niečo mi spôsobuje BSOD

Zpráva

MaofKO · #1 Příspěvek od **MaofKO** » 01 črc 2012 11:11

Zdravím.
Približne pred 2 týždňami mi niečo začalo spôsobovať BSOD ("typ" hlášky je SYSTEM_SERVICE). Najprv som si myslel, že to spôsobuje nový Firefox 13 a flashplayer, s ktorými má teraz dosť ľudí problémy, pretože mi to robieva napr. keď si dám otvoriť nejakú stránku na novej karte (inak problémy s flash playerom nemám a vrátil som sa aj späť k starej verzii). Lenže neskôr mi to spravilo, aj keď som mal firefox vypnutý, a kontroloval som PC cez spybot. Dnes som si všimol, že jeden z procesov svchost.exe (užívateľ LOCAL SERVICE) občas zaťažuje CPU cca na 70%, zožerie asi 300 MB pamäte, teplota CPU pri tom stúpa cca na 69 °C a pravdepodobne potom mi spraví BSOD, pretože hneď po reštarte bola teplota CPU vyše 60°C. Inak sa mi to nezdá až tak veľa, takže neviem či by to mohlo spôsobovať práve to. Takisto sa mi nezdá napätie -12V, ktoré v programe SIW ukazuje -6V, a v Speedfan -9V. Aj tých -9V je už mimo toleranciu.

Toľko zatiaľ moje postrehy okolo môjho problému.
Tu je ešte moja zostava:
OS: Windows 7 x64 SP1
MB: ASUS M4A77TD pro
CPU: AMD Athlon x2 255, 3,1 GhZ, mal som pretaktovaný na 3,4 GhZ, ale radšej som to nateraz vrátil naspäť.
RAM: Kingston 2x2GB, 1333 MhZ
PSU: Fortron Saga II, 500W
GPU: Gigabyte GT 220, 512MB
HDD: WD Green 640GB
2 x DVD-ROM
prídavný 12cm nízkootáčkový fan

