prosim o pomoc - modrá obrazovka

Zpráva

speedfire · #1 Příspěvek od **speedfire** » 02 črc 2011 19:07

Dobrý den, chtěl bych poprosit o pomoc.
PC pravidelně jednou - dva krát denně zamrzne a po chvíli zaseku spadne na modrou obrazovku.
Stáva se mi to nejčastěji při sledování videí ale i při hraní her.
Dále se mi stáva, že v momentu zaseknuti PC pri prohlizeni videí, ikdyz se mi podari prohlizec zavrit , tim padem se mi zavre i cele video hraje zvuk videa dal..
Mám podezření buď na vir, nebo špátné ovladače.. ale ty mi žádnou chybu, že by byly poškozene nevypisují navíc jsem je nedávno aktualizoval.
Při restartovaní pc a znovu obnovění mě počítač odkáže na " sysdata.xml " ve kterém asi vypisuje chybovou hlášku, ale boužel se v ní nevyznám.
Vložím vám do přílohy tento soubor a předem děkuji za případnou pomoc

sysdata.rar: (10.12 KiB) Staženo 71 x

#2 Příspěvek od **Rudy** » 02 črc 2011 19:45

Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .

speedfire · #3 Příspěvek od **speedfire** » 02 črc 2011 19:48

Logfile of random's system information tool 1.08 (written by random/random)
Run by pc1 at 2011-07-02 20:47:44
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (6%) free of 111 GB
Total RAM: 3327 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:49, on 2.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\Ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\windows\system32\PnkBstrA.exe
C:\windows\system32\svchost.exe
C:\WINDOWS\system32\WebUpdateSvc4.exe
C:\windows\Explorer.EXE
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\windows\RTHDCPL.EXE
C:\windows\system32\ctfmon.exe
C:\Documents and Settings\pc1\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\ASUS\AASP\1.00.59\aaCenter.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\QIP\qip.exe
C:\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\pc1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [ASUS Energy Saving] "C:\Program Files\ASUS\AI Suite\EnergySaving\PwSave.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\pc1\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\pc1\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3136423890
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{038F3480-965A-4EB5-8539-2D56B2F870B7}: NameServer = 195.128.203.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{038F3480-965A-4EB5-8539-2D56B2F870B7}: NameServer = 195.128.203.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{038F3480-965A-4EB5-8539-2D56B2F870B7}: NameServer = 195.128.203.2
O17 - HKLM\System\CS3\Services\Tcpip\..\{038F3480-965A-4EB5-8539-2D56B2F870B7}: NameServer = 195.128.203.2
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Web Update Wizard Service V4 (WebUpdate4) - Data Perceptions / PowerProgrammer - C:\WINDOWS\system32\WebUpdateSvc4.exe

