Minidump problém.

[Roli]

Ten nový ovladač ke grafice jsi už instaloval ?

DirectX máš aktuální ?

[kuntakinte]

Jo, instaloval. Ten DirectX se podívám. Jinak nejnovější, tentokrát ovladač zvukovky:

On Sun 18.12.2011 17:22:46 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini121811-01.dmp
This was probably caused by the following module: rtkhdaud.sys (RtkHDAud+0x3FD08E)
Bugcheck code: 0x100000D1 (0xFFFFFFFFBE0969F3, 0x2, 0x0, 0xFFFFFFFFACBCD73D)
Error: CUSTOM_ERROR
file path: C:\WINDOWS\system32\drivers\rtkhdaud.sys
product: Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)
company: Realtek Semiconductor Corp.
description: Realtek(r) High Definition Audio Function Driver
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: rtkhdaud.sys (Realtek(r) High Definition Audio Function Driver, Realtek Semiconductor Corp.).
Google query: rtkhdaud.sys Realtek Semiconductor Corp. CUSTOM_ERROR

[kuntakinte]

Mám DirectX 9,0c. Nevím, je pro XP i něco novější? Jelikož všude čtu že 10 a 11 pro XP neexistuje.

[Roli]

Ano na XP je poslední verze DirectX 9c.

Co se ti to tam děje ?

Nejdříve chipset potom grafika a nyní zvukovka, nemáš tam nějakého skřítka který ti to maže

TADY máš ten ovladač pro zvukovku.

[kuntakinte]

Tak to nevím jestli mám, doufal jsem že vy mi to povíte

Tak do zbírky:
On Sun 18.12.2011 18:49:57 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini121811-02.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x22F43)
Bugcheck code: 0xC000007B (0xFFFFFFFFE3628520, 0x0, 0x0, 0x0)
Error: CUSTOM_ERROR
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

[kuntakinte]

Jinak v tom ovladači mi Avira hlásí Malware, mám to brát vážně?

[kuntakinte]

Skřítek se zas činil:

On Sun 18.12.2011 20:23:40 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini121811-03.dmp
This was probably caused by the following module: hal.dll (hal+0x2A2A)
Bugcheck code: 0x1000000A (0xFFFFFFFFA7005D30, 0x2, 0x1, 0xFFFFFFFF806E7A2A)
Error: CUSTOM_ERROR
file path: C:\WINDOWS\system32\hal.dll
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: Hardware Abstraction Layer DLL
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system which cannot be identified at this time.

Jinak jak tak koukám, teploty v jádrech procesoru vyběhli až na 62°C, nevím, ale je to v pořádku?

[kuntakinte]

On Sun 18.12.2011 20:37:53 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini121811-04.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x22F43)
Bugcheck code: 0x1A (0x41284, 0xE60A001, 0xAEFB, 0xFFFFFFFFC0883000)
Error: MEMORY_MANAGEMENT
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a severe memory management error occurred.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

[Roli]

Jinak v tom ovladači mi Avira hlásí Malware, mám to brát vážně?

Řekl bych že se Avira plete, je to přímo od výrobce.

K té teplotě CPU, mohla by být menší, možná by nebylo na škodu otevřít skříň PC a stlačeným vzduchem vyfoukat

případný prach ze všech komponent.

Jinak koukám že se ti tam pořád dějí psí kusy, něco opravíme a ona se zase ukáže chybka jinde.