A tu je ešte samozrejme log z RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by MaofKO at 2012-07-01 11:52:04
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 38 GB (32%) free of 120 GB
Total RAM: 4094 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:52:14, on 1. 7. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\Connectify\Connectify.exe
C:\Program Files (x86)\Pale Moon\palemoon.exe
C:\Program Files (x86)\Pale Moon\plugin-container.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Utility\siw.exe
C:\Program Files\trend micro\MaofKO.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKCU\..\Run: [7 Taskbar Tweaker] "C:\Utility\7 Taskbar Tweaker\7 Taskbar Tweaker.exe" -hidewnd
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8D59F840-5F74-4440-BA53-52283D888E2B}: NameServer = 192.168.107.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek11nCU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 6564 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"ConnectifyD.exe"
\??\C:\Windows\system32\conhost.exe "-1983546174147832499810946720941013281787108524906220365455031646529290113272122
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe" /H
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Windows\PixArt\PAC7302\Monitor.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Utility\7 Taskbar Tweaker\7 Taskbar Tweaker.exe" -hidewnd
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Connectify\Connectify.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Pale Moon\palemoon.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Pale Moon\plugin-container.exe" --channel=3808.14062020.2100795726 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 3E917604E7C33D56 3808 plugin
"ConnectifyNetServices.exe" -v -i C:\ProgramData\Connectify\cache\ConnectifyNetServices.ini -s C:\ProgramData\Connectify\cache\ConnectifyNetServices.state -l C:\ProgramData\Connectify\logs
\??\C:\Windows\system32\conhost.exe "18576310761810186152-1184536291-2074409144-994353216948088770-6682485831703706354
C:\Windows\system32\AUDIODG.EXE 0x55c
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Utility\siw.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\taskmgr.exe" /4
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\MaofKO\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\WmiApSrv.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-18 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-18 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-31 2840352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"7 Taskbar Tweaker"=C:\Utility\7 Taskbar Tweaker\7 Taskbar Tweaker.exe [2011-09-30 139264]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Connectify"=C:\Program Files (x86)\Connectify\Connectify.exe [2012-05-02 4116296]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickOutStarter]
C:\Users\MaofKO\AppData\Local\Temp\7zO972C.tmp\DesktopCapture.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^MaofKO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Jabbim.lnk]
C:\PROGRA~2\Jabbim\jabbim.exe [2010-03-09 211968]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-08-03 2770432]
"NPSStartup"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2012-07-01 11:52:04 ----D---- C:\rsit
2012-07-01 11:52:04 ----D---- C:\Program Files\trend micro
2012-07-01 11:49:18 ----D---- C:\Program Files (x86)\SpeedFan
2012-06-24 13:24:59 ----D---- C:\Users\MaofKO\AppData\Roaming\Renoise
2012-06-24 13:24:34 ----A---- C:\Windows\SYSWOW64\ReWire.DLL
2012-06-24 13:24:24 ----D---- C:\Program Files (x86)\Renoise 2.5.1
2012-06-23 11:29:20 ----A---- C:\Windows\system32\wups2.dll
2012-06-23 11:29:20 ----A---- C:\Windows\system32\wucltux.dll
2012-06-23 11:29:20 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-23 11:29:20 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-23 11:28:51 ----A---- C:\Windows\system32\wups.dll
2012-06-23 11:28:51 ----A---- C:\Windows\system32\wudriver.dll
2012-06-23 11:28:51 ----A---- C:\Windows\system32\wuapi.dll
2012-06-23 11:28:29 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-23 11:28:29 ----A---- C:\Windows\system32\wuapp.exe
2012-06-20 13:26:48 ----D---- C:\Users\MaofKO\AppData\Roaming\OpenMPT
2012-06-18 16:53:54 ----D---- C:\SpybotPortable
2012-06-13 15:12:12 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-13 15:12:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-06-13 15:12:11 ----A---- C:\Windows\SYSWOW64\url.dll
2012-06-13 15:12:11 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-06-13 15:12:11 ----A---- C:\Windows\system32\urlmon.dll
2012-06-13 15:12:11 ----A---- C:\Windows\system32\url.dll
2012-06-13 15:12:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-06-13 15:12:10 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-06-13 15:12:10 ----A---- C:\Windows\system32\ieui.dll
2012-06-13 15:12:10 ----A---- C:\Windows\system32\iertutil.dll
2012-06-13 15:12:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-06-13 15:12:09 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-13 15:12:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-06-13 15:12:08 ----A---- C:\Windows\system32\wininet.dll
2012-06-13 15:12:07 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-13 15:12:07 ----A---- C:\Windows\system32\jscript9.dll
2012-06-13 15:12:06 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-06-13 15:12:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-06-13 15:12:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-06-13 15:12:06 ----A---- C:\Windows\system32\jscript.dll
2012-06-13 15:12:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-06-13 15:12:04 ----A---- C:\Windows\system32\mshtml.dll
2012-06-13 15:12:03 ----A---- C:\Windows\system32\ieframe.dll
2012-06-13 15:12:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-06-13 15:11:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-13 15:11:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-13 15:10:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-13 15:10:57 ----A---- C:\Windows\system32\profsvc.dll
2012-06-13 15:10:55 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-13 15:10:55 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-13 15:10:55 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-13 15:09:47 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-06-13 15:09:47 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-13 15:09:47 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-13 15:09:47 ----A---- C:\Windows\system32\crypt32.dll
2012-06-13 15:09:46 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-06-13 15:09:46 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-06-13 15:09:03 ----A---- C:\Windows\system32\rdpcorets.dll
2012-06-13 15:09:03 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-13 15:09:00 ----A---- C:\Windows\system32\win32k.sys
2012-06-13 15:08:54 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-06-13 15:08:54 ----A---- C:\Windows\system32\msi.dll
2012-06-10 18:54:53 ----D---- C:\ProgramData\Blizzard Entertainment
2012-06-09 23:22:51 ----D---- C:\Users\MaofKO\AppData\Roaming\PgcEdit
2012-06-09 23:00:50 ----A---- C:\Windows\mafosav.INI
2012-06-06 14:44:38 ----A---- C:\Windows\system32\Log.txt
2012-06-05 21:12:10 ----HD---- C:\ProgramData\BPK
2012-06-04 09:49:24 ----ASH---- C:\pagefile.sys
2012-06-03 19:08:24 ----D---- C:\Windows\SYSWOW64\directx