--
End of file - 10428 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-01-28 1413120]
"CPU Power Monitor"=C:\Program Files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe [2008-01-09 627200]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"ASUS Energy Saving"=C:\Program Files\ASUS\AI Suite\EnergySaving\PwSave.exe [2008-01-28 1352704]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"RemoteControl10"=C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2010-06-28 75048]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1352272]
"TaskTray"= []
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2007-04-12 16132608]
"Alcmtr"=C:\windows\ALCMTR.EXE [2005-05-03 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"Octoshape Streaming Services"=C:\Documents and Settings\pc1\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Documents and Settings\pc1\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\windows\system32\Ati2evxx.dll [2011-05-25 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\VALVe\Left 4 Dead\left4dead.exe"="C:\Program Files\VALVe\Left 4 Dead\left4dead.exe:*:Enabled:left4dead"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe"="C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Valve\Steam\SteamApps\speedfire111\dedicated server\hltv.exe"="C:\Program Files\Valve\Steam\SteamApps\speedfire111\dedicated server\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\Valve\Steam\SteamApps\speedfire111\dedicated server\hlds.exe"="C:\Program Files\Valve\Steam\SteamApps\speedfire111\dedicated server\hlds.exe:*:Enabled:Dedicated Server"
"C:\Program Files\Valve\Steam\SteamApps\speedfire111\condition zero\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\speedfire111\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe"="C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit"
"C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFS11.exe"="C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFS11.exe:*:Enabled:Need for Speed(TM) Hot Pursuit Application"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Valve\Steam\SteamApps\common\crysis 2 - demo\Bin32\Crysis2Demo.exe"="C:\Program Files\Valve\Steam\SteamApps\common\crysis 2 - demo\Bin32\Crysis2Demo.exe:*:Enabled:Crysis 2 Demo"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Valve\Steam\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe"="C:\Program Files\Valve\Steam\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe:*:Enabled:AMD Driver Updater, XP, 32 bit"
"C:\Program Files\Valve\Steam\SteamApps\speedfire111\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\speedfire111\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2011-07-02 13:03:23 ----R---- C:\windows\Alcmtr.exe
2011-07-02 13:03:13 ----A---- C:\windows\HideWin.exe
2011-06-29 14:36:10 ----D---- C:\Program Files\CPUID
2011-06-29 14:36:10 ----A---- C:\windows\system32\drivers\cpuz135_x32.sys
2011-06-29 14:07:48 ----D---- C:\Program Files\Driver-Soft
2011-06-29 10:24:13 ----D---- C:\Documents and Settings\pc1\Data aplikací\Malwarebytes
2011-06-29 10:23:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-06-29 10:23:40 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2011-06-29 10:23:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-06-29 10:23:36 ----A---- C:\windows\system32\drivers\mbam.sys
2011-06-29 10:10:12 ----HDC---- C:\windows\$NtUninstallKB2541763$
2011-06-26 15:52:26 ----A---- C:\windows\system32\CSVer.dll
2011-06-26 15:45:11 ----A---- C:\windows\system32\drivers\LNonPnP.sys
2011-06-26 15:44:11 ----A---- C:\windows\system32\drivers\LBeepKE.sys
2011-06-26 15:43:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Logishrd
2011-06-26 15:40:51 ----D---- C:\Program Files\Common Files\LogiShrd
2011-06-26 15:40:34 ----D---- C:\Documents and Settings\pc1\Data aplikací\Logishrd
2011-06-26 15:40:01 ----A---- C:\windows\vncutil.exe
2011-06-26 15:40:01 ----A---- C:\windows\system32\RtkCoInstXP.dll
2011-06-26 15:40:01 ----A---- C:\windows\RtkAudioService.exe
2011-06-26 15:39:59 ----A---- C:\windows\system32\drivers\Monfilt.sys
2011-06-26 15:39:59 ----A---- C:\windows\system32\drivers\Ambfilt.sys
2011-06-26 15:38:45 ----A---- C:\windows\system32\drivers\AtihdXP3.sys
2011-06-26 13:59:10 ----D---- C:\Program Files\AMD APP
2011-06-26 13:58:21 ----A---- C:\windows\system32\ativvamv.dll
2011-06-26 13:58:21 ----A---- C:\windows\system32\atimpc32.dll
2011-06-26 13:58:21 ----A---- C:\windows\system32\aticalrt.dll
2011-06-26 13:58:21 ----A---- C:\windows\system32\aticaldd.dll
2011-06-26 13:58:21 ----A---- C:\windows\system32\aticalcl.dll
2011-06-26 13:58:21 ----A---- C:\windows\system32\atibtmon.exe
2011-06-26 13:58:21 ----A---- C:\windows\system32\atiapfxx.exe
2011-06-26 13:57:51 ----D---- C:\Program Files\ATI
2011-06-25 18:21:36 ----D---- C:\Documents and Settings\pc1\Data aplikací\Day 1 Studios
2011-06-15 15:07:03 ----HDC---- C:\windows\$NtUninstallKB2503665$
2011-06-15 15:06:55 ----HDC---- C:\windows\$NtUninstallKB2476490$
2011-06-15 15:03:34 ----HDC---- C:\windows\$NtUninstallKB2536276$
2011-06-15 15:03:29 ----HDC---- C:\windows\$NtUninstallKB2535512$
2011-06-15 15:03:20 ----HDC---- C:\windows\$NtUninstallKB2544893$