Ještě kouknem hlouběji zda tam není někde zašitý nějaký šmejd, který nebyl vidět.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[kuntakinte]

Combofix je chápu, nebude to poprvé. To s tím prachem jsem zkoušel jako první ještě než jsem napsal, jeidný rozdíl je možná v tom, že jsem při tom vymněnil mřížku na bočním krytu za plexisklo, aby se do něj tolik neprášilo.. každopádně na teplotě mu to pár stupňů přidalo, pokud to tak půjde dál, zkusím dám zpět ten původní.. každopádně problém byl daleko před touto záležitostí

[kuntakinte]

ComboFix 11-12-18.01 - ivan 18.12.2011 22:24:29.11.4 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2046.1409 [GMT 1:00]
Running from: c:\documents and settings\ivan\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Online Armor Firewall *Disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
c:\documents and settings\All Users\Application Data\TEMP\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\CddbCdda.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-11-18 to 2011-12-18 )))))))))))))))))))))))))))))))
.
.
2011-12-17 20:56 . 2011-12-17 20:56 -------- d-----w- c:\program files\HD Tune
2011-12-17 20:55 . 2011-12-17 20:55 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2011-12-17 20:52 . 2011-12-17 20:52 -------- d-----w- c:\program files\AMD APP
2011-12-17 18:51 . 2011-12-17 18:51 -------- d-----w- c:\program files\FinalWire
2011-12-16 17:11 . 2011-12-17 20:16 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2011-12-15 14:43 . 2011-12-18 20:41 -------- d-----w- c:\program files\WhoCrashed
2011-12-11 16:21 . 2011-12-11 17:15 -------- d-----w- c:\documents and settings\ivan\Application Data\DVDVideoSoft
2011-12-11 16:21 . 2011-12-13 11:39 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2011-12-11 16:21 . 2011-12-13 11:39 -------- d-----w- c:\program files\DVDVideoSoft
2011-12-11 15:34 . 2005-10-28 23:44 308224 ----a-w- c:\windows\system32\Avisynth.dll
2011-12-11 15:34 . 2004-02-22 15:11 719872 ----a-w- c:\windows\system32\devil.dll
2011-12-11 15:34 . 2011-12-11 15:34 -------- d-----w- c:\program files\Pepsky
2011-12-10 23:43 . 2011-12-11 10:22 -------- d-----w- c:\documents and settings\ivan\Application Data\avidemux
2011-12-09 17:34 . 2011-12-09 17:34 -------- d-----w- c:\documents and settings\ivan\Local Settings\Application Data\Sony
2011-12-09 17:32 . 2011-12-09 17:44 -------- d-----w- c:\program files\Sony
2011-12-09 17:32 . 2011-12-09 17:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Corporation
2011-12-09 17:25 . 2011-12-09 17:38 -------- d-----w- c:\documents and settings\ivan\Application Data\Sony
2011-12-09 17:25 . 2011-12-09 17:32 -------- d-----w- c:\program files\Sony Media Go Install
2011-12-09 17:03 . 2011-12-09 17:13 -------- d-----w- c:\program files\Sony Ericsson
2011-12-03 12:34 . 2011-12-03 12:45 -------- d-----w- c:\documents and settings\ivan\Local Settings\Application Data\Ubisoft Game Launcher
2011-12-03 10:52 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-12-03 10:52 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-12-03 10:52 . 2010-06-02 03:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2011-12-03 10:52 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2011-12-03 10:52 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2011-12-03 10:52 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2011-12-03 10:52 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2011-12-03 10:52 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2011-12-03 10:52 . 2010-02-04 09:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-12-03 10:52 . 2010-02-04 09:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-12-03 10:52 . 2010-02-04 09:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-12-03 10:52 . 2010-02-04 09:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-18 20:39 . 2008-11-21 19:17 16608 ----a-w- c:\windows\gdrv.sys
2011-12-09 17:32 . 2011-06-10 07:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-09 16:13 . 2011-10-22 16:43 134856 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-11-23 13:25 . 2006-02-28 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-10 03:42 . 2008-06-03 06:20 7493120 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-11-10 03:34 . 2008-11-21 19:31 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-11-10 03:26 . 2009-03-16 19:35 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-11-10 03:26 . 2009-03-16 19:34 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-11-10 03:20 . 2009-03-16 19:33 7196672 ----a-w- c:\windows\system32\aticaldd.dll
2011-11-10 03:06 . 2008-10-29 02:10 19210240 ----a-w- c:\windows\system32\atioglxx.dll
2011-11-10 02:54 . 2008-11-21 19:31 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-10 02:53 . 2008-06-03 03:21 304640 ----a-w- c:\windows\system32\ati2dvag.dll