======List of files/folders modified in the last 1 month======

2012-07-01 11:52:10 ----D---- C:\Windows\Temp
2012-07-01 11:52:04 ----RD---- C:\Program Files
2012-07-01 11:49:35 ----D---- C:\Windows\Prefetch
2012-07-01 11:49:18 ----RD---- C:\Program Files (x86)
2012-07-01 11:49:18 ----D---- C:\Windows\SysWOW64
2012-07-01 11:49:18 ----D---- C:\Program Files (x86)\Pale Moon
2012-07-01 11:48:42 ----D---- C:\Windows\SYSWOW64\drivers
2012-07-01 11:32:06 ----D---- C:\Users\MaofKO\AppData\Roaming\Skype
2012-07-01 11:29:48 ----D---- C:\Windows\Minidump
2012-07-01 11:29:41 ----D---- C:\Windows
2012-07-01 11:08:37 ----D---- C:\Windows\system32\config
2012-06-30 23:36:58 ----D---- C:\Windows\system32\catroot
2012-06-30 11:08:49 ----SHD---- C:\System Volume Information
2012-06-30 11:05:18 ----D---- C:\Windows\system32\DriverStore
2012-06-30 11:05:18 ----D---- C:\Windows\inf
2012-06-30 11:03:46 ----D---- C:\Program Files (x86)\Sony Ericsson
2012-06-30 09:51:09 ----D---- C:\Windows\System32
2012-06-30 09:51:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-29 19:31:05 ----D---- C:\Users\MaofKO\AppData\Roaming\AIMP3
2012-06-29 19:28:45 ----D---- C:\Windows\Tasks
2012-06-29 19:28:45 ----D---- C:\Windows\system32\Tasks
2012-06-28 19:50:14 ----D---- C:\Utility
2012-06-28 19:49:48 ----D---- C:\Program Files\Unlocker
2012-06-26 16:58:41 ----A---- C:\Users\MaofKO\AppData\Roaming\burnaware.ini
2012-06-24 15:27:13 ----D---- C:\Windows\rescache
2012-06-24 13:24:11 ----D---- C:\Users\MaofKO\AppData\Roaming\uTorrent
2012-06-24 11:06:31 ----D---- C:\Windows\winsxs
2012-06-24 11:06:07 ----D---- C:\Windows\system32\sk-SK
2012-06-24 11:06:07 ----D---- C:\Windows\system32\en-US
2012-06-24 11:06:07 ----D---- C:\Windows\system32\cs-CZ
2012-06-24 11:06:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-06-23 16:28:08 ----D---- C:\Users\MaofKO\AppData\Roaming\Mozilla
2012-06-23 11:29:51 ----D---- C:\Windows\system32\catroot2
2012-06-22 11:44:15 ----RSD---- C:\Windows\assembly
2012-06-22 11:44:15 ----D---- C:\Windows\Microsoft.NET
2012-06-22 01:12:37 ----D---- C:\Program Files\Windows Media Player
2012-06-22 01:12:33 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-06-22 01:12:33 ----D---- C:\Windows\SYSWOW64\en-US
2012-06-22 01:12:33 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-22 01:12:32 ----D---- C:\Windows\SYSWOW64\wbem
2012-06-22 01:12:32 ----D---- C:\Windows\PolicyDefinitions
2012-06-22 01:12:30 ----D---- C:\Windows\system32\wbem
2012-06-21 13:30:55 ----D---- C:\Program Files (x86)\The KMPlayer
2012-06-18 18:04:36 ----HD---- C:\ProgramData
2012-06-18 15:57:56 ----SHD---- C:\Windows\Installer
2012-06-16 14:51:24 ----D---- C:\ProgramData\Sony Ericsson
2012-06-16 14:48:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-06-15 09:48:30 ----D---- C:\Users\MaofKO\AppData\Roaming\vlc
2012-06-15 09:16:24 ----D---- C:\ProgramData\Skype
2012-06-15 09:09:56 ----SD---- C:\Users\MaofKO\AppData\Roaming\Microsoft
2012-06-13 15:54:25 ----D---- C:\Windows\system32\drivers
2012-06-13 15:54:25 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-13 15:54:24 ----D---- C:\Windows\SYSWOW64\migration
2012-06-13 15:54:24 ----D---- C:\Windows\system32\migration
2012-06-13 15:54:24 ----D---- C:\Program Files\Internet Explorer
2012-06-13 15:17:59 ----A---- C:\Windows\system32\MRT.exe
2012-06-10 18:05:48 ----D---- C:\Users\MaofKO\AppData\Roaming\Windows 7 Taskbar Color Changer
2012-06-10 17:51:53 ----D---- C:\Windows\pss
2012-06-10 17:46:26 ----D---- C:\Program Files (x86)\Sony
2012-06-10 17:44:46 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-06-10 17:43:48 ----D---- C:\Users\MaofKO\AppData\Roaming\.minecraft
2012-06-10 17:40:25 ----D---- C:\Program Files (x86)\Google
2012-06-10 12:13:56 ----D---- C:\ProgramData\NVIDIA
2012-06-09 17:53:24 ----D---- C:\Windows\system32\NDF
2012-06-07 17:21:42 ----D---- C:\Program Files\GIMP 2
2012-06-07 16:47:00 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-06-03 19:08:23 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2011-08-03 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-08-04 526392]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cnnctfy2;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy2.sys [2011-09-20 31344]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-04 270912]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-03-31 139704]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-03-31 164912]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-03-31 124760]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 cpuz135;cpuz135; \??\C:\Users\MaofKO\AppData\Local\Temp\cpuz135\cpuz135_x64.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 PAC7302;Eye 312; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2011-05-09 1038440]
R3 rtlss;Service for enabling selective suspend to RTL device; C:\Windows\System32\Drivers\rtlss.sys [2010-06-21 27240]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-08-03 1290752]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-09-09 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-09-09 27176]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SliceDisk5;SliceDisk5; \??\C:\Users\MaofKO\AppData\Local\Temp\FindAndMount\slicedisk-x64.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-04-12 147248]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-05-02 65536]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-03-31 810120]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-29 889664]
R2 Realtek11nCU;Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-31 42336]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-23 116720]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-05 1255736]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 01 črc 2012 16:40