======List of files/folders modified in the last 1 months======

2011-07-02 20:47:47 ----D---- C:\windows\Temp
2011-07-02 20:47:45 ----D---- C:\Program Files\trend micro
2011-07-02 19:40:32 ----D---- C:\windows\Prefetch
2011-07-02 19:39:23 ----D---- C:\WINDOWS
2011-07-02 19:14:12 ----D---- C:\windows\system32\CatRoot2
2011-07-02 16:55:50 ----A---- C:\windows\SchedLgU.Txt
2011-07-02 13:07:48 ----A---- C:\windows\Ascd_log.ini
2011-07-02 13:04:31 ----A---- C:\windows\Ascd_tmp.ini
2011-07-02 13:03:56 ----D---- C:\windows\system32\RTCOM
2011-07-02 13:03:56 ----D---- C:\windows\system32\drivers
2011-07-02 13:03:56 ----D---- C:\windows\system32
2011-07-02 13:03:51 ----RSHDC---- C:\windows\system32\dllcache
2011-07-02 13:03:21 ----D---- C:\Program Files\Realtek
2011-07-02 13:02:38 ----A---- C:\windows\AS_Debug.txt
2011-07-02 12:59:46 ----HD---- C:\windows\inf
2011-07-02 12:38:29 ----SHD---- C:\windows\Installer
2011-07-02 12:38:27 ----SHD---- C:\Config.Msi
2011-07-02 01:50:41 ----A---- C:\windows\NeroDigital.ini
2011-07-01 21:17:01 ----D---- C:\windows\Minidump
2011-07-01 20:55:46 ----D---- C:\Documents and Settings\pc1\Data aplikací\Winamp
2011-06-29 20:59:37 ----HDC---- C:\windows\$NtUninstallKB2347290$
2011-06-29 15:40:47 ----D---- C:\Program Files\Mozilla Firefox
2011-06-29 14:36:10 ----D---- C:\Program Files
2011-06-29 14:28:25 ----D---- C:\windows\system32\ReinstallBackups
2011-06-29 10:10:21 ----D---- C:\Program Files\Microsoft Office
2011-06-29 10:09:25 ----HD---- C:\windows\$hf_mig$
2011-06-28 12:47:01 ----D---- C:\Documents and Settings\pc1\Data aplikací\uTorrent
2011-06-26 15:56:45 ----SD---- C:\windows\Tasks
2011-06-26 15:50:52 ----D---- C:\windows\system32\CatRoot
2011-06-26 15:50:38 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-06-26 15:49:31 ----DC---- C:\windows\system32\DRVSTORE
2011-06-26 15:43:44 ----D---- C:\Program Files\Logitech
2011-06-26 15:43:18 ----D---- C:\Program Files\Common Files
2011-06-26 15:42:50 ----HD---- C:\Program Files\InstallShield Installation Information
2011-06-26 15:34:42 ----D---- C:\Program Files\uTorrent
2011-06-26 15:32:38 ----RD---- C:\Dokumenty
2011-06-26 13:58:19 ----D---- C:\Program Files\ATI Technologies
2011-06-24 09:12:56 ----D---- C:\windows\Logs
2011-06-24 09:12:56 ----D---- C:\windows\Debug
2011-06-24 09:10:40 ----D---- C:\Program Files\CCleaner
2011-06-15 15:58:17 ----D---- C:\windows\Microsoft.NET
2011-06-15 15:58:16 ----RSD---- C:\windows\assembly
2011-06-15 15:15:05 ----D---- C:\Program Files\Microsoft Silverlight
2011-06-15 15:15:00 ----D---- C:\windows\SxsCaPendDel
2011-06-15 15:15:00 ----D---- C:\Program Files\Internet Explorer
2011-06-15 15:11:40 ----A---- C:\windows\system32\MRT.exe
2011-06-15 15:11:35 ----D---- C:\windows\WinSxS
2011-06-15 15:04:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-06-12 21:44:46 ----D---- C:\Temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv61xx;mv61xx; C:\windows\system32\DRIVERS\mv61xx.sys [2011-02-09 159536]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\windows\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2009-11-11 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AsIO;AsIO; C:\windows\system32\drivers\AsIO.sys [2007-12-18 12400]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 EIO_XP;EIO_XP; \??\C:\WINDOWS\system32\drivers\EIO_XP.sys []
R1 epfwtdi;epfwtdi; C:\windows\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/04/16 13:25:16]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl []
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 cpuz135;cpuz135; \??\C:\windows\system32\drivers\cpuz135_x32.sys []
R2 eamon;eamon; C:\windows\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R2 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS []
R2 LBeepKE;Logitech Beep Suppression Driver; C:\windows\System32\Drivers\LBeepKE.sys [2010-08-24 10448]
R3 Arp1394;Protokol 1394 ARP Client; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2011-05-25 6554624]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\windows\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2007-04-23 4402176]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\windows\system32\DRIVERS\L8042Kbd.sys [2010-08-24 20304]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\windows\System32\Drivers\LUsbFilt.Sys [2010-08-24 28624]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\windows\System32\Drivers\wdf01000.sys [2008-03-27 503008]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk51x86.sys [2011-05-26 298016]
S0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 a52rx901;a52rx901; C:\windows\system32\drivers\a52rx901.sys []
S3 Ambfilt;Ambfilt; C:\windows\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\pc1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2009-11-16 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2009-11-16 25512]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\windows\system32\DRIVERS\k750bus.sys [2006-03-13 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\windows\system32\DRIVERS\k750mdfl.sys [2006-03-13 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\windows\system32\DRIVERS\k750mdm.sys [2006-03-13 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\windows\system32\DRIVERS\k750mgmt.sys [2006-03-13 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\windows\system32\DRIVERS\k750obex.sys [2006-03-13 79488]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\mbamswissarmy.sys []
S3 Monfilt;Monfilt; C:\windows\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 Razerlow;Razer Copperhead Driver; C:\windows\System32\Drivers\Razerlow.sys [2005-08-12 19020]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\windows\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\windows\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\windows\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\windows\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\SE27mgmt.sys [2006-09-18 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\windows\system32\DRIVERS\se27nd5.sys [2006-09-18 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\SE27obex.sys [2006-09-18 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\windows\system32\DRIVERS\se27unic.sys [2006-09-18 90800]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Video3D;ASUS Video3D Service; C:\windows\System32\Drivers\Video3D32.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\windows\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2011-05-25 643072]
R2 Autodata Limited License Service;Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [2010-10-20 72704]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2007-01-31 65536]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2009-10-31 66872]
R2 WebUpdate4;Web Update Wizard Service V4; C:\WINDOWS\system32\WebUpdateSvc4.exe [2008-04-15 262360]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2007-01-31 1527893]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 gupdate1c9db06f8d5b894;Služba Google Update (gupdate1c9db06f8d5b894); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-22 133104]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S4 WSearch;Windows Search; C:\windows\system32\SearchIndexer.exe [2008-05-26 439808]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 02 črc 2011 20:56