2011-11-10 02:50 . 2008-06-03 02:59 5266624 ----a-w- c:\windows\system32\ati3duag.dll
2011-11-10 02:41 . 2011-01-26 20:35 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-11-10 02:32 . 2008-06-03 03:11 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-11-10 02:32 . 2008-06-03 03:11 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-11-10 02:32 . 2008-06-03 03:11 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-11-10 02:32 . 2008-06-03 03:11 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-11-10 02:31 . 2008-06-03 03:11 192512 ----a-w- c:\windows\system32\ati2evxx.dll
2011-11-10 02:30 . 2008-06-03 03:09 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-11-10 02:30 . 2008-06-03 02:48 3303040 ----a-w- c:\windows\system32\ativvaxx.dll
2011-11-10 02:29 . 2008-06-03 03:08 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-11-10 02:27 . 2010-02-27 18:00 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-11-10 02:23 . 2008-06-03 02:29 806912 ----a-w- c:\windows\system32\atikvmag.dll
2011-11-10 02:20 . 2008-06-03 03:04 602112 ----a-w- c:\windows\system32\atiok3x2.dll
2011-11-10 02:18 . 2008-06-03 02:28 233472 ----a-w- c:\windows\system32\atiadlxx.dll
2011-11-10 02:18 . 2008-06-03 02:28 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-11-10 02:12 . 2008-06-03 02:21 884736 ----a-w- c:\windows\system32\ati2cqag.dll
2011-11-10 02:12 . 2009-03-16 19:40 65024 ----a-w- c:\windows\system32\atimpc32.dll
2011-11-10 02:12 . 2008-06-03 02:33 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2011-11-10 02:12 . 2008-06-03 02:27 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-09 21:39 . 2011-11-09 21:39 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2011-11-09 21:39 . 2011-11-09 21:39 54784 ----a-w- c:\windows\system32\OVDecode.dll
2011-11-09 21:38 . 2011-11-09 21:38 14375936 ----a-w- c:\windows\system32\amdocl.dll
2011-11-09 21:37 . 2011-11-09 21:37 44032 ----a-w- c:\windows\system32\OpenCL.dll
2011-11-04 19:20 . 2006-02-28 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2006-02-28 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2006-02-28 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2006-02-28 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2006-02-28 12:00 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2006-02-28 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2006-02-28 12:00 2148864 ------w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-03 22:59 2027008 ------w- c:\windows\system32\ntkrnlpa.exe
2011-10-21 19:16 . 2011-10-21 19:16 1843200 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-10-21 19:15 . 2011-10-21 19:15 104448 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-10-18 11:13 . 2006-02-28 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-11 13:00 . 2011-10-22 16:43 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-11 13:00 . 2011-10-22 16:43 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-10 14:22 . 2008-11-21 19:04 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2006-02-28 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 17:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2006-02-28 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 09:41 . 2006-02-28 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-11-09 12:00 . 2011-06-02 10:30 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-12-16 4616064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-07 16862208]
"@OnlineArmor GUI"="c:\program files\Online Armor\oaui.exe" [2010-08-27 2356848]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 98304]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
EasySetPackage.lnk - c:\program files\LG Soft India\EasySetPackage\bin\EasySetPackage.exe [2011-6-20 159744]
TMMonitor.lnk - c:\program files\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-6-20 258048]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\Online Armor\oaevent.dll" [2010-08-27 353992]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-04 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-04-04 20:13 119608 ----a-w- c:\progra~1\ICQ7.4\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]
2007-11-06 08:16 3096576 ----a-w- c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Google Update"="c:\documents and settings\ivan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OSSelectorReinstall"=c:\program files\Common Files\Acronis\AcronisDiskDirector\oss_reinstall.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\utorrent-lite\\utorrent.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Empire Interactive\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.11.2008 10:36 436792]