Také zdravím!
Log vypadá OK. Otevřte adresář c:\windows\minidump a soubory, které v něm najdete zabalte do raru a přiložte k vašemu dalšímu postu.

MaofKO · #3 Příspěvek od **MaofKO** » 01 črc 2012 17:00

Nech sa páči

#4 Příspěvek od **Rudy** » 01 črc 2012 17:07

Proveďte test paměti RAM: http://forum.viry.cz/viewtopic.php?f=53&t=106788 .

MaofKO · #5 Příspěvek od **MaofKO** » 02 črc 2012 04:09

Test prebehol 9x bez chyby. Robil som to so starším memtestom, v. 2.86.

#6 Příspěvek od **Rudy** » 02 črc 2012 17:47

Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ . Přes Úpravy>kopírovat sem dejte log.

MaofKO · #7 Příspěvek od **MaofKO** » 02 črc 2012 20:27

tento program celkom často používam....

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/07/02 21:26:22

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- SONY CD-RW CRX320E ATA Device
- Optiarc DVD RW AD-5170A ATA Device
- ATA Channel 1 (1) [ATA]
+ Standard Dual Channel PCI IDE Controller [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Standard Dual Channel PCI IDE Controller [ATA]
+ ATA Channel 0 (0)
- WDC WD6400AARS-00Y5B1 ATA Device
- ATA Channel 1 (1)
- A5ZYYYLI IDE Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD6400AARS-00Y5B1 : 640,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD6400AARS-00Y5B1
----------------------------------------------------------------------------
Model : WDC WD6400AARS-00Y5B1
Firmware : 80.00A80
Serial Number : WD-WCAV59514010
Disk Size : 640,1 GB (8,4/137,4/640,1)
Buffer Size : Unknown
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 8023 hours
Power On Count : 1141 count
Temparature : 40 C (104 F)
Health Status : Good
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 127 117 _21 0000000019F1 Spin-Up Time
04 _99 _99 __0 0000000004B6 Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 __0 000000000000 Seek Error Rate
09 _90 _90 __0 000000001F57 Power-On Hours
0A 100 100 __0 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _99 _99 __0 000000000475 Power Cycle Count
C0 200 200 __0 00000000005E Power-off Retract Count
C1 168 168 __0 000000017D97 Load/Unload Cycle Count
C2 107 _95 __0 000000000028 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 200 200 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000001 UltraDMA CRC Error Count
C8 200 200 __0 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 3539 3539 3531 3430 3130
020: 0000 0000 0032 3830 2E30 3830 3830 5744 4320 5744
030: 3634 3030 4141 5253 2D30 3542 3542 3120 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 BC41 BC41 4123 407F 0043
090: 0043 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5001 4EE2
110: AEE1 8CD1 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16CE 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 3031 3031 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 47A5

#8 Příspěvek od **Rudy** » 02 črc 2012 20:29

Disk je rovněž OK. Poprosím o log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

