C:\Windows\winsxs
2011-08-20 14:57:25 ----D---- C:\Windows\system32\catroot
2011-08-20 14:48:44 ----D---- C:\Windows\Setup
2011-08-20 14:39:19 ----D---- C:\Windows\system32\Tasks
2011-08-20 14:23:21 ----RD---- C:\Users
2011-08-20 14:23:18 ----HD---- C:\ProgramData
2011-08-20 14:21:42 ----D---- C:\Windows\system32\drivers
2011-08-20 14:21:41 ----D---- C:\Windows\system32\DriverStore
2011-08-20 14:13:06 ----SD---- C:\ProgramData\Microsoft
2011-08-20 14:13:04 ----D---- C:\Windows\system32\drivers\UMDF
2011-08-20 14:05:35 ----D---- C:\Windows\system32\CodeIntegrity
2011-08-20 14:05:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-08-20 14:01:02 ----D---- C:\Program Files\Common Files
2011-08-20 13:59:54 ----D---- C:\Windows\system32\restore
2011-08-20 13:56:01 ----SHD---- C:\$Recycle.Bin
2011-08-20 13:54:51 ----D---- C:\Program Files\Windows NT
2011-08-20 13:54:41 ----D---- C:\Windows\rescache
2011-08-20 13:54:26 ----D---- C:\Windows\debug
2011-08-20 13:52:58 ----D---- C:\Windows\system32\sysprep
2011-08-20 13:50:13 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-20 271424]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-08-18 27808]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-09-29 7883264]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-29 285696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-05-03 2854504]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-11-23 300648]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-08-16 116240]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-29 203264]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

#7 Příspěvek od **motji** » 22 srp 2011 20:43

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

MiliNess · #8 Příspěvek od **MiliNess** » 22 srp 2011 22:54

Já jsem narychlo skočím:
1)V Ovládací panely->Nástroje pro správu->Prohlížeč událostí->Protokoly systému Windows->klikněte pravým myšítkem na protokol Systém a Aplikace, vyberte Uložit všechny události jako, uložte to jako .evtx soubory a ty upněte na http://www.leteckaposta.cz
2)Odinstalujte Daemon Tools

Madnessvk · #9 Příspěvek od **Madnessvk** » 22 srp 2011 23:22

Tu sú tie Protokoly Systému windows:

Kód: Vybrat vše

http://leteckaposta.cz/272937447

A tu je ten log z combofixu:

ComboFix 11-08-22.04 - Pato 23.08.2011 0:17.1.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4095.3286 [GMT 2:00]
Spuštěný z: c:\users\Pato\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-22 do 2011-08-22 )))))))))))))))))))))))))))))))
.
.
2011-08-22 22:19 . 2011-08-22 22:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-22 11:43 . 2011-08-22 11:43 -------- d-----w- C:\rsit
2011-08-22 11:43 . 2011-08-22 11:43 -------- d-----w- c:\program files\trend micro
2011-08-21 22:45 . 2011-08-21 22:45 -------- d-----w- c:\program files (x86)\NirSoft
2011-08-20 23:11 . 2011-08-20 23:11 -------- d-----w- c:\program files (x86)\Winamp Detect
2011-08-20 23:10 . 2011-08-20 23:10 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-08-20 23:10 . 2011-08-20 23:11 -------- d-----w- c:\program files (x86)\Winamp
2011-08-20 23:06 . 2011-08-20 23:06 -------- d-----w- c:\program files (x86)\LS
2011-08-20 22:55 . 2011-08-21 00:33 -------- d-----w- c:\program files (x86)\The Witcher 2 (CZ)
2011-08-20 12:49 . 2011-08-20 11:55 -------- d-----w- c:\windows\Panther
2011-08-20 12:30 . 2011-08-16 06:48 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E9508B6-BAF0-44A2-A591-68473C4BEDBC}\mpengine.dll
2011-08-20 12:30 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-08-20 12:29 . 2011-08-20 12:29 -------- d-----w- c:\program files (x86)\FinalWire
2011-08-20 12:26 . 2011-08-20 12:26 0 ----a-w- c:\windows\SysWow64\ConduitEngine.tmp
2011-08-20 12:26 . 2011-08-20 12:26 -------- d-----w- c:\program files (x86)\uTorrent
2011-08-20 12:24 . 2011-08-20 12:24 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-20 12:24 . 2011-08-20 12:24 -------- d-----w- c:\windows\SysWow64\Macromed
2011-08-20 12:23 . 2011-08-20 12:23 -------- d-----w- c:\users\AppData
2011-08-20 12:23 . 2011-08-20 12:23 -------- d-----w- c:\program files (x86)\MyAshampoo
2011-08-20 12:23 . 2011-08-20 12:23 -------- d-----w- c:\program files (x86)\Conduit
2011-08-20 12:23 . 2011-08-20 12:23 -------- d-----w- c:\programdata\ashampoo
2011-08-20 12:23 . 2011-08-20 12:23 -------- d-----w- c:\program files (x86)\Ashampoo
2011-08-20 12:21 . 2011-08-20 12:21 271424 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-08-20 12:21 . 2011-08-20 12:21 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2011-08-20 12:21 . 2011-08-20 12:21 -------- d-----w- c:\programdata\DAEMON Tools Pro
2011-08-20 12:20 . 2011-08-20 12:20 -------- d-----w- c:\program files (x86)\QIP Infium
2011-08-20 12:15 . 2011-08-21 01:23 -------- d-----r- C:\Pato
2011-08-20 12:14 . 2011-08-20 12:14 -------- d-----w- c:\program files (x86)\SpeedFan
2011-08-20 12:13 . 2011-08-20 12:13 -------- d-----w- c:\program files\CCleaner
2011-08-20 12:12 . 2011-08-20 12:12 -------- d-----w- c:\programdata\ATI
2011-08-20 12:12 . 2011-08-20 12:12 0 ----a-w- c:\windows\ativpsrm.bin
2011-08-20 12:10 . 2011-08-20 12:10 -------- d-----w- c:\program files (x86)\MSI
2011-08-20 12:09 . 2011-08-20 12:09 -------- d-----w- c:\program files (x86)\Renesas Electronics
2011-08-20 12:09 . 2011-08-20 12:09 -------- d-----w- c:\programdata\Downloaded Installations
2011-08-20 12:09 . 2011-08-20 12:09 -------- d-----w- c:\windows\SysWow64\RTCOM
2011-08-20 12:07 . 2011-08-20 12:07 -------- d-----w- c:\program files\Realtek
2011-08-20 12:07 . 2010-11-23 10:33 300648 ----a-w- c:\windows\system32\drivers\RtHDMIVX.sys
2011-08-20 12:07 . 2010-11-18 07:01 2813544 ----a-w- c:\windows\system32\RtkHDM64.dll
2011-08-20 12:07 . 2010-11-07 23:31 372056 ----a-w- c:\windows\system32\RTEEP64H.dll
2011-08-20 12:07 . 2010-11-18 07:01 2185832 ----a-w- c:\windows\system32\RHDMEx64.dll
2011-08-20 12:07 . 2010-11-11 05:27 83048 ----a-w- c:\windows\system32\RHCoInst64.dll
2011-08-20 12:07 . 2010-11-07 23:31 97624 ----a-w- c:\windows\system32\RTEEL64H.dll
2011-08-20 12:07 . 2010-11-07 23:31 78680 ----a-w- c:\windows\system32\RTEEG64H.dll
2011-08-20 12:07 . 2010-11-07 23:31 310104 ----a-w- c:\windows\system32\RH3DHT64.dll
2011-08-20 12:07 . 2010-11-07 23:31 310104 ----a-w- c:\windows\system32\RH3DAA64.dll
2011-08-20 12:07 . 2010-11-07 23:31 204120 ----a-w- c:\windows\system32\RTEED64H.dll
2011-08-20 12:07 . 2011-08-20 12:09 -------- d--h--w- c:\program files (x86)\Temp
2011-08-20 12:07 . 2011-08-20 12:07 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2011-08-20 12:06 . 2011-03-21 13:22 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-08-20 12:06 . 2011-03-21 13:22 452200 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-08-20 12:06 . 2011-03-21 13:22 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2011-08-20 12:06 . 2011-08-20 22:55 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-08-20 12:06 . 2011-08-20 12:08 -------- d-----w- c:\program files (x86)\Realtek
2011-08-20 12:05 . 2011-08-20 12:05 -------- d-----w- c:\program files\DIFX
2011-08-20 12:05 . 2011-08-20 12:05 -------- dc----w- c:\windows\system32\DRVSTORE
2011-08-20 12:05 . 2011-08-20 12:05 -------- d-----w- c:\program files (x86)\AMD
2011-08-20 12:05 . 2009-12-22 00:26 38456 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2011-08-20 12:05 . 2009-05-05 01:00 16440 ----a-w- c:\windows\system32\drivers\AtiPcie.sys
2011-08-20 12:02 . 2011-08-20 12:02 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-08-20 12:01 . 2011-08-20 12:01 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-08-20 12:00 . 2010-08-16 10:42 116240 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2011-08-20 11:59 . 2010-09-29 01:51 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-08-20 11:59 . 2010-09-29 01:23 58880 ----a-w- c:\windows\system32\coinst.dll
2011-08-20 11:59 . 2011-08-20 12:02 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-08-20 11:59 . 2011-08-20 23:04 -------- d-sh--w- c:\windows\Installer
2011-08-20 11:58 . 2011-08-20 12:01 -------- d-----w- c:\program files\ATI Technologies
2011-08-20 11:58 . 2011-08-20 11:58 -------- d-----w- c:\program files\ATI
2011-08-20 11:55 . 2011-08-20 11:56 -------- d-----w- c:\users\Pato
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files (x86)\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngin.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2009-12-31 09:53 2349080 ----a-w- c:\program files (x86)\MyAshampoo\tbMyAs.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\uTorrentBar\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files (x86)\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngin.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-08-17 4527424]
"Infium"="c:\program files (x86)\QIP Infium\infium.exe" [2010-10-25 5892560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe" [2011-01-25 303104]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-08-18 27808]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - AIDA64DRIVER
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-03 11842152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qzb4wj0l.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/ig
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
.
**************************************************************************
.
Celkový čas: 2011-08-23 00:22:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-22 22:22
.
Před spuštěním: Volných bajtů: 929 380 556 800
Po spuštění: Volných bajtů: 928 885 956 608
.
- - End Of File - - C297BC4F5AF2AE5CBDEF8C87AABA1800