Toto je OK. Ještě poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

speedfire · #5 Příspěvek od **speedfire** » 03 črc 2011 11:21

ComboFix 11-07-02.03 - pc1 03.07.2011 12:15:20.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2464 [GMT 2:00]
Spuštěný z: c:\documents and settings\pc1\Plocha\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\pc1\WINDOWS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-03 do 2011-07-03 )))))))))))))))))))))))))))))))
.
.
2011-07-02 19:40 . 2011-07-02 19:45 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2011-07-02 11:03 . 2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
2011-07-02 11:03 . 2011-07-02 11:03 319488 ----a-w- c:\windows\HideWin.exe
2011-06-29 13:40 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-29 13:40 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-06-29 12:36 . 2011-06-29 12:36 -------- d-----w- c:\program files\CPUID
2011-06-29 12:36 . 2010-11-09 13:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-06-29 12:07 . 2011-06-29 12:07 -------- d-----w- c:\program files\Driver-Soft
2011-06-29 08:24 . 2011-06-29 08:24 -------- d-----w- c:\documents and settings\pc1\Data aplikací\Malwarebytes
2011-06-29 08:23 . 2011-06-29 08:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-06-29 08:23 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-29 08:23 . 2011-06-29 08:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-29 08:23 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-26 13:52 . 2011-04-15 14:00 53248 ----a-w- c:\windows\system32\CSVer.dll
2011-06-26 13:45 . 2011-06-26 13:45 -------- d-----w- c:\documents and settings\pc1\Local Settings\Data aplikací\Logishrd
2011-06-26 13:45 . 2011-06-26 13:45 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-06-26 13:44 . 2010-08-24 17:30 10448 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2011-06-26 13:43 . 2011-06-26 13:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Logishrd
2011-06-26 13:40 . 2011-06-26 13:45 -------- d-----w- c:\program files\Common Files\LogiShrd
2011-06-26 13:40 . 2011-06-26 13:40 -------- d-----w- c:\documents and settings\pc1\Data aplikací\Logishrd
2011-06-26 13:40 . 2011-05-13 15:17 59496 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-06-26 13:40 . 2010-11-03 16:15 359016 ----a-w- c:\windows\vncutil.exe
2011-06-26 13:40 . 2010-11-03 16:14 129640 ----a-w- c:\windows\RtkAudioService.exe
2011-06-26 13:39 . 2009-11-18 05:17 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2011-06-26 13:39 . 2009-11-18 05:16 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2011-06-26 13:38 . 2011-03-30 18:46 101392 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys
2011-06-26 11:59 . 2011-06-26 11:59 -------- d-----w- c:\program files\AMD APP
2011-06-26 11:58 . 2011-05-25 03:53 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-06-26 11:58 . 2011-05-25 03:53 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-06-26 11:58 . 2011-05-25 03:42 5922816 ----a-w- c:\windows\system32\aticaldd.dll
2011-06-26 11:58 . 2011-05-25 03:07 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-06-26 11:58 . 2011-05-25 02:38 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-06-26 11:58 . 2011-05-25 02:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-06-26 11:58 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2011-06-26 11:57 . 2011-06-26 11:57 -------- d-----w- c:\program files\ATI
2011-06-26 11:34 . 2011-06-26 11:34 -------- d-----w- c:\documents and settings\pc1\Local Settings\Data aplikací\PackageAware
2011-06-26 11:19 . 2011-06-26 11:19 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-06-25 16:21 . 2011-06-25 16:21 -------- d-----w- c:\documents and settings\pc1\Data aplikací\Day 1 Studios
2011-06-25 16:21 . 2011-06-25 16:21 -------- d-----w- c:\documents and settings\pc1\Local Settings\Data aplikací\ALI213
2011-06-15 13:01 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 12:03 . 2011-05-19 05:17 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-27 15:58 . 2008-12-24 20:26 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-05-26 09:29 . 2006-11-22 07:01 298016 ----a-w- c:\windows\system32\drivers\yk51x86.sys
2011-05-25 04:21 . 2008-08-08 09:30 6554624 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-05-25 04:15 . 2009-01-28 07:30 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-05-25 03:47 . 2008-08-08 08:33 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:14 . 2008-08-08 08:25 4059328 ----a-w- c:\windows\system32\ati3duag.dll
2011-05-25 03:05 . 2008-08-08 07:52 503808 ----a-w- c:\windows\system32\atiok3x2.dll
2011-05-25 02:58 . 2008-08-08 07:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:56 . 2009-01-28 07:30 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 02:55 . 2008-08-08 08:48 302592 ----a-w- c:\windows\system32\ati2dvag.dll
2011-05-25 02:54 . 2008-08-08 08:13 3152384 ----a-w- c:\windows\system32\ativvaxx.dll