MaofKO · #9 Příspěvek od **MaofKO** » 03 črc 2012 20:12

ComboFix 12-07-02.01 - MaofKO . 07. 2012 20:58:24.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.4094.2484 [GMT 2:00]
Running from: c:\users\MaofKO\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\MaofKO\AppData\Local\Temp\salexten.dll
c:\users\MaofKO\AppData\Local\Temp\sfamcc00001.dll
c:\users\MaofKO\AppData\Local\Temp\sfareca00001.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2012-06-03 to 2012-07-03 )))))))))))))))))))))))))))))))
.
.
2012-07-03 19:03 . 2012-07-03 19:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-03 19:03 . 2012-07-03 19:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-03 19:03 . 2012-07-03 19:03 -------- d-----w- c:\users\Mama\AppData\Local\temp
2012-07-03 19:03 . 2012-07-03 19:03 -------- d-----w- c:\users\Fredy\AppData\Local\temp
2012-07-02 19:26 . 2012-07-02 19:26 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-07-01 09:52 . 2012-07-01 09:52 -------- d-----w- C:\rsit
2012-07-01 09:52 . 2012-07-01 09:52 -------- d-----w- c:\program files\trend micro
2012-07-01 09:49 . 2012-07-03 18:29 -------- d-----w- c:\program files (x86)\SpeedFan
2012-06-24 11:24 . 2012-06-24 11:24 -------- d-----w- c:\users\MaofKO\AppData\Roaming\Renoise
2012-06-24 11:24 . 2010-03-31 11:17 368640 ----a-w- c:\windows\SysWow64\ReWire.DLL
2012-06-24 11:24 . 2012-06-24 11:24 -------- d-----w- c:\program files (x86)\Renoise 2.5.1
2012-06-23 09:29 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-23 09:29 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-23 09:29 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-23 09:29 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-23 09:28 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-23 09:28 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-23 09:28 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-23 09:28 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-23 09:28 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-20 11:26 . 2012-06-20 11:26 -------- d-----w- c:\users\MaofKO\AppData\Roaming\OpenMPT
2012-06-19 19:35 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92D6CD7C-74F8-4634-ABB9-9696AA971CC4}\mpengine.dll
2012-06-19 14:35 . 2012-06-29 16:53 -------- d-----w- c:\users\Mama\AppData\Local\CrashDumps
2012-06-19 10:36 . 2012-06-29 17:28 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-18 15:13 . 2012-06-18 15:13 -------- d-----w- c:\users\MaofKO\dwhelper
2012-06-18 14:53 . 2012-06-18 14:53 -------- d-----w- C:\SpybotPortable
2012-06-15 15:14 . 2012-06-15 15:14 -------- d-----w- c:\users\Fredy\AppData\Local\Macromedia
2012-06-15 07:09 . 2012-06-15 07:09 -------- d-----w- c:\users\MaofKO\AppData\Local\Macromedia
2012-06-14 18:47 . 2012-06-14 18:47 -------- d-----w- c:\users\Mama\AppData\Local\Macromedia
2012-06-14 10:53 . 2012-06-29 18:19 -------- d-----w- c:\users\Mama\Zlatá na čiernej
2012-06-13 13:11 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-13 13:11 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 13:10 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 13:10 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 13:10 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 13:10 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 13:10 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 13:09 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 13:09 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 13:09 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 13:09 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-13 13:09 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-13 13:09 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-13 13:09 . 2012-04-28 05:32 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-06-13 13:09 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 13:09 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 13:08 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-13 13:08 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-13 07:30 . 2012-06-13 07:30 -------- d-----w- c:\users\Mama\Tranzit Venuše
2012-06-10 17:43 . 2012-06-10 17:43 -------- d-----w- c:\users\MaofKO\AppData\Local\Blizzard Entertainment
2012-06-10 16:54 . 2012-06-10 17:43 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-06-09 21:23 . 2012-06-09 21:23 -------- d-----w- c:\users\MaofKO\.phet
2012-06-09 21:22 . 2012-06-09 21:23 -------- d-----w- c:\users\MaofKO\AppData\Roaming\PgcEdit
2012-06-09 11:45 . 2012-06-09 11:46 -------- d-----w- c:\users\Fredy\AppData\Local\ElevatedDiagnostics
2012-06-08 16:32 . 2012-06-08 16:37 -------- d-----w- c:\users\Fredy\AppData\Local\CrashDumps
2012-06-07 17:49 . 2012-06-07 17:49 -------- d-----w- c:\users\Fredy\AppData\Local\Somewhere1
2012-06-06 17:59 . 2012-06-06 17:59 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-06 17:59 . 2012-06-06 17:59 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-05 19:12 . 2012-06-28 17:49 -------- d--h--w- c:\programdata\BPK
2012-06-05 19:10 . 2012-06-05 19:10 -------- d-----w- c:\users\MaofKO\AppData\Local\ESET
2012-06-05 19:03 . 2012-06-05 19:03 -------- d-----w- c:\users\MaofKO\AppData\Local\Somewhere1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-29 20:18 . 2011-10-09 12:02 303216 ----a-w- c:\windows\UTP.exe
2012-05-25 19:40 . 2012-05-25 19:40 61440 ----a-w- c:\windows\diabunin.exe
2012-05-20 15:13 . 2012-05-20 15:13 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-05-05 08:17 . 2012-04-11 14:17 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-12 16:12 . 2012-04-12 16:12 147248 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-04-12 16:12 . 2012-04-29 11:58 224048 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-04-12 16:12 . 2012-04-29 11:58 130864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2006-05-03 11:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 12:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 14:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
2010-01-06 23:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2011-08-05 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2011-08-05 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"7 Taskbar Tweaker"="c:\utility\7 Taskbar Tweaker\7 Taskbar Tweaker.exe" [2011-09-30 139264]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Connectify"="c:\program files (x86)\Connectify\Connectify.exe" [2012-05-02 4116296]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-08-03 2770432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-09-09 13352]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-23 116720]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
R3 SliceDisk5;SliceDisk5;c:\users\MaofKO\AppData\Local\Temp\FindAndMount\slicedisk-x64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-04-12 147248]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-05 1255736]
R4 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2011-09-20 31344]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-04 270912]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-03-31 139704]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2012-05-02 65536]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-03-31 164912]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-03-31 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-03-31 124760]
S2 Realtek11nCU;Realtek11nCU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys [2011-05-09 1038440]
S3 rtlss;Service for enabling selective suspend to RTL device;c:\windows\system32\Drivers\rtlss.sys [2010-06-21 27240]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-08-03 1290752]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-03-31 2840352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 217.144.16.18 217.144.16.196
TCP: Interfaces\{8D59F840-5F74-4440-BA53-52283D888E2B}: NameServer = 192.168.107.1
.
.
------- File Associations -------
.
txtfile=c:\windows\NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-NPSStartup - (no file)
AddRemove-7 Taskbar Tweaker - c:\users\MaofKO\Desktop\7 Taskbar Tweaker\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\ProgramData\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000405
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{B0F4BF2C-FAC6-4D8A-B244-8409E24DE2BE}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.2.42.1"
"UniqueId"="0002E9F04E46B27D"
"ScannerBuild"=dword:00001abe
"ScannerVersionId"=dword:0000137b
"ScannerVersion"="Open window for status."
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Connectify\ConnectifyD.exe
c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
c:\program files (x86)\Connectify\ConnectifyNetServices.exe
.
**************************************************************************
.
Completion time: 2012-07-03 21:11:11 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-03 19:11
.
Pre-Run: 38 804 176 896 bytes free
Post-Run: 40 000 491 520 bytes free
.
- - End Of File - - 612B584E7A0E5D5AF22378F240F43E74