MiliNess · #10 Příspěvek od **MiliNess** » 23 srp 2011 21:38

Počkáme na kolegyni, jen tě chci upozornit, že ovladač virtuální sběrnice dtsoftbus01.sys, který patří k Daemon Tools, velmi často způsobuje pády operačního systému. Jelikož se zatím nemáme čeho chytit, doporučoval bych pokusně DT odinstalovat.

#11 Příspěvek od **motji** » 23 srp 2011 22:03

Já tam žádnou havět nevidím, kromě pár zbytečností.
Mili, chceš gmer?

MiliNess · #12 Příspěvek od **MiliNess** » 23 srp 2011 22:39

Může být

Madnessvk · #13 Příspěvek od **Madnessvk** » 24 srp 2011 12:41

Všetky tie balíčky som nainštaloval, DT som odinštaloval a vymazal z registrov... A ten verifier nejde stále spustiť furt to vyhadzuje to isté ... 2x mi pri tej inštalácii balíčkov hodilo BSOD .. Ale po reštarte som ich inštaloval odznova takže to by problém nemal byť.

#14 Příspěvek od **motji** » 24 srp 2011 12:54

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

mafian021 · #15 Příspěvek od **mafian021** » 20 zář 2013 10:28

Ahoj všem mohli byste mi prosim poradit mam stejny problem jako kolega zakladajici tohle tema, novy pc cca petkrat reinstal a porad zamrza a hazi blue screen s chybovou hlaskou i na ciste instalaci, ovladace jsem zkousel nechat z win7 i daval nejnovejsi od vyrobce a zadna zmena, zkousel jsem jiny cpu i pamet a zadna zmena uz nevim co s tim

Sestava:
G41M-P33 Combo
CPU Intel G945
Kingston 2GB DDR2
HDD Samsung 200 GB

Díky všem za případne napady.

VIRY.CZ

BSOD Win 7 (ntoskrnl.exe)

BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)

Re: BSOD Win 7 (ntoskrnl.exe)