2011-05-25 02:39 . 2008-08-08 08:38 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 02:39 . 2008-08-08 08:38 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 02:39 . 2008-08-08 08:38 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-05-25 02:39 . 2008-08-08 08:38 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:38 . 2008-08-08 07:58 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:38 . 2008-08-08 08:37 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-05-25 02:37 . 2008-08-08 08:36 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-05-25 02:36 . 2008-08-08 08:34 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-05-25 02:31 . 2008-08-08 07:54 651264 ----a-w- c:\windows\system32\atikvmag.dll
2011-05-25 02:27 . 2008-08-08 07:53 200704 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:27 . 2008-08-08 07:52 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-05-25 02:22 . 2008-08-08 07:46 856064 ----a-w- c:\windows\system32\ati2cqag.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-05-02 15:32 . 2008-12-24 19:37 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2004-08-18 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:06 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:06 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:06 . 2004-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2004-08-18 12:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-04-16 11:23 . 2009-01-26 14:20 505128 ----a-w- c:\windows\system32\msvcp71.dll
2011-04-16 11:23 . 2008-12-24 20:54 353576 ----a-w- c:\windows\system32\msvcr71.dll
1998-05-24 14:26 . 2007-09-10 17:33 351232 ----a-w- c:\program files\SALAMAND.EXE
2011-06-16 04:30 . 2011-03-11 19:04 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Octoshape Streaming Services"="c:\documents and settings\pc1\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"="c:\program files\ASUS\AI Suite\AiNap\AiNap.exe" [2008-01-28 1413120]
"CPU Power Monitor"="c:\program files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe" [2008-01-09 627200]
"Cpu Level Up help"="c:\program files\ASUS\AI Suite\CpuLevelUpHelp.exe" [2007-11-30 881152]
"ASUS Energy Saving"="c:\program files\ASUS\AI Suite\EnergySaving\PwSave.exe" [2008-01-28 1352704]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-06-28 75048]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\pc1\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2010-8-29 67128]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\speedfire111\\dedicated server\\hltv.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\speedfire111\\dedicated server\\hlds.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\common\\crysis 2 - demo\\Bin32\\Crysis2Demo.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Valve\\Steam\\SteamApps\\common\\amd driver updater, xp, 32 bit\\Setup.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\speedfire111\\counter-strike\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [25.5.2007 5:35 159536]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25.12.2008 16:16 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 115008]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/04/16 13:25];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [28.6.2010 22:50 87536]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [27.6.2008 17:50 61424]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [29.6.2011 14:36 21992]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [12.1.2011 16:41 810144]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [30.12.2008 15:34 16616]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [26.6.2011 15:44 10448]
R2 WebUpdate4;Web Update Wizard Service V4;c:\windows\system32\WebUpdateSvc4.exe [15.4.2008 10:20 262360]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [26.6.2011 15:39 1691480]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [26.6.2011 15:38 101392]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [16.11.2009 20:02 13224]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [29.6.2011 10:23 39984]
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [13.2.2009 16:55 19020]
S4 gupdate1c9db06f8d5b894;Služba Google Update (gupdate1c9db06f8d5b894);c:\program files\Google\Update\GoogleUpdate.exe [22.5.2009 19:58 133104]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\pc1\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
TCP: DhcpNameServer = 94.199.199.199 94.199.192.192
TCP: Interfaces\{038F3480-965A-4EB5-8539-2D56B2F870B7}: NameServer = 195.128.203.2
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\pc1\Data aplikací\Mozilla\Firefox\Profiles\84bk69sd.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-TaskTray - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-03 12:19
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1328)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(2808)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-07-03 12:20:19
ComboFix-quarantined-files.txt 2011-07-03 10:20
.
Před spuštěním: 7 076 818 944
Po spuštění: 9 148 821 504
.
- - End Of File - - 57A38A21C05C3EABAFCD650DA4E536C3