R1 archlp;archlp;c:\windows\system32\drivers\ArcHlp.sys [20.6.2011 13:33 127744]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [22.10.2011 17:43 36000]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [3.9.2010 11:11 201168]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [3.9.2010 11:11 38856]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [3.9.2010 11:11 25000]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [3.9.2010 11:11 29272]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17.2.2010 19:25 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 19:41 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [4.5.2011 18:54 116608]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [22.10.2011 17:43 86224]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [21.11.2008 20:18 80392]
R2 OAcat;Online Armor Helper Service;c:\program files\Online Armor\oacat.exe [3.9.2010 11:11 380272]
R3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\drivers\AF9035HB.sys [20.6.2011 13:09 855808]
S2 SvcOnlineArmor;Online Armor;c:\program files\Online Armor\oasrv.exe [3.9.2010 11:11 3638240]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [1.3.2010 22:51 16512]
S3 gupdate1c99ca5d283c91e;Služba Google Update (gupdate1c99ca5d283c91e);c:\program files\Google\Update\GoogleUpdate.exe [4.3.2009 9:47 133104]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.3.2009 9:47 133104]
S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [11.5.2005 13:12 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [11.5.2005 13:12 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [11.5.2005 13:12 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [11.5.2005 13:12 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [11.5.2005 13:12 77072]
S3 LGDDCDevice;LGDDCDevice;c:\windows\system32\LGI2CDriver.sys [20.6.2011 12:38 16384]
S3 LGII2CDevice;LGII2CDevice;c:\windows\system32\LGPII2CDriver.sys [20.6.2011 12:38 19456]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [3.12.2010 21:40 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [3.12.2010 21:40 8320]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [28.11.2008 12:05 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\drivers\sea1mdfl.sys [28.11.2008 12:05 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\drivers\sea1mdm.sys [28.11.2008 12:05 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea1mgmt.sys [28.11.2008 12:05 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\drivers\sea1nd5.sys [28.11.2008 12:06 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\drivers\sea1obex.sys [28.11.2008 12:05 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\drivers\sea1unic.sys [28.11.2008 12:05 90800]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-16 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 12:49]
.
2011-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cab6eebdc09bce.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 08:47]
.
2011-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 08:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 217.12.50.2 217.12.48.2
FF - ProfilePath - c:\documents and settings\ivan\Application Data\Mozilla\Firefox\Profiles\kyqg5x4k.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.6&q=
FF - prefs.js: network.proxy.type - 2
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Easy CD-DA Extractor 5.0 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-18 22:31
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1004336348-492894223-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:c4,96,1a,71,02,35,19,20,31,01,69,01,d0,c4,b3,f9,88,7b,21,cb,f2,
e4,99,c0,91,4e,db,a3,cb,67,91,d2,c0,05,70,86,ca,fa,12,23,63,71,b2,fc,10,da,\
"rkeysecu"=hex:93,da,72,cf,ff,85,db,92,f4,2a,a6,4a,c0,2a,bb,10
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(948)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
.
Completion time: 2011-12-18 22:34:32
ComboFix-quarantined-files.txt 2011-12-18 21:34
ComboFix2.txt 2011-07-15 20:20
ComboFix3.txt 2011-03-23 19:56
.
Pre-Run: 81 488 330 752 bytes free
Post-Run: 14 adresárov, 81 578 409 984 voľných bajtov
.
- - End Of File - - 0433C060F0E4A8539FDF400E5879BE5B

[kuntakinte]

Jinak vážně netuším co je s tím ovladačem ke zvukovce, ale krom toho že tam Avira teď už vidí Trojana, stejně když ji vypnu a spustím to, tak se nic neděje

[kuntakinte]

A jinak teď už mě na něj upozorňuje i Online Armor

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

FireFox:: 
FF - ProfilePath - c:\documents and settings\ivan\Application Data\Mozilla\Firefox\Profiles\kyqg5x4k.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.6&q=

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[Roli]

A jinak teď už mě na něj upozorňuje i Online Armor

Vydrž testnu ho na virtuálce.