#10 Příspěvek od **Rudy** » 03 črc 2012 20:49

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

FCopy::
c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll | c:\windows\system32\user32.dll
c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll | c:\windows\SysWOW64\user32.dll

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pustte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

MaofKO · #11 Příspěvek od **MaofKO** » 04 črc 2012 15:09

hotovo, tu je nový log

ComboFix 12-07-02.01 - MaofKO . 07. 2012 15:17:11.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.4094.2315 [GMT 2:00]
Running from: c:\users\MaofKO\Desktop\ComboFix.exe
Command switches used :: c:\users\MaofKO\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll --> c:\windows\system32\user32.dll
c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll --> c:\windows\SysWOW64\user32.dll
.
((((((((((((((((((((((((( Files Created from 2012-06-04 to 2012-07-04 )))))))))))))))))))))))))))))))
.
.
2012-07-04 13:41 . 2012-07-04 13:41 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-04 13:41 . 2012-07-04 13:41 -------- d-----w- c:\users\Mama\AppData\Local\temp
2012-07-04 13:41 . 2012-07-04 13:41 -------- d-----w- c:\users\Fredy\AppData\Local\temp
2012-07-04 13:41 . 2012-07-04 13:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-03 21:05 . 2012-07-03 21:13 -------- d-----w- c:\users\Fredy\AppData\Roaming\vlc
2012-07-02 19:26 . 2012-07-02 19:26 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-07-01 09:52 . 2012-07-01 09:52 -------- d-----w- C:\rsit
2012-07-01 09:52 . 2012-07-01 09:52 -------- d-----w- c:\program files\trend micro
2012-07-01 09:49 . 2012-07-03 18:29 -------- d-----w- c:\program files (x86)\SpeedFan
2012-06-24 11:24 . 2012-06-24 11:24 -------- d-----w- c:\users\MaofKO\AppData\Roaming\Renoise
2012-06-24 11:24 . 2010-03-31 11:17 368640 ----a-w- c:\windows\SysWow64\ReWire.DLL
2012-06-24 11:24 . 2012-06-24 11:24 -------- d-----w- c:\program files (x86)\Renoise 2.5.1
2012-06-23 09:29 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-23 09:29 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-23 09:29 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-23 09:29 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-23 09:28 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-23 09:28 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-23 09:28 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-23 09:28 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-23 09:28 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-20 11:26 . 2012-06-20 11:26 -------- d-----w- c:\users\MaofKO\AppData\Roaming\OpenMPT
2012-06-19 19:35 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92D6CD7C-74F8-4634-ABB9-9696AA971CC4}\mpengine.dll
2012-06-19 14:35 . 2012-06-29 16:53 -------- d-----w- c:\users\Mama\AppData\Local\CrashDumps
2012-06-19 10:36 . 2012-06-29 17:28 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-18 15:13 . 2012-06-18 15:13 -------- d-----w- c:\users\MaofKO\dwhelper
2012-06-18 14:53 . 2012-06-18 14:53 -------- d-----w- C:\SpybotPortable
2012-06-15 15:14 . 2012-06-15 15:14 -------- d-----w- c:\users\Fredy\AppData\Local\Macromedia
2012-06-15 07:09 . 2012-06-15 07:09 -------- d-----w- c:\users\MaofKO\AppData\Local\Macromedia
2012-06-14 18:47 . 2012-06-14 18:47 -------- d-----w- c:\users\Mama\AppData\Local\Macromedia
2012-06-14 10:53 . 2012-06-29 18:19 -------- d-----w- c:\users\Mama\Zlatá na čiernej
2012-06-13 13:11 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-13 13:11 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 13:10 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 13:10 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 13:10 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 13:10 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 13:10 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 13:09 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 13:09 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 13:09 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 13:09 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-13 13:09 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-13 13:09 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-13 13:09 . 2012-04-28 05:32 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-06-13 13:09 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 13:09 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 13:08 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-13 13:08 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-13 07:30 . 2012-06-13 07:30 -------- d-----w- c:\users\Mama\Tranzit Venuše
2012-06-10 17:43 . 2012-06-10 17:43 -------- d-----w- c:\users\MaofKO\AppData\Local\Blizzard Entertainment
2012-06-10 16:54 . 2012-06-10 17:43 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-06-09 21:23 . 2012-06-09 21:23 -------- d-----w- c:\users\MaofKO\.phet
2012-06-09 21:22 . 2012-06-09 21:23 -------- d-----w- c:\users\MaofKO\AppData\Roaming\PgcEdit
2012-06-09 11:45 . 2012-06-09 11:46 -------- d-----w- c:\users\Fredy\AppData\Local\ElevatedDiagnostics
2012-06-08 16:32 . 2012-06-08 16:37 -------- d-----w- c:\users\Fredy\AppData\Local\CrashDumps
2012-06-07 17:49 . 2012-06-07 17:49 -------- d-----w- c:\users\Fredy\AppData\Local\Somewhere1