#6 Příspěvek od **Rudy** » 03 črc 2011 12:10

Několik položek CF smazal, zbytek logu vypadá čistý. Prověřte nyní chování PC a v případě opakování BSOD udělejte sken MBR: http://www2.gmer.net/mbr/mbr.exe . Utilita po ukončení skenu vytvoří krátký log, který sem zkopírujte.

speedfire · #7 Příspěvek od **speedfire** » 03 črc 2011 12:14

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3500320AS rev.SD15 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

#8 Příspěvek od **Rudy** » 03 črc 2011 14:49

MBR je OK. Co bylo napsáno na té modré obrazovce?

speedfire · #9 Příspěvek od **speedfire** » 03 črc 2011 15:02

to ted presne nevim, ale ta chybova hlaska se ulozila do souboru v pc, uploaduju vam jej ->

http://leteckaposta.cz/597884447

#10 Příspěvek od **Rudy** » 03 črc 2011 15:30

Zkuste kompletní reinstal ovladačů zákl desky a gr. karty. Předpokládám, že se BSOD objevil znovu po čištění ComboFixem. Jinak reinstal nemá smysl.

speedfire · #11 Příspěvek od **speedfire** » 04 črc 2011 17:40

problem vyřešen děkuji za pomoc

#12 Příspěvek od **Rudy** » 04 črc 2011 18:31

Nemáte zač!

VIRY.CZ

prosim o pomoc - modrá obrazovka

prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka

Re: prosim o pomoc - modrá obrazovka