2012-06-06 17:59 . 2012-06-06 17:59 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-06 17:59 . 2012-06-06 17:59 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-05 19:12 . 2012-06-28 17:49 -------- d--h--w- c:\programdata\BPK
2012-06-05 19:10 . 2012-06-05 19:10 -------- d-----w- c:\users\MaofKO\AppData\Local\ESET
2012-06-05 19:03 . 2012-06-05 19:03 -------- d-----w- c:\users\MaofKO\AppData\Local\Somewhere1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-29 20:18 . 2011-10-09 12:02 303216 ----a-w- c:\windows\UTP.exe
2012-05-25 19:40 . 2012-05-25 19:40 61440 ----a-w- c:\windows\diabunin.exe
2012-05-20 15:13 . 2012-05-20 15:13 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-05-05 08:17 . 2012-04-11 14:17 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-12 16:12 . 2012-04-12 16:12 147248 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-04-12 16:12 . 2012-04-29 11:58 224048 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-04-12 16:12 . 2012-04-29 11:58 130864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2006-05-03 11:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 12:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 14:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
2010-01-06 23:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-03_19.06.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-07-03 19:06 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-04 13:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-03 19:06 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-04 13:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-03 19:06 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-04 13:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2012-07-04 09:11 42078 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-08-07 17:19 . 2012-06-27 10:24 9414 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2856129553-64267487-902677565-1003_UserData.bin
+ 2011-08-07 17:19 . 2012-07-04 09:11 9414 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2856129553-64267487-902677565-1003_UserData.bin
- 2012-07-03 19:05 . 2012-07-03 19:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-04 09:02 . 2012-07-04 09:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-03 19:05 . 2012-07-03 19:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-04 09:02 . 2012-07-04 09:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-07-03 19:04 228720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-03 21:13 228720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-08-03 20:56 . 2012-07-02 20:54 22264844 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2856129553-64267487-902677565-1004-12288.dat
+ 2011-08-03 20:56 . 2012-07-03 21:13 22264844 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2856129553-64267487-902677565-1004-12288.dat
+ 2011-08-03 20:56 . 2012-07-03 21:13 66012832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2856129553-64267487-902677565-1001-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"7 Taskbar Tweaker"="c:\utility\7 Taskbar Tweaker\7 Taskbar Tweaker.exe" [2011-09-30 139264]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Connectify"="c:\program files (x86)\Connectify\Connectify.exe" [2012-07-01 3982696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-08-03 2770432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-09-09 13352]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-23 116720]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
R3 SliceDisk5;SliceDisk5;c:\users\MaofKO\AppData\Local\Temp\FindAndMount\slicedisk-x64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-04-12 147248]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-05 1255736]
R4 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2011-09-20 31344]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-04 270912]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-03-31 139704]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2012-07-01 65536]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-03-31 164912]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-03-31 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-03-31 124760]
S2 Realtek11nCU;Realtek11nCU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys [2011-05-09 1038440]
S3 rtlss;Service for enabling selective suspend to RTL device;c:\windows\system32\Drivers\rtlss.sys [2010-06-21 27240]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-08-03 1290752]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-03-31 2840352]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 217.144.16.18 217.144.16.196
TCP: Interfaces\{8D59F840-5F74-4440-BA53-52283D888E2B}: NameServer = 192.168.107.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\ProgramData\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000405
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{B0F4BF2C-FAC6-4D8A-B244-8409E24DE2BE}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.2.42.1"
"UniqueId"="0002E9F04E46B27D"
"ScannerBuild"=dword:00001abe
"ScannerVersionId"=dword:0000137b
"ScannerVersion"="Open window for status."
.
Completion time: 2012-07-04 15:43:41
ComboFix-quarantined-files.txt 2012-07-04 13:43
ComboFix2.txt 2012-07-03 19:11
.
Pre-Run: 39 325 286 400 bytes free
Post-Run: 39 012 225 024 bytes free
.
- - End Of File - - D0CA7EE5CD81EA42388E02F205FB4866

#12 Příspěvek od **Rudy** » 04 črc 2012 17:59

Log již vypadá OK. Nastala nějaká změna?

MaofKO · #13 Příspěvek od **MaofKO** » 04 črc 2012 18:46

Prestalo to robiť, už keď som zrušil to pretaktovanie ešte na začiatku, ako som sem vôbec napísal, ale či to spôsobovalo práve to, netuším. Mal som použitý v biose nejaký automatický a bezpečný profil, ktorý zvýšil výkon o 10%, a takto mi to bez problému išlo vyše roka. Takisto som prešiel namiesto Firefoxu na Palemoon (prehliadač odvodený od Firefoxu). Takže neviem, čo z toho všetkého pomohlo. Každopádne mi to teraz neurobilo už 3 dni, inak predtým to spravilo aj každú hodinu. Skúsim sa vrátiť na Firefox, a ak to nebude robiť, potom to skúsim znovu pretaktovať. Každopádne vďaka za pomoc, sám nemám na konotrlu logov, toľko času a znalostí, ako by som chcel, a viac hláv toho predsalen viac vymyslí

Keby to náhodou začalo ešte robiť, tak to sem pripíšem.

#14 Příspěvek od **Rudy** » 04 črc 2012 19:02

Přetaktování může způsobovat BSOD. Ne každou komponentu (zejména ty neznačkové) lze přetaktovat bez nebezpečí pádu systému.

VIRY.CZ

niečo mi spôsobuje BSOD

niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD

Re: niečo mi spôsobuje BSOD